From 4cfa579d9bcaa4bf78c3d2088986a9b0309220d2 Mon Sep 17 00:00:00 2001 From: Gk <76690271+gk-4VII@users.noreply.github.com> Date: Fri, 17 Jan 2025 14:11:09 +0530 Subject: [PATCH 1/5] [ES-1667] Updated the error message in the i18n. (#939) (#1114) Signed-off-by: GurukiranP --- oidc-ui/public/locales/ar.json | 18 +++++++++--------- oidc-ui/public/locales/en.json | 10 +++++----- oidc-ui/public/locales/hi.json | 18 +++++++++--------- oidc-ui/public/locales/km.json | 18 +++++++++--------- oidc-ui/public/locales/kn.json | 18 +++++++++--------- oidc-ui/public/locales/ta.json | 18 +++++++++--------- 6 files changed, 50 insertions(+), 50 deletions(-) diff --git a/oidc-ui/public/locales/ar.json b/oidc-ui/public/locales/ar.json index bc01fa87c..f1c2fda2e 100644 --- a/oidc-ui/public/locales/ar.json +++ b/oidc-ui/public/locales/ar.json @@ -1,6 +1,6 @@ { "consent": { - "authorization_failed_msg": "فشل التفويض", + "authorization_failed_msg": "غير قادر على التفويض. يرجى التحقق من التفاصيل والمحاولة مرة أخرى.", "consent_request_rejected": "تم رفض طلب الموافقة", "consent_request_msg": "{{clientName}} يطلب الوصول إلى ما يلي: ", "transaction_timeout_msg": "يرجى اتخاذ الإجراء المناسب في", @@ -245,7 +245,7 @@ "invalid_fullName": "الرجاء إدخال اسم صالح.", "invalid_dob": "الرجاء إدخال تاريخ ميلاد صالح.", "navigate_option": "يرجى محاولة التنقل باستخدام الخيارات أدناه.", - "page_not_exist": "أُووبس! ", + "page_not_exist": "أُووبس! الصفحة التي تبحث عنها غير موجودة.", "something_went_wrong": "حدث خطأ ما!", "experts_working": "ويعمل فريقنا على حل المشكلة.", "username_not_valid": "الرجاء إدخال اسم مستخدم صالح.", @@ -262,7 +262,7 @@ "parsing_error_msg": "غير قادر على المعالجة. ", "unauthorized_access": "تم الرفض. ", "Network Error": "حدث خطأ في الشبكة. ", - "invalid_request": "طلب غير صالح", + "invalid_request": "الطلب غير صالح. يرجى المحاولة مرة أخرى.", "invalid_client_id": "معرف العميل غير صالح. ", "invalid_client_name": "اسم العميل غير صالح", "invalid_uri": "لم يتم العثور على عنوان URL. ", @@ -270,9 +270,9 @@ "invalid_response_type": "نوع الاستجابة غير مدعوم. ", "invalid_grant_type": "نوع منح التفويض غير مدعوم من قبل الخادم. ", "invalid_scope": "النطاق المطلوب غير مدعوم. ", - "invalid_redirect_uri": "أُووبس! ", - "invalid_display": "عرض غير صالح/غير مدعوم", - "invalid_prompt": "موجه واجهة المستخدم غير صالح/غير مدعوم", + "invalid_redirect_uri": "أُووبس! يبدو أن هناك مشكلة في عنوان URL. يرجى المحاولة مرة أخرى.", + "invalid_display": "العرض المطلوب غير مدعوم. يرجى المحاولة مرة أخرى.", + "invalid_prompt": "طلب واجهة المستخدم غير مدعوم. يرجى المحاولة مرة أخرى.", "invalid_assertion_type": "نوع تأكيد العميل غير صالح أو غير مدعوم. ", "invalid_client_auth": "نوع مصادقة العميل غير صالح أو غير مدعوم. ", "invalid_transaction": "انتهت صلاحية الصفقة. ", @@ -395,7 +395,7 @@ "IDA-MPA-001": "فشل التحقق من التوقيع الرقمي. ", "IDA-MPA-002": "شهادة غير صالحة في التوقيع الرقمي.", "IDA-MPA-003": "غير قادر على فك تشفير الطلب.", - "IDA-MLC-009": "معلمة الإدخال غير صالحة", + "IDA-MLC-009": "الرجاء إدخال إدخال صالح.", "IDA-MLC-008": "لم يتم تحديد نوع المصادقة", "IDA-MLC-010": "تم إلغاء تنشيط VID. ", "IDA-MLC-011": "غير قادر على المصادقة لأن نوع المصادقة غير مدعوم.", @@ -436,8 +436,8 @@ "IDA-RST-003": "نوع الإرجاع فارغ", "IDA-RST-004": "اسم خدمة الراحة فارغ أو غير صالح", "IDA-RST-005": "المهلة غير صالحة", - "IDA-RST-006": "أُووبس! ", - "IDA-RST-007": "أُووبس! ", + "IDA-RST-006": "أُووبس! حدث خطأ من جانب العميل. يرجى التحقق والمحاولة مرة أخرى.", + "IDA-RST-007": "أُووبس! حدث خطأ من جانب الخادم، يرجى التحقق والمحاولة مرة أخرى.", "IDA-RST-008": "استغرق الطلب وقتًا طويلاً جدًا للمعالجة. ", "IDA-KBT-001": "لم يتم العثور على الشهادة المقيدة", "IDA-KBT-002": "الرمز المميز المُوقع الصادر في (iat) ليس ضمن النطاق الزمني المسموح به.", diff --git a/oidc-ui/public/locales/en.json b/oidc-ui/public/locales/en.json index acb461914..08a5cf61d 100644 --- a/oidc-ui/public/locales/en.json +++ b/oidc-ui/public/locales/en.json @@ -1,6 +1,6 @@ { "consent": { - "authorization_failed_msg": "Authorization Failed", + "authorization_failed_msg": "Unable to authorize. Please check details & try again.", "consent_request_rejected": "Consent Request Rejected", "consent_request_msg": "{{clientName}} is requesting access to the following: ", "transaction_timeout_msg": "Please take appropriate action in", @@ -251,7 +251,7 @@ "parsing_error_msg": "Unable to process. Please try again.", "unauthorized_access": "Access denied. Please check your credentials and try again.", "Network Error": "A network error occurred. Please check your connection and try again.", - "invalid_request": "Invalid Request", + "invalid_request": "Request is invalid. Please try again.", "invalid_client_id": "Client ID is invalid. Please try again.", "invalid_client_name": "Invalid Client Name", "invalid_uri": "URL not found. Please try again.", @@ -260,8 +260,8 @@ "invalid_grant_type": "The authorization grant type is not supported by the server. Please try again.", "invalid_scope": "The requested scope is not supported. Please try again.", "invalid_redirect_uri": "Oops! It looks like there’s an issue with the URL. Please try again.", - "invalid_display": "Invalid/Unsupported Display", - "invalid_prompt": "Invalid/Unsupported UI Prompt", + "invalid_display": "The requested display is not supported. Please try again.", + "invalid_prompt": "The request UI prompt is not supported. Please try again.", "invalid_assertion_type": "The client assertion type is invalid or not supported. Please try again.", "invalid_client_auth": "The client authentication type is invalid or not supported. Please try again.", "invalid_transaction": "The transaction has expired. Please try again.", @@ -395,7 +395,7 @@ "IDA-MPA-001": "Digital signature verification failed. Please try again.", "IDA-MPA-002": "Invalid certificate in digital signature.", "IDA-MPA-003": "Unable to decrypt Request.", - "IDA-MLC-009": "Invalid Input parameter", + "IDA-MLC-009": "Please enter a valid input.", "IDA-MLC-008": "No authentication type selected", "IDA-MLC-010": "The VID has been deactivated. Please check the VID or contact support for assistance.", "IDA-MLC-011": "Unable to authenticate as authentication type is not supported.", diff --git a/oidc-ui/public/locales/hi.json b/oidc-ui/public/locales/hi.json index 56e4f401a..f35221b73 100644 --- a/oidc-ui/public/locales/hi.json +++ b/oidc-ui/public/locales/hi.json @@ -1,6 +1,6 @@ { "consent": { - "authorization_failed_msg": "प्रमाणीकरण विफल", + "authorization_failed_msg": "अधिकृत करने में असमर्थ. कृपया विवरण जांचें और पुनः प्रयास करें।", "consent_request_rejected": "सहमति अनुरोध अस्वीकृत", "consent_request_msg": "{{clientName}} निम्नलिखित तक पहुंच का अनुरोध कर रहा है: ", "transaction_timeout_msg": "कृपया उचित कार्यवाही करें", @@ -245,7 +245,7 @@ "invalid_fullName": "कृपया वैध नाम दर्ज करें.", "invalid_dob": "कृपया वैध जन्मतिथि दर्ज करें।", "navigate_option": "कृपया नीचे दिए गए विकल्पों का उपयोग करके नेविगेट करने का प्रयास करें।", - "page_not_exist": "उफ़! ", + "page_not_exist": "उफ़! आप जिस पृष्ठ की तलाश कर रहे हैं वह मौजूद नहीं है।", "something_went_wrong": "कुछ गलत हो गया!", "experts_working": "हमारी टीम इस मुद्दे को सुलझाने के लिए काम कर रही है।", "username_not_valid": "कृपया मान्य उपयोगकर्ता नाम दर्ज करें।", @@ -262,7 +262,7 @@ "parsing_error_msg": "प्रोसेस करने में असमर्थ. ", "unauthorized_access": "पहुंच अस्वीकृत। ", "Network Error": "एक नेटवर्क त्रुटि उत्पन्न हुई. ", - "invalid_request": "अमान्य अनुरोध", + "invalid_request": "अनुरोध अमान्य है. कृपया पुन: प्रयास करें।", "invalid_client_id": "क्लाइंट आईडी अमान्य है. ", "invalid_client_name": "अमान्य ग्राहक नाम", "invalid_uri": "यूआरएल नहीं मिला. ", @@ -270,9 +270,9 @@ "invalid_response_type": "प्रतिक्रिया प्रकार समर्थित नहीं है. ", "invalid_grant_type": "प्राधिकरण अनुदान प्रकार सर्वर द्वारा समर्थित नहीं है। ", "invalid_scope": "अनुरोधित दायरा समर्थित नहीं है. ", - "invalid_redirect_uri": "उफ़! ", - "invalid_display": "अमान्य/असमर्थित प्रदर्शन", - "invalid_prompt": "अमान्य/असमर्थित यूआई प्रॉम्प्ट", + "invalid_redirect_uri": "उफ़! ऐसा लगता है कि यूआरएल में कोई समस्या है। कृपया पुन: प्रयास करें।", + "invalid_display": "अनुरोधित प्रदर्शन समर्थित नहीं है. कृपया पुन: प्रयास करें।", + "invalid_prompt": "अनुरोध यूआई प्रॉम्प्ट समर्थित नहीं है. कृपया पुन: प्रयास करें।", "invalid_assertion_type": "क्लाइंट अभिकथन प्रकार अमान्य है या समर्थित नहीं है. ", "invalid_client_auth": "क्लाइंट प्रमाणीकरण प्रकार अमान्य है या समर्थित नहीं है. ", "invalid_transaction": "लेन-देन समाप्त हो गया है. ", @@ -395,7 +395,7 @@ "IDA-MPA-001": "डिजिटल हस्ताक्षर सत्यापन विफल रहा. ", "IDA-MPA-002": "डिजिटल हस्ताक्षर में अमान्य प्रमाणपत्र.", "IDA-MPA-003": "अनुरोध डिक्रिप्ट करने में असमर्थ.", - "IDA-MLC-009": "अमान्य इनपुट पैरामीटर", + "IDA-MLC-009": "कृपया एक वैध इनपुट दर्ज करें.", "IDA-MLC-008": "कोई प्रमाणीकरण प्रकार चयनित नहीं", "IDA-MLC-010": "VID निष्क्रिय कर दिया गया है. ", "IDA-MLC-011": "प्रमाणित करने में असमर्थ क्योंकि प्रमाणीकरण प्रकार समर्थित नहीं है।", @@ -436,8 +436,8 @@ "IDA-RST-003": "रिटर्नटाइप खाली है", "IDA-RST-004": "बाकी सेवा का नाम खाली या अमान्य है", "IDA-RST-005": "टाइमआउट अमान्य है", - "IDA-RST-006": "उफ़! ", - "IDA-RST-007": "उफ़! ", + "IDA-RST-006": "उफ़! क्लाइंट-साइड त्रुटि हुई. कृपया जाँच करें और पुनः प्रयास करें।", + "IDA-RST-007": "उफ़! सर्वर-साइड त्रुटि उत्पन्न हुई कृपया जांचें और पुनः प्रयास करें।", "IDA-RST-008": "अनुरोध संसाधित होने में बहुत अधिक समय लगा. ", "IDA-KBT-001": "बंधा हुआ प्रमाणपत्र नहीं