Add locale attribute validation for SCIM Patch

wso2 · Nov 17, 2024 · 396e4dd · 396e4dd
1 parent 97186a0
commit 396e4dd
Showing 1 changed file with 54 additions and 0 deletions.
diff --git a/...charon-core/src/main/java/org/wso2/charon3/core/protocol/endpoints/MeResourceManager.java b/...charon-core/src/main/java/org/wso2/charon3/core/protocol/endpoints/MeResourceManager.java
@@ -16,6 +16,7 @@
 
 package org.wso2.charon3.core.protocol.endpoints;
 
+import org.json.JSONObject;
 import org.wso2.charon3.core.encoder.JSONDecoder;
 import org.wso2.charon3.core.encoder.JSONEncoder;
 import org.wso2.charon3.core.exceptions.BadRequestException;
@@ -40,6 +41,7 @@
 
 import java.util.HashMap;
 import java.util.List;
+import java.util.Locale;
 import java.util.Map;
 
 /**
@@ -347,6 +349,24 @@ public SCIMResponse updateWithPATCH(String existingId, String scimObjectString,
                         copyOfOldUser = (User) CopyUtil.deepCopy(newUser);
                     }
                 } else if (operation.getOperation().equals(SCIMConstants.OperationalConstants.REPLACE)) {
+
+                    // Convert the object to a JSON string if needed
+                    String jsonString = operation.getValues().toString();
+
+                    // Parse the JSON string using JSONObject
+                    JSONObject jsonObject = new JSONObject(jsonString);
+
+                    // Check if the "locale" key exists
+                    if (jsonObject.has("locale")) {
+                        String locale = jsonObject.getString("locale");
+                        System.out.println("Locale: " + locale);
+
+                        // Perform validation
+                        if (!isValidLocale(locale)) {
+                            throw new BadRequestException("Invalid locale value: ", ResponseCodeConstants.INVALID_SYNTAX);
+                        }
+                    }
+
                     if (newUser == null) {
                         newUser = (User) PatchOperationUtil.doPatchReplace
                                 (operation, getDecoder(), oldUser, copyOfOldUser, schema);
@@ -409,6 +429,40 @@ public SCIMResponse updateWithPATCH(String existingId, String scimObjectString,
         }
     }
 
+    public static boolean isValidLocale(String localeStr) {
+        if (localeStr == null || localeStr.isEmpty()) {
+            return false;
+        }
+
+        // Split the locale string into parts (language and country)
+        String[] parts = localeStr.split("[-_]");
+        if (parts.length != 2) {
+            return false; // Must have exactly two parts: language and country
+        }
+
+        String language = parts[0];
+        String country = parts[1];
+
+        // Validate language code: must be 2 lowercase letters
+        if (!language.matches("^[a-z]{2}$")) {
+            return false;
+        }
+
+        // Validate country code: must be 2 uppercase letters
+        if (!country.matches("^[A-Z]{2}$")) {
+            return false;
+        }
+
+        // Check if the locale is available in the system
+        for (Locale availableLocale : Locale.getAvailableLocales()) {
+            if (availableLocale.getLanguage().equals(language) &&
+                    availableLocale.getCountry().equals(country)) {
+                return true;
+            }
+        }
+
+        return false; // If no matching locale is found
+    }
 
     public String getUserName(String scimObjectString) throws CharonException {