From 75b863ec5845a6545ce7d8253b81da763e9a26b0 Mon Sep 17 00:00:00 2001 From: Mahammed Taheer Date: Thu, 7 Dec 2023 20:10:51 +0530 Subject: [PATCH] [ES-529] changed the acr value of password to pwd. Signed-off-by: Mahammed Taheer --- .../common/service/filter/IdAuthFilter.java | 27 ++++++++++++------- .../common/service/helper/IdInfoHelper.java | 2 +- .../service/impl/match/PasswordMatchType.java | 2 +- .../core/spi/indauth/match/MatchType.java | 2 +- 4 files changed, 21 insertions(+), 12 deletions(-) diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/IdAuthFilter.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/IdAuthFilter.java index 2dd03849495..e9a162fac2c 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/IdAuthFilter.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/IdAuthFilter.java @@ -869,11 +869,11 @@ protected void checkAllowedAuthTypeForPassword(Map requestBody, KycAuthRequestDTO authRequestDTO = mapper.readValue(mapper.writeValueAsBytes(requestBody), KycAuthRequestDTO.class); - if (AuthTypeUtil.isPassword(authRequestDTO) && !isAllowedAuthType(MatchType.Category.PASSWORD.getType(), authPolicies)) { - throw new IdAuthenticationAppException( - IdAuthenticationErrorConstants.AUTHTYPE_NOT_ALLOWED.getErrorCode(), - String.format(IdAuthenticationErrorConstants.AUTHTYPE_NOT_ALLOWED.getErrorMessage(), - MatchType.Category.PASSWORD.name())); + if (AuthTypeUtil.isPassword(authRequestDTO) && !isAllowedAuthType(MatchType.Category.PWD.getType(), authPolicies)) { + throw new IdAuthenticationAppException( + IdAuthenticationErrorConstants.AUTHTYPE_NOT_ALLOWED.getErrorCode(), + String.format(IdAuthenticationErrorConstants.AUTHTYPE_NOT_ALLOWED.getErrorMessage(), + MatchType.Category.PWD.name())); } } @@ -1058,16 +1058,25 @@ private void checkAllowedAMRBasedOnClientConfig(Map requestBody, if (AuthTypeUtil.isPin(authRequestDTO) && !allowedAMRs.contains(MatchType.Category.SPIN.getType())) { throw new IdAuthenticationAppException( - IdAuthenticationErrorConstants.AUTHTYPE_NOT_ALLOWED.getErrorCode(), - String.format(IdAuthenticationErrorConstants.AUTHTYPE_NOT_ALLOWED.getErrorMessage(), + IdAuthenticationErrorConstants.OIDC_CLIENT_AUTHTYPE_NOT_ALLOWED.getErrorCode(), + String.format(IdAuthenticationErrorConstants.OIDC_CLIENT_AUTHTYPE_NOT_ALLOWED.getErrorMessage(), MatchType.Category.SPIN.name())); } if (AuthTypeUtil.isOtp(authRequestDTO) && !allowedAMRs.contains(MatchType.Category.OTP.getType())) { throw new IdAuthenticationAppException( - IdAuthenticationErrorConstants.AUTHTYPE_NOT_ALLOWED.getErrorCode(), - String.format(IdAuthenticationErrorConstants.AUTHTYPE_NOT_ALLOWED.getErrorMessage(), + IdAuthenticationErrorConstants.OIDC_CLIENT_AUTHTYPE_NOT_ALLOWED.getErrorCode(), + String.format(IdAuthenticationErrorConstants.OIDC_CLIENT_AUTHTYPE_NOT_ALLOWED.getErrorMessage(), MatchType.Category.OTP.name())); } + + KycAuthRequestDTO kycAuthRequestDTO = mapper.readValue(mapper.writeValueAsBytes(requestBody), + KycAuthRequestDTO.class); + if (AuthTypeUtil.isPassword(kycAuthRequestDTO) && !allowedAMRs.contains(MatchType.Category.PWD.getType())) { + throw new IdAuthenticationAppException( + IdAuthenticationErrorConstants.OIDC_CLIENT_AUTHTYPE_NOT_ALLOWED.getErrorCode(), + String.format(IdAuthenticationErrorConstants.OIDC_CLIENT_AUTHTYPE_NOT_ALLOWED.getErrorMessage(), + MatchType.Category.PWD.name())); + } checkAllowedAMRForKBT(requestBody, allowedAMRs); } } catch (IOException e) { diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/helper/IdInfoHelper.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/helper/IdInfoHelper.java index bd19c5cf457..21fdcda6afa 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/helper/IdInfoHelper.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/helper/IdInfoHelper.java @@ -536,7 +536,7 @@ private Map getEntityInfo(Map> idE String.format(IdAuthenticationErrorConstants.KEY_BINDING_MISSING.getErrorMessage(), input.getAuthType().getType())); - case PASSWORD: + case PWD: throw new IdAuthenticationBusinessException( IdAuthenticationErrorConstants.PASSWORD_MISSING.getErrorCode(), String.format(IdAuthenticationErrorConstants.PASSWORD_MISSING.getErrorMessage(), diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/PasswordMatchType.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/PasswordMatchType.java index 2e3eec2c1d2..6eee7370204 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/PasswordMatchType.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/PasswordMatchType.java @@ -24,7 +24,7 @@ public enum PasswordMatchType implements MatchType { /** Primary password Match Type. */ - PASSWORD(IdaIdMapping.PASSWORD, Category.PASSWORD, setOf(PasswordMatchingStrategy.EXACT), authReq -> { + PASSWORD(IdaIdMapping.PASSWORD, Category.PWD, setOf(PasswordMatchingStrategy.EXACT), authReq -> { KycAuthRequestDTO kycAuthRequestDTO = (KycAuthRequestDTO)authReq; return (Objects.nonNull(kycAuthRequestDTO.getRequest()) && Objects.nonNull(kycAuthRequestDTO.getRequest().getPassword()))? kycAuthRequestDTO.getRequest().getPassword() : ""; diff --git a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/MatchType.java b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/MatchType.java index 6feaccc5d3c..1965b389880 100644 --- a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/MatchType.java +++ b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/MatchType.java @@ -44,7 +44,7 @@ public enum Category { /** Token category */ KBT("kbt"), /** Password category */ - PASSWORD("password"); + PWD("pwd"); /** The type. */ String type;