मिला", "IDA-KBT-002": "(आईएटी) पर जारी हस्ताक्षरित टोकन अनुमत समय सीमा में नहीं है।", diff --git a/oidc-ui/public/locales/km.json b/oidc-ui/public/locales/km.json index f2593cd05..d81301566 100644 --- a/oidc-ui/public/locales/km.json +++ b/oidc-ui/public/locales/km.json @@ -1,6 +1,6 @@ { "consent": { - "authorization_failed_msg": "ការអនុញ្ញាតបានបរាជ័យ", + "authorization_failed_msg": "មិនអាចអនុញ្ញាត។ សូមពិនិត្យមើលព័ត៌មានលម្អិត ហើយព្យាយាមម្តងទៀត។", "consent_request_rejected": "សំណើការយល់ព្រមត្រូវបានបដិសេធ", "consent_request_msg": "{{clientName}} កំពុងស្នើសុំសិទ្ធិចូលប្រើដូចខាងក្រោម៖ ", "transaction_timeout_msg": "សូមចាត់វិធានការសមស្របនៅក្នុង", @@ -245,7 +245,7 @@ "invalid_fullName": "សូមបញ្ចូលឈ្មោះដែលមានសុពលភាព។", "invalid_dob": "សូមបញ្ចូលថ្ងៃខែឆ្នាំកំណើតដែលមានសុពលភាព។", "navigate_option": "សូមព្យាយាមរុករកដោយប្រើជម្រើសខាងក្រោម។", - "page_not_exist": "ឱ! ", + "page_not_exist": "ឱ! ទំព័រដែលអ្នកកំពុងស្វែងរកមិនមានទេ។", "something_went_wrong": "មានអ្វីមួយខុសប្រក្រតី!", "experts_working": "ក្រុមការងាររបស់យើងកំពុងធ្វើការដោះស្រាយបញ្ហានេះ។", "username_not_valid": "សូមបញ្ចូលឈ្មោះអ្នកប្រើប្រាស់ត្រឹមត្រូវ។", @@ -262,7 +262,7 @@ "parsing_error_msg": "មិនអាចដំណើរការបានទេ។ ", "unauthorized_access": "ការចូលប្រើត្រូវបានបដិសេធ។ ", "Network Error": "កំហុសបណ្តាញបានកើតឡើង។ ", - "invalid_request": "សំណើមិនត្រឹមត្រូវ", + "invalid_request": "សំណើមិនត្រឹមត្រូវទេ។ សូមព្យាយាមម្តងទៀត។", "invalid_client_id": "លេខសម្គាល់អតិថិជនមិនត្រឹមត្រូវទេ។ ", "invalid_client_name": "ឈ្មោះអតិថិជនមិនត្រឹមត្រូវ", "invalid_uri": "រកមិនឃើញ URL ", @@ -270,9 +270,9 @@ "invalid_response_type": "ប្រភេទការឆ្លើយតបមិនត្រូវបានគាំទ្រទេ។ ", "invalid_grant_type": "ប្រភេទការផ្តល់ការអនុញ្ញាតមិនត្រូវបានគាំទ្រដោយម៉ាស៊ីនមេទេ។ ", "invalid_scope": "វិសាលភាពដែលបានស្នើមិនត្រូវបានគាំទ្រទេ។ ", - "invalid_redirect_uri": "ឱ! ", - "invalid_display": "ការបង្ហាញមិនត្រឹមត្រូវ/មិនគាំទ្រ", - "invalid_prompt": "ប្រអប់បញ្ចូល UI មិនត្រឹមត្រូវ/មិនគាំទ្រ", + "invalid_redirect_uri": "អូ! វាហាក់ដូចជាមានបញ្ហាជាមួយ URL។ សូមព្យាយាមម្តងទៀត។", + "invalid_display": "ការបង្ហាញដែលបានស្នើមិនត្រូវបានគាំទ្រទេ។ សូមព្យាយាមម្តងទៀត។", + "invalid_prompt": "សំណើ UI មិនត្រូវបានគាំទ្រទេ។ សូមព្យាយាមម្តងទៀត។", "invalid_assertion_type": "ប្រភេទ​ការ​អះអាង​របស់​អតិថិជន​គឺ​មិន​ត្រឹមត្រូវ ឬ​មិន​ត្រូវ​បាន​គាំទ្រ។ ", "invalid_client_auth": "ប្រភេទការផ្ទៀងផ្ទាត់អតិថិជនមិនត្រឹមត្រូវ ឬមិនគាំទ្រ។ ", "invalid_transaction": "ប្រតិបត្តិការបានផុតកំណត់ហើយ។ ", @@ -395,7 +395,7 @@ "IDA-MPA-001": "ការផ្ទៀងផ្ទាត់ហត្ថលេខាឌីជីថលបានបរាជ័យ។ ", "IDA-MPA-002": "វិញ្ញាបនបត្រមិនត្រឹមត្រូវនៅក្នុងហត្ថលេខាឌីជីថល។", "IDA-MPA-003": "មិនអាចឌិគ្រីបសំណើរបានទេ។", - "IDA-MLC-009": "ប៉ារ៉ាម៉ែត្របញ្ចូលមិនត្រឹមត្រូវ", + "IDA-MLC-009": "សូមបញ្ចូលការបញ្ចូលត្រឹមត្រូវ។", "IDA-MLC-008": "មិនបានជ្រើសរើសប្រភេទការផ្ទៀងផ្ទាត់ទេ។", "IDA-MLC-010": "VID ត្រូវបានបិទដំណើរការ។ ", "IDA-MLC-011": "មិន​អាច​ផ្ទៀងផ្ទាត់​បាន​ទេ ព្រោះ​ប្រភេទ​ការ​ផ្ទៀងផ្ទាត់​មិន​ត្រូវ​បាន​គាំទ្រ។", @@ -436,8 +436,8 @@ "IDA-RST-003": "returnType គឺទទេ", "IDA-RST-004": "ឈ្មោះសេវាកម្មសម្រាកគឺទទេ ឬមិនត្រឹមត្រូវ", "IDA-RST-005": "ការអស់ពេលគឺមិនត្រឹមត្រូវទេ។", - "IDA-RST-006": "ឱ! ", - "IDA-RST-007": "ឱ! ", + "IDA-RST-006": "ឱ! កំហុសខាងអតិថិជនបានកើតឡើង។ សូមពិនិត្យមើល ហើយព្យាយាមម្តងទៀត។", + "IDA-RST-007": "ឱ! កំហុសខាងម៉ាស៊ីនមេបានកើតឡើង សូមពិនិត្យ ហើយព្យាយាមម្តងទៀត។", "IDA-RST-008": "សំណើនេះចំណាយពេលយូរពេកក្នុងដំណើរការ។ ", "IDA-KBT-001": "រកមិនឃើញវិញ្ញាបនបត្រដែលចងជាប់ទេ។", "IDA-KBT-002": "សញ្ញាសម្ងាត់ដែលបានចុះហត្ថលេខាដែលបានចេញនៅ (iat) មិនស្ថិតក្នុងចន្លោះពេលដែលបានអនុញ្ញាតទេ។", diff --git a/oidc-ui/public/locales/kn.json b/oidc-ui/public/locales/kn.json index 9645cb10a..ad27c1d26 100644 --- a/oidc-ui/public/locales/kn.json +++ b/oidc-ui/public/locales/kn.json @@ -1,6 +1,6 @@ { "consent": { - "authorization_failed_msg": "ದೃಢೀಕರಣ ವಿಫಲವಾಗಿದೆ", + "authorization_failed_msg": "ಅಧಿಕೃತಗೊಳಿಸಲು ಸಾಧ್ಯವಾಗುತ್ತಿಲ್ಲ. ದಯವಿಟ್ಟು ವಿವರಗಳನ್ನು ಪರಿಶೀಲಿಸಿ ಮತ್ತು ಮತ್ತೆ ಪ್ರಯತ್ನಿಸಿ.", "consent_request_rejected": "ಒಪ್ಪಿಗೆಯ ವಿನಂತಿಯನ್ನು ತಿರಸ್ಕರಿಸಲಾಗಿದೆ", "consent_request_msg": "{{clientName}} ಕೆಳಗಿನವುಗಳಿಗೆ ಪ್ರವೇಶವನ್ನು ವಿನಂತಿಸುತ್ತಿದೆ: ", "transaction_timeout_msg": "ದಯವಿಟ್ಟು ಸೂಕ್ತ ಕ್ರಮ ಕೈಗೊಳ್ಳಿ", @@ -245,7 +245,7 @@ "invalid_fullName": "ದಯವಿಟ್ಟು ಮಾನ್ಯವಾದ ಹೆಸರನ್ನು ನಮೂದಿಸಿ.", "invalid_dob": "ದಯವಿಟ್ಟು ಮಾನ್ಯವಾದ ಜನ್ಮ ದಿನಾಂಕವನ್ನು ನಮೂದಿಸಿ.", "navigate_option": "ದಯವಿಟ್ಟು ಕೆಳಗಿನ ಆಯ್ಕೆಗಳನ್ನು ಬಳಸಿಕೊಂಡು ನ್ಯಾವಿಗೇಟ್ ಮಾಡಲು ಪ್ರಯತ್ನಿಸಿ.", - "page_not_exist": "ಓಹ್! ", + "page_not_exist": "ಓಹ್! ನೀವು ಹುಡುಕುತ್ತಿರುವ ಪುಟವು ಅಸ್ತಿತ್ವದಲ್ಲಿಲ್ಲ.", "something_went_wrong": "ಏನೋ ತಪ್ಪಾಗಿದೆ!", "experts_working": "ನಮ್ಮ ತಂಡವು ಸಮಸ್ಯೆಯನ್ನು ಪರಿಹರಿಸಲು ಕೆಲಸ ಮಾಡುತ್ತಿದೆ.", "username_not_valid": "ದಯವಿಟ್ಟು ಮಾನ್ಯವಾದ ಬಳಕೆದಾರ ಹೆಸರನ್ನು ನಮೂದಿಸಿ.", @@ -262,7 +262,7 @@ "parsing_error_msg": "ಪ್ರಕ್ರಿಯೆಗೊಳಿಸಲು ಸಾಧ್ಯವಾಗುತ್ತಿಲ್ಲ. ", "unauthorized_access": "ಪ್ರವೇಶವನ್ನು ನಿರಾಕರಿಸಲಾಗಿದೆ. ", "Network Error": "ನೆಟ್‌ವರ್ಕ್ ದೋಷ ಸಂಭವಿಸಿದೆ. ", - "invalid_request": "ಅಮಾನ್ಯ ವಿನಂತಿ", + "invalid_request": "ವಿನಂತಿಯು ಅಮಾನ್ಯವಾಗಿದೆ. ದಯವಿಟ್ಟು ಮತ್ತೆ ಪ್ರಯತ್ನಿಸಿ.", "invalid_client_id": "ಕ್ಲೈಂಟ್ ಐಡಿ ಅಮಾನ್ಯವಾಗಿದೆ. ", "invalid_client_name": "ಅಮಾನ್ಯ ಗ್ರಾಹಕ ಹೆಸರು", "invalid_uri": "URL ಕಂಡುಬಂದಿಲ್ಲ. ", @@ -270,9 +270,9 @@ "invalid_response_type": "ಪ್ರತಿಕ್ರಿಯೆ ಪ್ರಕಾರವು ಬೆಂಬಲಿತವಾಗಿಲ್ಲ. ", "invalid_grant_type": "ದೃಢೀಕರಣ ಅನುದಾನದ ಪ್ರಕಾರವನ್ನು ಸರ್ವರ್ ಬೆಂಬಲಿಸುವುದಿಲ್ಲ. ", "invalid_scope": "ವಿನಂತಿಸಿದ ವ್ಯಾಪ್ತಿಗೆ ಬೆಂಬಲವಿಲ್ಲ. ", - "invalid_redirect_uri": "ಓಹ್! ", - "invalid_display": "ಅಮಾನ್ಯ/ಬೆಂಬಲವಿಲ್ಲದ ಪ್ರದರ್ಶನ", - "invalid_prompt": "ಅಮಾನ್ಯ/ಬೆಂಬಲವಿಲ್ಲದ UI ಪ್ರಾಂಪ್ಟ್", + "invalid_redirect_uri": "ಓಹ್! URL ನಲ್ಲಿ ಸಮಸ್ಯೆಯಿರುವಂತೆ ತೋರುತ್ತಿದೆ. ದಯವಿಟ್ಟು ಮತ್ತೆ ಪ್ರಯತ್ನಿಸಿ.", + "invalid_display": "ವಿನಂತಿಸಿದ ಪ್ರದರ್ಶನವು ಬೆಂಬಲಿತವಾಗಿಲ್ಲ. ದಯವಿಟ್ಟು ಮತ್ತೆ ಪ್ರಯತ್ನಿಸಿ.", + "invalid_prompt": "ವಿನಂತಿಯ UI ಪ್ರಾಂಪ್ಟ್ ಬೆಂಬಲಿತವಾಗಿಲ್ಲ. ದಯವಿಟ್ಟು ಮತ್ತೆ ಪ್ರಯತ್ನಿಸಿ.", "invalid_assertion_type": "ಕ್ಲೈಂಟ್ ಸಮರ್ಥನೆಯ ಪ್ರಕಾರವು ಅಮಾನ್ಯವಾಗಿದೆ ಅಥವಾ ಬೆಂಬಲಿತವಾಗಿಲ್ಲ. ", "invalid_client_auth": "ಕ್ಲೈಂಟ್ ದೃಢೀಕರಣ ಪ್ರಕಾರವು ಅಮಾನ್ಯವಾಗಿದೆ ಅಥವಾ ಬೆಂಬಲಿತವಾಗಿಲ್ಲ. ", "invalid_transaction": "ವಹಿವಾಟಿನ ಅವಧಿ ಮುಗಿದಿದೆ. ", @@ -395,7 +395,7 @@ "IDA-MPA-001": "ಡಿಜಿಟಲ್ ಸಹಿ ಪರಿಶೀಲನೆ ವಿಫಲವಾಗಿದೆ. ", "IDA-MPA-002": "ಡಿಜಿಟಲ್ ಸಹಿಯಲ್ಲಿ ಅಮಾನ್ಯ ಪ್ರಮಾಣಪತ್ರ.", "IDA-MPA-003": "ವಿನಂತಿಯನ್ನು ಡೀಕ್ರಿಪ್ಟ್ ಮಾಡಲು ಸಾಧ್ಯವಾಗುತ್ತಿಲ್ಲ.", - "IDA-MLC-009": "ಅಮಾನ್ಯ ಇನ್‌ಪುಟ್ ಪ್ಯಾರಾಮೀಟರ್", + "IDA-MLC-009": "ದಯವಿಟ್ಟು ಮಾನ್ಯವಾದ ಇನ್‌ಪುಟ್ ಅನ್ನು ನಮೂದಿಸಿ.", "IDA-MLC-008": "ಯಾವುದೇ ದೃಢೀಕರಣ ಪ್ರಕಾರವನ್ನು ಆಯ್ಕೆ ಮಾಡಲಾಗಿಲ್ಲ", "IDA-MLC-010": "VID ಅನ್ನು ನಿಷ್ಕ್ರಿಯಗೊಳಿಸಲಾಗಿದೆ. ", "IDA-MLC-011": "ದೃಢೀಕರಣದ ಪ್ರಕಾರವು ಬೆಂಬಲಿತವಾಗಿಲ್ಲ ಎಂದು ದೃಢೀಕರಿಸಲು ಸಾಧ್ಯವಿಲ್ಲ.", @@ -436,8 +436,8 @@ "IDA-RST-003": "ರಿಟರ್ನ್ ಟೈಪ್ ಖಾಲಿಯಾಗಿದೆ", "IDA-RST-004": "ಉಳಿದ ಸೇವೆಯ ಹೆಸರು ಖಾಲಿಯಾಗಿದೆ ಅಥವಾ ಅಮಾನ್ಯವಾಗಿದೆ", "IDA-RST-005": "ಅವಧಿ ಮೀರಿದೆ ಅಮಾನ್ಯವಾಗಿದೆ", - "IDA-RST-006": "ಓಹ್! ", - "IDA-RST-007": "ಓಹ್! ", + "IDA-RST-006": "ಓಹ್! ಕ್ಲೈಂಟ್-ಸೈಡ್ ದೋಷ ಸಂಭವಿಸಿದೆ. ದಯವಿಟ್ಟು ಪರಿಶೀಲಿಸಿ ಮತ್ತು ಮತ್ತೆ ಪ್ರಯತ್ನಿಸಿ.", + "IDA-RST-007": "ಓಹ್! ಸರ್ವರ್-ಸೈಡ್ ದೋಷ ಸಂಭವಿಸಿದೆ ದಯವಿಟ್ಟು ಪರಿಶೀಲಿಸಿ ಮತ್ತು ಮತ್ತೆ ಪ್ರಯತ್ನಿಸಿ.", "IDA-RST-008": "ವಿನಂತಿಯನ್ನು ಪ್ರಕ್ರಿಯೆಗೊಳಿಸಲು ತುಂಬಾ ಸಮಯ ತೆಗೆದುಕೊಂಡಿತು. ", "IDA-KBT-001": "ಬೌಂಡ್ ಪ್ರಮಾಣಪತ್ರ ಕಂಡುಬಂದಿಲ್ಲ", "IDA-KBT-002": "(iat) ನಲ್ಲಿ ನೀಡಲಾದ ಸಹಿ ಮಾಡಿದ ಟೋಕನ್ ಅನುಮತಿಸಲಾದ ಸಮಯ ವ್ಯಾಪ್ತಿಯಲ್ಲಿಲ್ಲ.", diff --git a/oidc-ui/public/locales/ta.json b/oidc-ui/public/locales/ta.json index e067fb578..41eeb6c95 100644 --- a/oidc-ui/public/locales/ta.json +++ b/oidc-ui/public/locales/ta.json @@ -1,6 +1,6 @@ { "consent": { - "authorization_failed_msg": "அங்கீகாரம் தோல்வியடைந்தது", + "authorization_failed_msg": "அங்கீகரிக்க முடியவில்லை. விவரங்களைச் சரிபார்த்து மீண்டும் முயற்சிக்கவும்.", "consent_request_rejected": "ஒப்புதல் கோரிக்கை நிராகரிக்கப்பட்டது", "consent_request_msg": "{{clientName}} பின்வரும் அணுகலைக் கோருகிறது: ", "transaction_timeout_msg": "தயவு செய்து உரிய நடவடிக்கை எடுக்கவும்", @@ -245,7 +245,7 @@ "invalid_fullName": "சரியான பெயரை உள்ளிடவும்.", "invalid_dob": "சரியான பிறந்த தேதியை உள்ளிடவும்.", "navigate_option": "கீழே உள்ள விருப்பங்களைப் பயன்படுத்தி வழிசெலுத்த முயற்சிக்கவும்.", - "page_not_exist": "அச்சச்சோ! ", + "page_not_exist": "அச்சச்சோ! நீங்கள் தேடும் பக்கம் இல்லை.", "something_went_wrong": "ஏதோ தவறாகிவிட்டது!", "experts_working": "இப்பிரச்னைக்கு தீர்வு காண எங்கள் குழு செயல்பட்டு வருகிறது.", "username_not_valid": "சரியான பயனர்பெயரை உள்ளிடவும்.", @@ -262,7 +262,7 @@ "parsing_error_msg": "செயலாக்க முடியவில்லை. ", "unauthorized_access": "அணுகல் மறுக்கப்பட்டது. ", "Network Error": "நெட்வொர்க் பிழை ஏற்பட்டது. ", - "invalid_request": "தவறான கோரிக்கை", + "invalid_request": "கோரிக்கை தவறானது. மீண்டும் முயற்சிக்கவும்.", "invalid_client_id": "கிளையண்ட் ஐடி தவறானது. ", "invalid_client_name": "தவறான வாடிக்கையாளர் பெயர்", "invalid_uri": "URL கிடைக்கவில்லை. ", @@ -270,9 +270,9 @@ "invalid_response_type": "பதில் வகை ஆதரிக்கப்படவில்லை. ", "invalid_grant_type": "அங்கீகார மானிய வகை சேவையகத்தால் ஆதரிக்கப்படவில்லை. ", "invalid_scope": "கோரப்பட்ட நோக்கம் ஆதரிக்கப்படவில்லை. ", - "invalid_redirect_uri": "அச்சச்சோ! ", - "invalid_display": "தவறான/ஆதரவற்ற காட்சி", - "invalid_prompt": "தவறான/ஆதரவற்ற UI ப்ராம்ப்ட்", + "invalid_redirect_uri": "அச்சச்சோ! URL இல் சிக்கல் இருப்பது போல் தெரிகிறது. மீண்டும் முயற்சிக்கவும்.", + "invalid_display": "கோரப்பட்ட காட்சி ஆதரிக்கப்படவில்லை. மீண்டும் முயற்சிக்கவும்.", + "invalid_prompt": "கோரிக்கை UI ப்ராம்ட் ஆதரிக்கப்படவில்லை. மீண்டும் முயற்சிக்கவும்.", "invalid_assertion_type": "கிளையன்ட் வலியுறுத்தல் வகை தவறானது அல்லது ஆதரிக்கப்படவில்லை. ", "invalid_client_auth": "கிளையன்ட் அங்கீகார வகை தவறானது அல்லது ஆதரிக்கப்படவில்லை. ", "invalid_transaction": "பரிவர்த்தனை காலாவதியானது. ", @@ -395,7 +395,7 @@ "IDA-MPA-001": "டிஜிட்டல் கையொப்ப சரிபார்ப்பு தோல்வியடைந்தது. ", "IDA-MPA-002": "டிஜிட்டல் கையொப்பத்தில் தவறான சான்றிதழ்.", "IDA-MPA-003": "கோரிக்கையை மறைகுறியாக்க முடியவில்லை.", - "IDA-MLC-009": "தவறான உள்ளீட்டு அளவுரு", + "IDA-MLC-009": "சரியான உள்ளீட்டை உள்ளிடவும்.", "IDA-MLC-008": "அங்கீகார வகை எதுவும் தேர்ந்தெடுக்கப்படவில்லை", "IDA-MLC-010": "விஐடி செயலிழக்கப்பட்டது. ", "IDA-MLC-011": "அங்கீகார வகை ஆதரிக்கப்படவில்லை என அங்கீகரிக்க முடியவில்லை.", @@ -436,8 +436,8 @@ "IDA-RST-003": "ரிட்டர்ன் டைப் காலியாக உள்ளது", "IDA-RST-004": "ஓய்வு சேவையின் பெயர் காலியாக உள்ளது அல்லது தவறானது", "IDA-RST-005": "நேரம் முடிந்தது தவறானது", - "IDA-RST-006": "அச்சச்சோ! ", - "IDA-RST-007": "அச்சச்சோ! ", + "IDA-RST-006": "அச்சச்சோ! கிளையண்ட் பக்க பிழை ஏற்பட்டது. சரிபார்த்து மீண்டும் முயற்சிக்கவும்.", + "IDA-RST-007": "அச்சச்சோ! சர்வர் பக்க பிழை ஏற்பட்டது சரிபார்த்து மீண்டும் முயற்சிக்கவும்.", "IDA-RST-008": "கோரிக்கையைச் செயல்படுத்த அதிக நேரம் எடுத்தது. ", "IDA-KBT-001": "கட்டுப்பட்ட சான்றிதழ் கிடைக்கவில்லை", "IDA-KBT-002": "(iat) இல் வழங்கப்பட்ட கையொப்பமிடப்பட்ட டோக்கன் அனுமதிக்கப்பட்ட நேர வரம்பில் இல்லை.", From 5a4490868341c8695d30259efaebc4a23e3108e8 Mon Sep 17 00:00:00 2001 From: VSIVAKALYAN <103260988+VSIVAKALYAN@users.noreply.github.com> Date: Fri, 17 Jan 2025 15:17:03 +0530 Subject: [PATCH 2/5] [DSD-7065] Update push-trigger.yml (#1117) Signed-off-by: VSIVAKALYAN <103260988+VSIVAKALYAN@users.noreply.github.com> --- .github/workflows/push-trigger.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push-trigger.yml b/.github/workflows/push-trigger.yml index f3f5779f8..8c4915116 100644 --- a/.github/workflows/push-trigger.yml +++ b/.github/workflows/push-trigger.yml @@ -257,7 +257,7 @@ jobs: find ${{ env.SERVICE_LOCATION }} -path '*/target/*' -exec zip ${{ env.BUILD_ARTIFACT }}.zip {} + - name: Upload the springboot jars if: ${{ !contains(github.ref, 'master') || !contains(github.ref, 'main') }} - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: ${{ env.BUILD_ARTIFACT }} path: ${{ env.BUILD_ARTIFACT }}.zip From a776872652a926423994877bedc6a8bf8748a27f Mon Sep 17 00:00:00 2001 From: pvsaidurga Date: Fri, 17 Jan 2025 15:40:27 +0530 Subject: [PATCH 3/5] [ES-1640] added schema validation for claims query parameter (#887) (#1112) * [ES-1640] added schema validation for claims query parameter (#887) * added schema validatio for claims Signed-off-by: Mohd Kaif Siddique * added schema validatio for claims Signed-off-by: Mohd Kaif Siddique * updated the jackson-core versions and fix test cases Signed-off-by: Mohd Kaif Siddique * updated jackson-core version Signed-off-by: Mohd Kaif Siddique * modified schema config and now storing it in app itself Signed-off-by: Mohd Kaif Siddique * resolve conflict with develop Signed-off-by: Mohd Kaif Siddique * review changes Signed-off-by: Mohd Kaif Siddique * review changes Signed-off-by: Mohd Kaif Siddique * review changes Signed-off-by: Mohd Kaif Siddique --------- Signed-off-by: Mohd Kaif Siddique Co-authored-by: Mohd Kaif Siddique Signed-off-by: pvsaidurga * added support to verify empty string in json schema (#990) Signed-off-by: Mohd Kaif Siddique Co-authored-by: Mohd Kaif Siddique Signed-off-by: pvsaidurga --------- Signed-off-by: Mohd Kaif Siddique Signed-off-by: pvsaidurga Co-authored-by: Kaif Siddique <74772315+kaifk468@users.noreply.github.com> Co-authored-by: Mohd Kaif Siddique --- esignet-core/pom.xml | 32 +- .../core/constants/ErrorConstants.java | 1 - .../esignet/core/dto/OAuthDetailRequest.java | 10 +- .../esignet/core/validator/ClaimsSchema.java | 26 + .../core/validator/ClaimsSchemaValidator.java | 77 +++ .../io/mosip/esignet/core/ValidatorTest.java | 140 ++++- .../verified_claims_request_schema_test.json | 531 +++++++++++++++++ esignet-service/pom.xml | 1 - .../resources/application-default.properties | 1 + .../verified_claims_request_schema.json | 545 ++++++++++++++++++ .../AuthorizationControllerTest.java | 67 ++- .../mosip/esignet/flows/AuthCodeFlowTest.java | 4 + .../flows/AuthorizationAPIFlowTest.java | 1 + .../resources/application-test.properties | 3 + .../verified_claims_request_schema_test.json | 531 +++++++++++++++++ pom.xml | 22 +- 16 files changed, 1975 insertions(+), 17 deletions(-) create mode 100644 esignet-core/src/main/java/io/mosip/esignet/core/validator/ClaimsSchema.java create mode 100644 esignet-core/src/main/java/io/mosip/esignet/core/validator/ClaimsSchemaValidator.java create mode 100644 esignet-core/src/test/resources/verified_claims_request_schema_test.json create mode 100644 esignet-service/src/main/resources/verified_claims_request_schema.json create mode 100644 esignet-service/src/test/resources/verified_claims_request_schema_test.json diff --git a/esignet-core/pom.xml b/esignet-core/pom.xml index 7b27d474a..2c70fa859 100644 --- a/esignet-core/pom.xml +++ b/esignet-core/pom.xml @@ -22,7 +22,6 @@ 11 2.9.5 2.9.8 - 2.15.0 2.15.0 2.15.0 1.2.1.0 @@ -100,20 +99,44 @@ micrometer-registry-prometheus runtime + + com.networknt + json-schema-validator + 1.5.1 + + + com.fasterxml.jackson.core + jackson-core + + + com.fasterxml.jackson.core + jackson-annotations + + + com.fasterxml.jackson.core + jackson-databind + + + com.fasterxml.jackson.datatype + jackson-datatype-jsr310 + + + com.fasterxml.jackson.module + jackson-module-afterburner + + + com.fasterxml.jackson.core jackson-core - ${jackson.databind} com.fasterxml.jackson.core jackson-annotations - ${jackson.databind} com.fasterxml.jackson.core jackson-databind - ${jackson.databind} com.fasterxml.jackson.datatype @@ -181,4 +204,5 @@ + diff --git a/esignet-core/src/main/java/io/mosip/esignet/core/constants/ErrorConstants.java b/esignet-core/src/main/java/io/mosip/esignet/core/constants/ErrorConstants.java index 57ac0110b..2b8248378 100644 --- a/esignet-core/src/main/java/io/mosip/esignet/core/constants/ErrorConstants.java +++ b/esignet-core/src/main/java/io/mosip/esignet/core/constants/ErrorConstants.java @@ -92,6 +92,5 @@ public class ErrorConstants { public static final String INVALID_VERIFICATION = "invalid_verification"; public static final String INVALID_VERIFIED_CLAIMS = "invalid_verified_claims"; public static final String INVALID_PURPOSE="invalid_purpose"; - public static final String VERIFICATION_INCOMPLETE = "verification_incomplete"; } diff --git a/esignet-core/src/main/java/io/mosip/esignet/core/dto/OAuthDetailRequest.java b/esignet-core/src/main/java/io/mosip/esignet/core/dto/OAuthDetailRequest.java index 547f265c2..9063f2b40 100644 --- a/esignet-core/src/main/java/io/mosip/esignet/core/dto/OAuthDetailRequest.java +++ b/esignet-core/src/main/java/io/mosip/esignet/core/dto/OAuthDetailRequest.java @@ -5,16 +5,11 @@ */ package io.mosip.esignet.core.dto; -import io.mosip.esignet.api.dto.claim.Claims; import io.mosip.esignet.api.dto.claim.ClaimsV2; -import io.mosip.esignet.core.validator.OIDCDisplay; -import io.mosip.esignet.core.validator.OIDCPrompt; -import io.mosip.esignet.core.validator.OIDCResponseType; -import io.mosip.esignet.core.validator.OIDCScope; +import io.mosip.esignet.core.constants.ErrorConstants; +import io.mosip.esignet.core.validator.*; import lombok.Data; -import io.mosip.esignet.core.validator.RedirectURL; - import javax.validation.Valid; import javax.validation.constraints.NotBlank; @@ -76,6 +71,7 @@ public class OAuthDetailRequest { * names of the individual Claims being requested as the member names. */ @Valid + @ClaimsSchema(message = ErrorConstants.INVALID_CLAIM) private ClaimsV2 claims; /** diff --git a/esignet-core/src/main/java/io/mosip/esignet/core/validator/ClaimsSchema.java b/esignet-core/src/main/java/io/mosip/esignet/core/validator/ClaimsSchema.java new file mode 100644 index 000000000..a53308b6c --- /dev/null +++ b/esignet-core/src/main/java/io/mosip/esignet/core/validator/ClaimsSchema.java @@ -0,0 +1,26 @@ +package io.mosip.esignet.core.validator; + + +import io.mosip.esignet.core.constants.ErrorConstants; +import javax.validation.Constraint; +import javax.validation.Payload; +import java.lang.annotation.Documented; +import java.lang.annotation.Retention; +import java.lang.annotation.Target; + +import static java.lang.annotation.ElementType.FIELD; +import static java.lang.annotation.ElementType.TYPE_USE; +import static java.lang.annotation.RetentionPolicy.RUNTIME; + +@Target({FIELD, TYPE_USE}) +@Retention(RUNTIME) +@Constraint(validatedBy = ClaimsSchemaValidator.class) +@Documented +public @interface ClaimsSchema { + + String message() default ErrorConstants.INVALID_CLAIM; + + Class[] groups() default {}; + + Class[] payload() default {}; +} diff --git a/esignet-core/src/main/java/io/mosip/esignet/core/validator/ClaimsSchemaValidator.java b/esignet-core/src/main/java/io/mosip/esignet/core/validator/ClaimsSchemaValidator.java new file mode 100644 index 000000000..60c70f73e --- /dev/null +++ b/esignet-core/src/main/java/io/mosip/esignet/core/validator/ClaimsSchemaValidator.java @@ -0,0 +1,77 @@ +package io.mosip.esignet.core.validator; + +import com.fasterxml.jackson.databind.JsonNode; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.networknt.schema.JsonSchema; +import com.networknt.schema.JsonSchemaFactory; +import com.networknt.schema.SpecVersion; +import com.networknt.schema.ValidationMessage; +import io.mosip.esignet.api.dto.claim.ClaimsV2; +import io.mosip.esignet.core.exception.EsignetException; +import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.core.io.Resource; +import org.springframework.core.io.ResourceLoader; + +import javax.validation.ConstraintValidator; +import javax.validation.ConstraintValidatorContext; +import java.io.*; +import java.nio.charset.StandardCharsets; +import java.util.Set; +import java.util.stream.Collectors; + + +@Slf4j +public class ClaimsSchemaValidator implements ConstraintValidator { + + + @Value("${mosip.esignet.claims.schema.url}") + private String schemaUrl; + + private volatile JsonSchema cachedSchema; + + @Autowired + private ObjectMapper objectMapper; + + @Autowired + private ResourceLoader resourceLoader; + + + @Override + public boolean isValid(ClaimsV2 claims, ConstraintValidatorContext context) { + Set errors = null; + try { + JsonNode jsonNode = objectMapper.valueToTree(claims); + errors = getCachedSchema().validate(jsonNode); + if(errors.isEmpty())return true; + } catch (Exception e) { + log.error("Error validating claims schema", e); + } + log.error("Validation failed for claims: {}", errors); + return false; + } + + private JsonSchema getCachedSchema() throws EsignetException { + if(cachedSchema!=null ) return cachedSchema; + synchronized (this) { + if (cachedSchema == null) { + InputStream schemaResponse = getResource(schemaUrl); + JsonSchemaFactory jsonSchemaFactory = JsonSchemaFactory.getInstance(SpecVersion.VersionFlag.V202012); + cachedSchema = jsonSchemaFactory.getSchema(schemaResponse); + } + } + return cachedSchema; + } + + private InputStream getResource(String url) { + try{ + Resource resource = resourceLoader.getResource(url); + return resource.getInputStream(); + }catch (IOException e){ + log.error("Failed to parse data: {}", url, e); + } + throw new EsignetException("invalid_configuration"); + } +} + diff --git a/esignet-core/src/test/java/io/mosip/esignet/core/ValidatorTest.java b/esignet-core/src/test/java/io/mosip/esignet/core/ValidatorTest.java index 4db70eb24..75ca8b8c3 100644 --- a/esignet-core/src/test/java/io/mosip/esignet/core/ValidatorTest.java +++ b/esignet-core/src/test/java/io/mosip/esignet/core/ValidatorTest.java @@ -5,6 +5,10 @@ */ package io.mosip.esignet.core; +import com.fasterxml.jackson.databind.JsonNode; +import com.fasterxml.jackson.databind.ObjectMapper; +import io.mosip.esignet.api.dto.claim.ClaimDetail; +import io.mosip.esignet.api.dto.claim.ClaimsV2; import io.mosip.esignet.api.spi.Authenticator; import io.mosip.esignet.core.dto.OAuthDetailRequestV2; import io.mosip.esignet.core.exception.EsignetException; @@ -15,11 +19,16 @@ import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; +import org.mockito.InjectMocks; import org.mockito.Mock; import org.mockito.junit.MockitoJUnitRunner; +import org.springframework.boot.test.context.SpringBootTest; import org.springframework.core.env.Environment; +import org.springframework.core.io.DefaultResourceLoader; +import org.springframework.core.io.ResourceLoader; import org.springframework.test.util.ReflectionTestUtils; - +import org.springframework.web.client.RestTemplate; +import java.io.IOException; import java.time.ZoneOffset; import java.time.ZonedDateTime; import java.time.format.DateTimeFormatter; @@ -28,12 +37,16 @@ import java.util.HashSet; import java.util.Map; import java.util.Set; - import static org.mockito.Mockito.when; + +@SpringBootTest @RunWith(MockitoJUnitRunner.class) public class ValidatorTest { + @InjectMocks + ClaimsSchemaValidator claimSchemaValidator; + @Mock AuthenticationContextClassRefUtil authenticationContextClassRefUtil; @@ -43,6 +56,17 @@ public class ValidatorTest { @Mock Environment environment; + + @Mock + RestTemplate restTemplate; + + + ResourceLoader resourceLoader= new DefaultResourceLoader(); + + ObjectMapper mapper= new ObjectMapper(); + + + private Map discoveryMap = new HashMap<>(); @Before @@ -647,4 +671,116 @@ public void test_ClientNameLangValidator_WithInValidDetail_thenFail(){ Assert.assertFalse(validator.isValid("abc", null)); } + // =============================ClaimSchemaValidator=============================// + + @Test + public void claimSchemaValidator_withValidDetails_thenPass() throws IOException { + + ReflectionTestUtils.setField(claimSchemaValidator,"resourceLoader",resourceLoader); + ReflectionTestUtils.setField(claimSchemaValidator,"objectMapper",mapper); + ReflectionTestUtils.setField(claimSchemaValidator,"schemaUrl","classpath:/verified_claims_request_schema_test.json"); + + String address="{\"essential\":true}"; + String verifiedClaims="[{\"verification\":{\"trust_framework\":{\"value\":\"income-tax\"}},\"claims\":{\"name\":null,\"email\":{\"essential\":true}}},{\"verification\":{\"trust_framework\":{\"value\":\"pwd\"}},\"claims\":{\"birthdate\":{\"essential\":true},\"address\":null}},{\"verification\":{\"trust_framework\":{\"value\":\"kaif\"}},\"claims\":{\"gender\":{\"essential\":true},\"email\":{\"essential\":true}}}]"; + + JsonNode addressNode = mapper.readValue(address, JsonNode.class); + JsonNode verifiedClaimNode = mapper.readValue(verifiedClaims, JsonNode.class); + + Map userinfoMap = new HashMap<>(); + userinfoMap.put("address", addressNode); + userinfoMap.put("verified_claims", verifiedClaimNode); + Map idTokenMap = new HashMap<>(); + + ClaimDetail claimDetail = new ClaimDetail("claim_value", null, true, "secondary"); + idTokenMap.put("some_claim", claimDetail); + + ClaimsV2 claimsV2 = new ClaimsV2(); + claimsV2.setUserinfo(userinfoMap); + claimsV2.setId_token(idTokenMap); + + Assert.assertTrue(claimSchemaValidator.isValid(claimsV2, null)); + } + + @Test + public void claimSchemaValidator_withTrustFrameWorkAsNull_thenFail() throws IOException { + + ReflectionTestUtils.setField(claimSchemaValidator,"resourceLoader",resourceLoader); + ReflectionTestUtils.setField(claimSchemaValidator,"objectMapper",mapper); + ReflectionTestUtils.setField(claimSchemaValidator,"schemaUrl","classpath:/verified_claims_request_schema_test.json"); + + String address="{\"essential\":true}"; + String verifiedClaims="[{\"verification\":{\"trust_framework\":{\"value\":null}},\"claims\":{\"name\":null,\"email\":{\"essential\":true}}},{\"verification\":{\"trust_framework\":{\"value\":\"pwd\"}},\"claims\":{\"birthdate\":{\"essential\":true},\"address\":null}},{\"verification\":{\"trust_framework\":{\"value\":\"kaif\"}},\"claims\":{\"gender\":{\"essential\":true},\"email\":{\"essential\":true}}}]"; + + JsonNode addressNode = mapper.readValue(address, JsonNode.class); + JsonNode verifiedClaimNode = mapper.readValue(verifiedClaims, JsonNode.class); + + Map userinfoMap = new HashMap<>(); + userinfoMap.put("address", addressNode); + userinfoMap.put("verified_claims", verifiedClaimNode); + Map idTokenMap = new HashMap<>(); + ClaimDetail claimDetail = new ClaimDetail("claim_value", null, true, "secondary"); + + idTokenMap.put("some_claim", claimDetail); + ClaimsV2 claimsV2 = new ClaimsV2(); + claimsV2.setUserinfo(userinfoMap); + claimsV2.setId_token(idTokenMap); + + Assert.assertFalse(claimSchemaValidator.isValid(claimsV2, null)); + + } + + @Test + public void claimSchemaValidator_withEssentialAsNonBoolean_thenFail() throws IOException { + + ReflectionTestUtils.setField(claimSchemaValidator,"resourceLoader",resourceLoader); + ReflectionTestUtils.setField(claimSchemaValidator,"objectMapper",mapper); + ReflectionTestUtils.setField(claimSchemaValidator,"schemaUrl","classpath:/verified_claims_request_schema_test.json"); + + String address="{\"essential\":true}"; + String verifiedClaims="[{\"verification\":{\"trust_framework\":{\"value\":\"pwd\"}},\"claims\":{\"name\":null,\"email\":{\"essential\":1}}},{\"verification\":{\"trust_framework\":{\"value\":\"pwd\"}},\"claims\":{\"birthdate\":{\"essential\":true},\"address\":null}},{\"verification\":{\"trust_framework\":{\"value\":\"kaif\"}},\"claims\":{\"gender\":{\"essential\":true},\"email\":{\"essential\":true}}}]"; + + JsonNode addressNode = mapper.readValue(address, JsonNode.class); + JsonNode verifiedClaimNode = mapper.readValue(verifiedClaims, JsonNode.class); + + Map userinfoMap = new HashMap<>(); + userinfoMap.put("address", addressNode); + userinfoMap.put("verified_claims", verifiedClaimNode); + Map idTokenMap = new HashMap<>(); + + ClaimDetail claimDetail = new ClaimDetail("claim_value", null, true, "secondary"); + + idTokenMap.put("some_claim", claimDetail); + ClaimsV2 claimsV2 = new ClaimsV2(); + claimsV2.setUserinfo(userinfoMap); + claimsV2.setId_token(idTokenMap); + + Assert.assertFalse(claimSchemaValidator.isValid(claimsV2, null)); + } + + @Test + public void test_ClaimSchemaValidator_withInvalidValue_thenFail() throws IOException { + + ReflectionTestUtils.setField(claimSchemaValidator,"resourceLoader",resourceLoader); + ReflectionTestUtils.setField(claimSchemaValidator,"objectMapper",mapper); + ReflectionTestUtils.setField(claimSchemaValidator,"schemaUrl","classpath:/verified_claims_request_schema_test.json"); + + String address="{\"essential\":true}"; + String verifiedClaims="[{\"verification\":{\"trust_framework\":{\"value\":\"pwd\"}},\"claims\":{\"name\":null,\"email\":{\"essential\":1}}},{\"verification\":{\"trust_framework\":{\"value\":\"pwd\"}},\"claims\":{\"birthdate\":{\"essential\":true},\"address\":null}},{\"verification\":{\"trust_framework\":{\"value\":\"kf\"}},\"claims\":{\"gender\":{\"essential\":true},\"email\":{\"essential\":true}}}]"; + + JsonNode addressNode = mapper.readValue(address, JsonNode.class); + JsonNode verifiedClaimNode = mapper.readValue(verifiedClaims, JsonNode.class); + + Map userinfoMap = new HashMap<>(); + userinfoMap.put("address", addressNode); + userinfoMap.put("verified_claims", verifiedClaimNode); + Map idTokenMap = new HashMap<>(); + ClaimDetail claimDetail = new ClaimDetail("claim_value", null, true, "secondary"); + + idTokenMap.put("some_claim", claimDetail); + ClaimsV2 claimsV2 = new ClaimsV2(); + claimsV2.setUserinfo(userinfoMap); + claimsV2.setId_token(idTokenMap); + + Assert.assertFalse(claimSchemaValidator.isValid(claimsV2, null)); + } } diff --git a/esignet-core/src/test/resources/verified_claims_request_schema_test.json b/esignet-core/src/test/resources/verified_claims_request_schema_test.json new file mode 100644 index 000000000..fa4590b1f --- /dev/null +++ b/esignet-core/src/test/resources/verified_claims_request_schema_test.json @@ -0,0 +1,531 @@ +{ + "$id": "https://bitbucket.org/openid/ekyc-ida/raw/master/schema/verified_claims_request.json", + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$defs": { + "check_details": { + "type": "array", + "prefixItems": [ + { + "check_id": { + "type": "string" + }, + "check_method": { + "type": "string" + }, + "organization": { + "type": "string" + }, + "time": { + "$ref": "#/$defs/datetime_element" + } + } + ] + }, + "claims_element": { + "oneOf": [ + { + "type": "null" + }, + { + "type": "object", + "additionalProperties": { + "anyOf": [ + { + "type": "null" + }, + { + "type": "object", + "properties": { + "essential": { + "type": "boolean" + }, + "purpose": { + "type": "string", + "maxLength": 300, + "minLength": 3 + } + } + } + ] + }, + "minProperties": 1 + } + ] + }, + "constrainable_element": { + "oneOf": [ + { + "type": "null" + }, + { + "type": "object", + "properties": { + "essential": { + "type": "boolean" + }, + "purpose": { + "type": "string", + "maxLength": 300, + "minLength": 3 + }, + "value": { + "type": "string" + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1 + } + } + } + ] + }, + "datetime_element": { + "oneOf": [ + { + "type": "null" + }, + { + "type": "object", + "properties": { + "essential": { + "type": "boolean" + }, + "max_age": { + "type": "integer", + "minimum": 0 + }, + "purpose": { + "type": "string", + "maxLength": 300, + "minLength": 3 + } + } + } + ] + }, + "document_details": { + "type": "object", + "properties": { + "type": { + "$ref": "#/$defs/constrainable_element" + }, + "date_of_expiry": { + "$ref": "#/$defs/datetime_element" + }, + "date_of_issuance": { + "$ref": "#/$defs/datetime_element" + }, + "document_number": { + "$ref": "#/$defs/simple_element" + }, + "issuer": { + "type": "object", + "properties": { + "country": { + "$ref": "#/$defs/simple_element" + }, + "country_code": { + "$ref": "#/$defs/simple_element" + }, + "formatted": { + "$ref": "#/$defs/simple_element" + }, + "jurisdiction": { + "$ref": "#/$defs/simple_element" + }, + "locality": { + "$ref": "#/$defs/simple_element" + }, + "name": { + "$ref": "#/$defs/simple_element" + }, + "postal_code": { + "$ref": "#/$defs/simple_element" + }, + "region": { + "$ref": "#/$defs/simple_element" + }, + "street_address": { + "$ref": "#/$defs/simple_element" + } + } + }, + "personal_number": { + "$ref": "#/$defs/simple_element" + }, + "serial_number": { + "$ref": "#/$defs/simple_element" + } + } + }, + "evidence": { + "type": "object", + "required": [ + "type" + ], + "properties": { + "type": { + "type": "object", + "properties": { + "value": { + "enum": [ + "document", + "electronic_record", + "vouch", + "electronic_signature" + ] + } + } + }, + "attachments": { + "$ref": "#/$defs/simple_element" + } + }, + "allOf": [ + { + "if": { + "properties": { + "type": { + "value": "electronic_signature" + } + } + }, + "then": { + "properties": { + "created_at": { + "$ref": "#/$defs/datetime_element" + }, + "issuer": { + "$ref": "#/$defs/simple_element" + }, + "serial_number": { + "$ref": "#/$defs/simple_element" + }, + "signature_type": { + "$ref": "#/$defs/simple_element" + } + } + }, + "else": true + }, + { + "if": { + "properties": { + "type": { + "value": "document" + } + } + }, + "then": { + "properties": { + "check_details": { + "$ref": "#/$defs/check_details" + }, + "document_details": { + "$ref": "#/$defs/document_details" + }, + "method": { + "$ref": "#/$defs/constrainable_element" + }, + "time": { + "$ref": "#/$defs/datetime_element" + } + } + }, + "else": true + }, + { + "if": { + "properties": { + "type": { + "value": "electronic_record" + } + } + }, + "then": { + "properties": { + "check_details": { + "$ref": "#/$defs/check_details" + }, + "record": { + "type": "object", + "properties": { + "type": { + "$ref": "#/$defs/constrainable_element" + }, + "created_at": { + "$ref": "#/$defs/datetime_element" + }, + "date_of_expiry": { + "$ref": "#/$defs/datetime_element" + }, + "derived_claims": { + "$ref": "#/$defs/claims_element" + }, + "source": { + "type": "object", + "properties": { + "country": { + "$ref": "#/$defs/simple_element" + }, + "country_code": { + "$ref": "#/$defs/simple_element" + }, + "formatted": { + "$ref": "#/$defs/simple_element" + }, + "locality": { + "$ref": "#/$defs/simple_element" + }, + "name": { + "$ref": "#/$defs/simple_element" + }, + "postal_code": { + "$ref": "#/$defs/simple_element" + }, + "region": { + "$ref": "#/$defs/simple_element" + }, + "street_address": { + "$ref": "#/$defs/simple_element" + } + } + } + } + }, + "time": { + "$ref": "#/$defs/datetime_element" + } + } + }, + "else": true + }, + { + "if": { + "properties": { + "type": { + "value": "vouch" + } + } + }, + "then": { + "properties": { + "attestation": { + "type": "object", + "properties": { + "type": { + "$ref": "#/$defs/constrainable_element" + }, + "date_of_expiry": { + "$ref": "#/$defs/datetime_element" + }, + "date_of_issuance": { + "$ref": "#/$defs/datetime_element" + }, + "derived_claims": { + "$ref": "#/$defs/claims_element" + }, + "reference_number": { + "$ref": "#/$defs/simple_element" + }, + "voucher": { + "type": "object", + "properties": { + "birthdate": { + "$ref": "#/$defs/datetime_element" + }, + "country": { + "$ref": "#/$defs/simple_element" + }, + "formatted": { + "$ref": "#/$defs/simple_element" + }, + "locality": { + "$ref": "#/$defs/simple_element" + }, + "name": { + "$ref": "#/$defs/simple_element" + }, + "occupation": { + "$ref": "#/$defs/simple_element" + }, + "organization": { + "$ref": "#/$defs/simple_element" + }, + "postal_code": { + "$ref": "#/$defs/simple_element" + }, + "region": { + "$ref": "#/$defs/simple_element" + }, + "street_address": { + "$ref": "#/$defs/simple_element" + } + } + } + } + }, + "check_details": { + "$ref": "#/$defs/check_details" + }, + "time": { + "$ref": "#/$defs/datetime_element" + } + } + }, + "else": true + } + ] + }, + "simple_element": { + "oneOf": [ + { + "type": "null" + }, + { + "type": "object", + "properties": { + "essential": { + "type": "boolean" + }, + "purpose": { + "type": "string", + "maxLength": 300, + "minLength": 3 + } + } + } + ] + }, + "verified_claims": { + "oneOf": [ + { + "type": "array", + "items": { + "anyOf": [ + { + "$ref": "#/$defs/verified_claims_def" + } + ] + } + }, + { + "$ref": "#/$defs/verified_claims_def" + } + ] + }, + "verified_claims_def": { + "type": "object", + "required": [ + "verification", + "claims" + ], + "additionalProperties": false, + "properties": { + "claims": { + "$ref": "#/$defs/claims_element" + }, + "verification": { + "type": "object", + "required": [ + "trust_framework" + ], + "additionalProperties": true, + "properties": { + "assurance_level": { + "$ref": "#/$defs/constrainable_element" + }, + "assurance_process": { + "type": "object", + "properties": { + "assurance_details": { + "type": "array", + "items": { + "oneOf": [ + { + "assurance_classification": { + "$ref": "#/$defs/constrainable_element" + }, + "assurance_type": { + "$ref": "#/$defs/constrainable_element" + }, + "evidence_ref": { + "type": "object", + "required": [ + "txn" + ], + "additionalProperties": true, + "properties": { + "evidence_classification": { + "$ref": "#/$defs/constrainable_element" + }, + "evidence_metadata": { + "$ref": "#/$defs/constrainable_element" + }, + "txn": { + "$ref": "#/$defs/constrainable_element" + } + } + } + } + ] + }, + "minItems": 1 + }, + "policy": { + "$ref": "#/$defs/constrainable_element" + }, + "procedure": { + "$ref": "#/$defs/constrainable_element" + } + } + }, + "evidence": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/$defs/evidence" + } + ] + }, + "minItems": 1 + }, + "time": { + "$ref": "#/$defs/datetime_element" + }, + "trust_framework": { + "$ref": "#/$defs/constrainable_element" + }, + "verification_process": { + "$ref": "#/$defs/simple_element" + } + } + } + } + } + }, + "properties": { + "id_token": { + "type": "object", + "additionalProperties": true, + "properties": { + "verified_claims": { + "$ref": "#/$defs/verified_claims" + } + } + }, + "userinfo": { + "type": "object", + "additionalProperties": true, + "properties": { + "verified_claims": { + "$ref": "#/$defs/verified_claims" + } + } + } + } +} \ No newline at end of file diff --git a/esignet-service/pom.xml b/esignet-service/pom.xml index d95ff5c6f..2d26c4e8e 100644 --- a/esignet-service/pom.xml +++ b/esignet-service/pom.xml @@ -21,7 +21,6 @@ 11 2.9.5 2.9.8 - 2.12.0 2.12.0 2.12.0 diff --git a/esignet-service/src/main/resources/application-default.properties b/esignet-service/src/main/resources/application-default.properties index ec4b72574..5fd499d4b 100644 --- a/esignet-service/src/main/resources/application-default.properties +++ b/esignet-service/src/main/resources/application-default.properties @@ -72,6 +72,7 @@ mosip.esignet.signup-id-token-audience=mosip-signup-oauth-client ## Transaction halted with prepare-signup-redirect wait time to resume back with complete-signup-redirect API mosip.esignet.signup.halt.expire-seconds=1800 + ## ------------------------------------------ e-Signet binding --------------------------------------------------------- mosip.esignet.binding.salt-length=16 mosip.esignet.binding.audience-id=esignet-binding diff --git a/esignet-service/src/main/resources/verified_claims_request_schema.json b/esignet-service/src/main/resources/verified_claims_request_schema.json new file mode 100644 index 000000000..e132eca4f --- /dev/null +++ b/esignet-service/src/main/resources/verified_claims_request_schema.json @@ -0,0 +1,545 @@ +{ + "$id": "https://bitbucket.org/openid/ekyc-ida/raw/master/schema/verified_claims_request.json", + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$defs": { + "check_details": { + "type": "array", + "prefixItems": [ + { + "check_id": { + "type": "string" + }, + "check_method": { + "type": "string" + }, + "organization": { + "type": "string" + }, + "time": { + "$ref": "#/$defs/datetime_element" + } + } + ] + }, + "claims_element": { + "oneOf": [ + { + "type": "null" + }, + { + "type": "object", + "additionalProperties": { + "anyOf": [ + { + "type": "null" + }, + { + "type": "object", + "properties": { + "essential": { + "type": "boolean" + }, + "purpose": { + "type": "string", + "maxLength": 300, + "minLength": 3 + }, + "value":{ + "type": "string", + "minLength": 3, + "pattern": "\\S" + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1 + } + } + } + ] + }, + "minProperties": 1 + } + ] + }, + "constrainable_element": { + "oneOf": [ + { + "type": "null" + }, + { + "type": "object", + "properties": { + "essential": { + "type": "boolean" + }, + "purpose": { + "type": "string", + "maxLength": 300, + "minLength": 3 + }, + "value": { + "type": "string", + "minLength": 3, + "pattern": "\\S" + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1 + } + } + } + ] + }, + "datetime_element": { + "oneOf": [ + { + "type": "null" + }, + { + "type": "object", + "properties": { + "essential": { + "type": "boolean" + }, + "max_age": { + "type": "integer", + "minimum": 0 + }, + "purpose": { + "type": "string", + "maxLength": 300, + "minLength": 3 + } + } + } + ] + }, + "document_details": { + "type": "object", + "properties": { + "type": { + "$ref": "#/$defs/constrainable_element" + }, + "date_of_expiry": { + "$ref": "#/$defs/datetime_element" + }, + "date_of_issuance": { + "$ref": "#/$defs/datetime_element" + }, + "document_number": { + "$ref": "#/$defs/simple_element" + }, + "issuer": { + "type": "object", + "properties": { + "country": { + "$ref": "#/$defs/simple_element" + }, + "country_code": { + "$ref": "#/$defs/simple_element" + }, + "formatted": { + "$ref": "#/$defs/simple_element" + }, + "jurisdiction": { + "$ref": "#/$defs/simple_element" + }, + "locality": { + "$ref": "#/$defs/simple_element" + }, + "name": { + "$ref": "#/$defs/simple_element" + }, + "postal_code": { + "$ref": "#/$defs/simple_element" + }, + "region": { + "$ref": "#/$defs/simple_element" + }, + "street_address": { + "$ref": "#/$defs/simple_element" + } + } + }, + "personal_number": { + "$ref": "#/$defs/simple_element" + }, + "serial_number": { + "$ref": "#/$defs/simple_element" + } + } + }, + "evidence": { + "type": "object", + "required": [ + "type" + ], + "properties": { + "type": { + "type": "object", + "properties": { + "value": { + "enum": [ + "document", + "electronic_record", + "vouch", + "electronic_signature" + ] + } + } + }, + "attachments": { + "$ref": "#/$defs/simple_element" + } + }, + "allOf": [ + { + "if": { + "properties": { + "type": { + "value": "electronic_signature" + } + } + }, + "then": { + "properties": { + "created_at": { + "$ref": "#/$defs/datetime_element" + }, + "issuer": { + "$ref": "#/$defs/simple_element" + }, + "serial_number": { + "$ref": "#/$defs/simple_element" + }, + "signature_type": { + "$ref": "#/$defs/simple_element" + } + } + }, + "else": true + }, + { + "if": { + "properties": { + "type": { + "value": "document" + } + } + }, + "then": { + "properties": { + "check_details": { + "$ref": "#/$defs/check_details" + }, + "document_details": { + "$ref": "#/$defs/document_details" + }, + "method": { + "$ref": "#/$defs/constrainable_element" + }, + "time": { + "$ref": "#/$defs/datetime_element" + } + } + }, + "else": true + }, + { + "if": { + "properties": { + "type": { + "value": "electronic_record" + } + } + }, + "then": { + "properties": { + "check_details": { + "$ref": "#/$defs/check_details" + }, + "record": { + "type": "object", + "properties": { + "type": { + "$ref": "#/$defs/constrainable_element" + }, + "created_at": { + "$ref": "#/$defs/datetime_element" + }, + "date_of_expiry": { + "$ref": "#/$defs/datetime_element" + }, + "derived_claims": { + "$ref": "#/$defs/claims_element" + }, + "source": { + "type": "object", + "properties": { + "country": { + "$ref": "#/$defs/simple_element" + }, + "country_code": { + "$ref": "#/$defs/simple_element" + }, + "formatted": { + "$ref": "#/$defs/simple_element" + }, + "locality": { + "$ref": "#/$defs/simple_element" + }, + "name": { + "$ref": "#/$defs/simple_element" + }, + "postal_code": { + "$ref": "#/$defs/simple_element" + }, + "region": { + "$ref": "#/$defs/simple_element" + }, + "street_address": { + "$ref": "#/$defs/simple_element" + } + } + } + } + }, + "time": { + "$ref": "#/$defs/datetime_element" + } + } + }, + "else": true + }, + { + "if": { + "properties": { + "type": { + "value": "vouch" + } + } + }, + "then": { + "properties": { + "attestation": { + "type": "object", + "properties": { + "type": { + "$ref": "#/$defs/constrainable_element" + }, + "date_of_expiry": { + "$ref": "#/$defs/datetime_element" + }, + "date_of_issuance": { + "$ref": "#/$defs/datetime_element" + }, + "derived_claims": { + "$ref": "#/$defs/claims_element" + }, + "reference_number": { + "$ref": "#/$defs/simple_element" + }, + "voucher": { + "type": "object", + "properties": { + "birthdate": { + "$ref": "#/$defs/datetime_element" + }, + "country": { + "$ref": "#/$defs/simple_element" + }, + "formatted": { + "$ref": "#/$defs/simple_element" + }, + "locality": { + "$ref": "#/$defs/simple_element" + }, + "name": { + "$ref": "#/$defs/simple_element" + }, + "occupation": { + "$ref": "#/$defs/simple_element" + }, + "organization": { + "$ref": "#/$defs/simple_element" + }, + "postal_code": { + "$ref": "#/$defs/simple_element" + }, + "region": { + "$ref": "#/$defs/simple_element" + }, + "street_address": { + "$ref": "#/$defs/simple_element" + } + } + } + } + }, + "check_details": { + "$ref": "#/$defs/check_details" + }, + "time": { + "$ref": "#/$defs/datetime_element" + } + } + }, + "else": true + } + ] + }, + "simple_element": { + "oneOf": [ + { + "type": "null" + }, + { + "type": "object", + "properties": { + "essential": { + "type": "boolean" + }, + "purpose": { + "type": "string", + "maxLength": 300, + "minLength": 3 + } + } + } + ] + }, + "verified_claims": { + "oneOf": [ + { + "type": "array", + "items": { + "anyOf": [ + { + "$ref": "#/$defs/verified_claims_def" + } + ] + } + }, + { + "$ref": "#/$defs/verified_claims_def" + } + ] + }, + "verified_claims_def": { + "type": "object", + "required": [ + "verification", + "claims" + ], + "additionalProperties": false, + "properties": { + "claims": { + "$ref": "#/$defs/claims_element" + }, + "verification": { + "type": "object", + "required": [ + "trust_framework" + ], + "additionalProperties": true, + "properties": { + "assurance_level": { + "$ref": "#/$defs/constrainable_element" + }, + "assurance_process": { + "type": "object", + "properties": { + "assurance_details": { + "type": "array", + "items": { + "oneOf": [ + { + "assurance_classification": { + "$ref": "#/$defs/constrainable_element" + }, + "assurance_type": { + "$ref": "#/$defs/constrainable_element" + }, + "evidence_ref": { + "type": "object", + "required": [ + "txn" + ], + "additionalProperties": true, + "properties": { + "evidence_classification": { + "$ref": "#/$defs/constrainable_element" + }, + "evidence_metadata": { + "$ref": "#/$defs/constrainable_element" + }, + "txn": { + "$ref": "#/$defs/constrainable_element" + } + } + } + } + ] + }, + "minItems": 1 + }, + "policy": { + "$ref": "#/$defs/constrainable_element" + }, + "procedure": { + "$ref": "#/$defs/constrainable_element" + } + } + }, + "evidence": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/$defs/evidence" + } + ] + }, + "minItems": 1 + }, + "time": { + "$ref": "#/$defs/datetime_element" + }, + "trust_framework": { + "$ref": "#/$defs/constrainable_element" + }, + "verification_process": { + "$ref": "#/$defs/simple_element" + } + } + } + } + } + }, + "properties": { + "id_token": { + "type": "object", + "additionalProperties": true, + "properties": { + "verified_claims": { + "$ref": "#/$defs/verified_claims" + } + } + }, + "userinfo": { + "type": "object", + "additionalProperties": true, + "properties": { + "verified_claims": { + "$ref": "#/$defs/verified_claims" + } + } + } + } +} \ No newline at end of file diff --git a/esignet-service/src/test/java/io/mosip/esignet/controllers/AuthorizationControllerTest.java b/esignet-service/src/test/java/io/mosip/esignet/controllers/AuthorizationControllerTest.java index 8453bcd6d..24005d003 100644 --- a/esignet-service/src/test/java/io/mosip/esignet/controllers/AuthorizationControllerTest.java +++ b/esignet-service/src/test/java/io/mosip/esignet/controllers/AuthorizationControllerTest.java @@ -5,8 +5,12 @@ */ package io.mosip.esignet.controllers; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; import io.mosip.esignet.api.dto.AuthChallenge; +import io.mosip.esignet.api.dto.claim.ClaimDetail; +import io.mosip.esignet.api.dto.claim.ClaimsV2; import io.mosip.esignet.api.spi.AuditPlugin; import io.mosip.esignet.api.util.ConsentAction; import io.mosip.esignet.core.config.LocalAuthenticationEntryPoint; @@ -27,12 +31,15 @@ import org.junit.runner.RunWith; import org.mockito.Mockito; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest; import org.springframework.boot.test.mock.mockito.MockBean; + import org.springframework.http.MediaType; import org.springframework.test.context.junit4.SpringRunner; import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.MvcResult; +import org.springframework.web.client.RestTemplate; import java.time.ZoneOffset; import java.time.ZonedDateTime; @@ -73,18 +80,52 @@ public class AuthorizationControllerTest { @MockBean CacheUtilService cacheUtilService; + + @MockBean + RestTemplate restTemplate; + @MockBean LocalAuthenticationEntryPoint localAuthenticationEntryPoint; + + @Value("${mosip.esignet.claims.schema.url}") + private String schemaUrl; + ObjectMapper objectMapper = new ObjectMapper(); + ClaimDetail claimDetail; + + ClaimsV2 claimsV2; + + + @Before - public void init() throws EsignetException { + public void init() throws EsignetException, JsonProcessingException { HashSet acrValues = new HashSet<>(); acrValues.add("mosip:idp:acr:static-code"); acrValues.add("mosip:idp:acr:biometrics"); acrValues.add("mosip:idp:acr:linked-wallet"); when(authenticationContextClassRefUtil.getSupportedACRValues()).thenReturn(acrValues); + + String address="{\"essential\":true}"; + String verifiedClaims="[{\"verification\":{\"trust_framework\":{\"value\":\"pwd\"}},\"claims\":{\"name\":null,\"email\":{\"essential\":1}}},{\"verification\":{\"trust_framework\":{\"value\":\"pwd\"}},\"claims\":{\"birthdate\":{\"essential\":true},\"address\":null}},{\"verification\":{\"trust_framework\":{\"value\":\"kaif\"}},\"claims\":{\"gender\":{\"essential\":true},\"email\":{\"essential\":true}}}]"; + + JsonNode addressNode = objectMapper.readValue(address, JsonNode.class); + JsonNode verifiedClaimNode = objectMapper.readValue(verifiedClaims, JsonNode.class); + + Map userinfoMap = new HashMap<>(); + userinfoMap.put("address", addressNode); + userinfoMap.put("verified_claims", verifiedClaimNode); + Map idTokenMap = new HashMap<>(); + + + claimDetail = new ClaimDetail("claim_value", null, true, "secondary"); + + idTokenMap.put("some_claim", claimDetail); + ClaimsV2 claimsV2 = new ClaimsV2(); + claimsV2.setUserinfo(userinfoMap); + claimsV2.setId_token(idTokenMap); + } @@ -125,6 +166,7 @@ public void getOauthDetails_withInvalidRedirectUri_returnErrorResponse() throws oauthDetailRequest.setPrompt("login"); oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -149,11 +191,13 @@ public void getOauthDetails_withInvalidAcr_returnSuccessResponse() throws Except oauthDetailRequest.setPrompt("login"); oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); wrapper.setRequest(oauthDetailRequest); + OAuthDetailResponseV1 oauthDetailResponse = new OAuthDetailResponseV1(); oauthDetailResponse.setTransactionId("qwertyId"); when(authorizationService.getOauthDetails(oauthDetailRequest)).thenReturn(oauthDetailResponse); @@ -176,6 +220,7 @@ public void getOauthDetails_withInvalidDisplay_returnErrorResponse() throws Exce oauthDetailRequest.setPrompt("login"); oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -200,6 +245,7 @@ public void getOauthDetails_withInvalidPrompt_returnErrorResponse() throws Excep oauthDetailRequest.setPrompt("touch"); oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -224,6 +270,7 @@ public void getOauthDetails_withInvalidResponseType_returnErrorResponse() throws oauthDetailRequest.setPrompt("none"); oauthDetailRequest.setResponseType("implicit"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -248,6 +295,7 @@ public void getOauthDetails_withOnlyOpenIdScope_returnSuccessResponse() throws E oauthDetailRequest.setPrompt("login"); oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -275,6 +323,7 @@ public void getOauthDetails_withOutOpenIdScope_returnSuccessResponse() throws Ex oauthDetailRequest.setPrompt("login"); oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -299,6 +348,7 @@ public void getOauthDetails_withOpenIdScope_returnSuccessResponse() throws Excep oauthDetailRequest.setPrompt("login"); oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -326,6 +376,7 @@ public void getOauthDetails_withOnlyAuthorizeScope_returnSuccessResponse() throw oauthDetailRequest.setPrompt("login"); oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -353,6 +404,7 @@ public void getOauthDetails_withAuthorizeAndOpenIdScope_returnSuccessResponse() oauthDetailRequest.setPrompt("login"); oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -396,6 +448,7 @@ public void getOauthDetailsV2_withInvalidTimestamp_returnErrorResponse() throws oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); requestTime = requestTime.plusMinutes(10); @@ -430,6 +483,7 @@ public void getOauthDetailsV2_withInvalidRedirectUri_returnErrorResponse() throw oauthDetailRequest.setPrompt("login"); oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -461,6 +515,7 @@ public void getOauthDetailsV2_withInvalidAcr_returnSuccessResponse() throws Exce oauthDetailRequest.setPrompt("login"); oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -496,6 +551,7 @@ public void getOauthDetailsV2_withInvalidChallengeCode_returnErrorResponse() thr oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); oauthDetailRequest.setCodeChallenge("123"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -529,6 +585,7 @@ public void getOauthDetailsV2_withUnsupportedChallengeCodeMethod_returnErrorResp oauthDetailRequest.setNonce("23424234TY"); oauthDetailRequest.setCodeChallenge("123"); oauthDetailRequest.setCodeChallengeMethod("S123"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -561,6 +618,7 @@ public void getOauthDetailsV2_withInvalidDisplay_returnErrorResponse() throws Ex oauthDetailRequest.setPrompt("login"); oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -592,6 +650,7 @@ public void getOauthDetailsV2_withInvalidPrompt_returnErrorResponse() throws Exc oauthDetailRequest.setPrompt("touch"); oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -623,6 +682,7 @@ public void getOauthDetailsV2_withInvalidResponseType_returnErrorResponse() thro oauthDetailRequest.setPrompt("none"); oauthDetailRequest.setResponseType("implicit"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -654,6 +714,7 @@ public void getOauthDetailsV2_withOnlyOpenIdScope_returnSuccessResponse() throws oauthDetailRequest.setPrompt("login"); oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -688,6 +749,7 @@ public void getOauthDetailsV2_withOutOpenIdScope_returnErrorResponse() throws Ex oauthDetailRequest.setPrompt("login"); oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -719,6 +781,7 @@ public void getOauthDetailsV2_withOpenIdScope_returnSuccessResponse() throws Exc oauthDetailRequest.setPrompt("login"); oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -753,6 +816,7 @@ public void getOauthDetailsV2_withOnlyAuthorizeScope_returnSuccessResponse() thr oauthDetailRequest.setPrompt("login"); oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); @@ -787,6 +851,7 @@ public void getOauthDetailsV2_withAuthorizeAndOpenIdScope_returnSuccessResponse( oauthDetailRequest.setPrompt("login"); oauthDetailRequest.setResponseType("code"); oauthDetailRequest.setNonce("23424234TY"); + oauthDetailRequest.setClaims(claimsV2); ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); RequestWrapper wrapper = new RequestWrapper<>(); wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); diff --git a/esignet-service/src/test/java/io/mosip/esignet/flows/AuthCodeFlowTest.java b/esignet-service/src/test/java/io/mosip/esignet/flows/AuthCodeFlowTest.java index cd557038a..695f03f33 100644 --- a/esignet-service/src/test/java/io/mosip/esignet/flows/AuthCodeFlowTest.java +++ b/esignet-service/src/test/java/io/mosip/esignet/flows/AuthCodeFlowTest.java @@ -49,6 +49,8 @@ import org.springframework.data.redis.connection.RedisScriptingCommands; import org.springframework.data.redis.connection.ReturnType; import org.springframework.http.HttpStatus; +import org.springframework.boot.test.mock.mockito.MockBean; +import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; import org.springframework.test.context.junit4.SpringRunner; @@ -73,6 +75,8 @@ import static org.mockito.ArgumentMatchers.*; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; import static org.springframework.test.web.client.match.MockRestRequestMatchers.requestTo; import static org.springframework.test.web.client.response.MockRestResponseCreators.withSuccess; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; diff --git a/esignet-service/src/test/java/io/mosip/esignet/flows/AuthorizationAPIFlowTest.java b/esignet-service/src/test/java/io/mosip/esignet/flows/AuthorizationAPIFlowTest.java index ccbb42fc3..de819609a 100644 --- a/esignet-service/src/test/java/io/mosip/esignet/flows/AuthorizationAPIFlowTest.java +++ b/esignet-service/src/test/java/io/mosip/esignet/flows/AuthorizationAPIFlowTest.java @@ -47,6 +47,7 @@ import org.springframework.data.redis.connection.RedisConnectionFactory; import org.springframework.data.redis.connection.RedisScriptingCommands; import org.springframework.data.redis.connection.ReturnType; +import org.springframework.boot.test.mock.mockito.MockBean; import org.springframework.http.MediaType; import org.springframework.test.context.junit4.SpringRunner; import org.springframework.test.util.ReflectionTestUtils; diff --git a/esignet-service/src/test/resources/application-test.properties b/esignet-service/src/test/resources/application-test.properties index 10b401447..bb746f7b9 100644 --- a/esignet-service/src/test/resources/application-test.properties +++ b/esignet-service/src/test/resources/application-test.properties @@ -51,6 +51,9 @@ mosip.esignet.host=http://localhost:8088 mosip.esignet.signup-id-token-expire-seconds=180 mosip.esignet.signup-id-token-audience=mosip-signup-client + +mosip.esignet.claims.schema.url=classpath:/verified_claims_request_schema_test.json + ## ------------------------------------------ e-Signet binding --------------------------------------------------------- mosip.esignet.binding.salt-length=16 diff --git a/esignet-service/src/test/resources/verified_claims_request_schema_test.json b/esignet-service/src/test/resources/verified_claims_request_schema_test.json new file mode 100644 index 000000000..fa4590b1f --- /dev/null +++ b/esignet-service/src/test/resources/verified_claims_request_schema_test.json @@ -0,0 +1,531 @@ +{ + "$id": "https://bitbucket.org/openid/ekyc-ida/raw/master/schema/verified_claims_request.json", + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$defs": { + "check_details": { + "type": "array", + "prefixItems": [ + { + "check_id": { + "type": "string" + }, + "check_method": { + "type": "string" + }, + "organization": { + "type": "string" + }, + "time": { + "$ref": "#/$defs/datetime_element" + } + } + ] + }, + "claims_element": { + "oneOf": [ + { + "type": "null" + }, + { + "type": "object", + "additionalProperties": { + "anyOf": [ + { + "type": "null" + }, + { + "type": "object", + "properties": { + "essential": { + "type": "boolean" + }, + "purpose": { + "type": "string", + "maxLength": 300, + "minLength": 3 + } + } + } + ] + }, + "minProperties": 1 + } + ] + }, + "constrainable_element": { + "oneOf": [ + { + "type": "null" + }, + { + "type": "object", + "properties": { + "essential": { + "type": "boolean" + }, + "purpose": { + "type": "string", + "maxLength": 300, + "minLength": 3 + }, + "value": { + "type": "string" + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1 + } + } + } + ] + }, + "datetime_element": { + "oneOf": [ + { + "type": "null" + }, + { + "type": "object", + "properties": { + "essential": { + "type": "boolean" + }, + "max_age": { + "type": "integer", + "minimum": 0 + }, + "purpose": { + "type": "string", + "maxLength": 300, + "minLength": 3 + } + } + } + ] + }, + "document_details": { + "type": "object", + "properties": { + "type": { + "$ref": "#/$defs/constrainable_element" + }, + "date_of_expiry": { + "$ref": "#/$defs/datetime_element" + }, + "date_of_issuance": { + "$ref": "#/$defs/datetime_element" + }, + "document_number": { + "$ref": "#/$defs/simple_element" + }, + "issuer": { + "type": "object", + "properties": { + "country": { + "$ref": "#/$defs/simple_element" + }, + "country_code": { + "$ref": "#/$defs/simple_element" + }, + "formatted": { + "$ref": "#/$defs/simple_element" + }, + "jurisdiction": { + "$ref": "#/$defs/simple_element" + }, + "locality": { + "$ref": "#/$defs/simple_element" + }, + "name": { + "$ref": "#/$defs/simple_element" + }, + "postal_code": { + "$ref": "#/$defs/simple_element" + }, + "region": { + "$ref": "#/$defs/simple_element" + }, + "street_address": { + "$ref": "#/$defs/simple_element" + } + } + }, + "personal_number": { + "$ref": "#/$defs/simple_element" + }, + "serial_number": { + "$ref": "#/$defs/simple_element" + } + } + }, + "evidence": { + "type": "object", + "required": [ + "type" + ], + "properties": { + "type": { + "type": "object", + "properties": { + "value": { + "enum": [ + "document", + "electronic_record", + "vouch", + "electronic_signature" + ] + } + } + }, + "attachments": { + "$ref": "#/$defs/simple_element" + } + }, + "allOf": [ + { + "if": { + "properties": { + "type": { + "value": "electronic_signature" + } + } + }, + "then": { + "properties": { + "created_at": { + "$ref": "#/$defs/datetime_element" + }, + "issuer": { + "$ref": "#/$defs/simple_element" + }, + "serial_number": { + "$ref": "#/$defs/simple_element" + }, + "signature_type": { + "$ref": "#/$defs/simple_element" + } + } + }, + "else": true + }, + { + "if": { + "properties": { + "type": { + "value": "document" + } + } + }, + "then": { + "properties": { + "check_details": { + "$ref": "#/$defs/check_details" + }, + "document_details": { + "$ref": "#/$defs/document_details" + }, + "method": { + "$ref": "#/$defs/constrainable_element" + }, + "time": { + "$ref": "#/$defs/datetime_element" + } + } + }, + "else": true + }, + { + "if": { + "properties": { + "type": { + "value": "electronic_record" + } + } + }, + "then": { + "properties": { + "check_details": { + "$ref": "#/$defs/check_details" + }, + "record": { + "type": "object", + "properties": { + "type": { + "$ref": "#/$defs/constrainable_element" + }, + "created_at": { + "$ref": "#/$defs/datetime_element" + }, + "date_of_expiry": { + "$ref": "#/$defs/datetime_element" + }, + "derived_claims": { + "$ref": "#/$defs/claims_element" + }, + "source": { + "type": "object", + "properties": { + "country": { + "$ref": "#/$defs/simple_element" + }, + "country_code": { + "$ref": "#/$defs/simple_element" + }, + "formatted": { + "$ref": "#/$defs/simple_element" + }, + "locality": { + "$ref": "#/$defs/simple_element" + }, + "name": { + "$ref": "#/$defs/simple_element" + }, + "postal_code": { + "$ref": "#/$defs/simple_element" + }, + "region": { + "$ref": "#/$defs/simple_element" + }, + "street_address": { + "$ref": "#/$defs/simple_element" + } + } + } + } + }, + "time": { + "$ref": "#/$defs/datetime_element" + } + } + }, + "else": true + }, + { + "if": { + "properties": { + "type": { + "value": "vouch" + } + } + }, + "then": { + "properties": { + "attestation": { + "type": "object", + "properties": { + "type": { + "$ref": "#/$defs/constrainable_element" + }, + "date_of_expiry": { + "$ref": "#/$defs/datetime_element" + }, + "date_of_issuance": { + "$ref": "#/$defs/datetime_element" + }, + "derived_claims": { + "$ref": "#/$defs/claims_element" + }, + "reference_number": { + "$ref": "#/$defs/simple_element" + }, + "voucher": { + "type": "object", + "properties": { + "birthdate": { + "$ref": "#/$defs/datetime_element" + }, + "country": { + "$ref": "#/$defs/simple_element" + }, + "formatted": { + "$ref": "#/$defs/simple_element" + }, + "locality": { + "$ref": "#/$defs/simple_element" + }, + "name": { + "$ref": "#/$defs/simple_element" + }, + "occupation": { + "$ref": "#/$defs/simple_element" + }, + "organization": { + "$ref": "#/$defs/simple_element" + }, + "postal_code": { + "$ref": "#/$defs/simple_element" + }, + "region": { + "$ref": "#/$defs/simple_element" + }, + "street_address": { + "$ref": "#/$defs/simple_element" + } + } + } + } + }, + "check_details": { + "$ref": "#/$defs/check_details" + }, + "time": { + "$ref": "#/$defs/datetime_element" + } + } + }, + "else": true + } + ] + }, + "simple_element": { + "oneOf": [ + { + "type": "null" + }, + { + "type": "object", + "properties": { + "essential": { + "type": "boolean" + }, + "purpose": { + "type": "string", + "maxLength": 300, + "minLength": 3 + } + } + } + ] + }, + "verified_claims": { + "oneOf": [ + { + "type": "array", + "items": { + "anyOf": [ + { + "$ref": "#/$defs/verified_claims_def" + } + ] + } + }, + { + "$ref": "#/$defs/verified_claims_def" + } + ] + }, + "verified_claims_def": { + "type": "object", + "required": [ + "verification", + "claims" + ], + "additionalProperties": false, + "properties": { + "claims": { + "$ref": "#/$defs/claims_element" + }, + "verification": { + "type": "object", + "required": [ + "trust_framework" + ], + "additionalProperties": true, + "properties": { + "assurance_level": { + "$ref": "#/$defs/constrainable_element" + }, + "assurance_process": { + "type": "object", + "properties": { + "assurance_details": { + "type": "array", + "items": { + "oneOf": [ + { + "assurance_classification": { + "$ref": "#/$defs/constrainable_element" + }, + "assurance_type": { + "$ref": "#/$defs/constrainable_element" + }, + "evidence_ref": { + "type": "object", + "required": [ + "txn" + ], + "additionalProperties": true, + "properties": { + "evidence_classification": { + "$ref": "#/$defs/constrainable_element" + }, + "evidence_metadata": { + "$ref": "#/$defs/constrainable_element" + }, + "txn": { + "$ref": "#/$defs/constrainable_element" + } + } + } + } + ] + }, + "minItems": 1 + }, + "policy": { + "$ref": "#/$defs/constrainable_element" + }, + "procedure": { + "$ref": "#/$defs/constrainable_element" + } + } + }, + "evidence": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/$defs/evidence" + } + ] + }, + "minItems": 1 + }, + "time": { + "$ref": "#/$defs/datetime_element" + }, + "trust_framework": { + "$ref": "#/$defs/constrainable_element" + }, + "verification_process": { + "$ref": "#/$defs/simple_element" + } + } + } + } + } + }, + "properties": { + "id_token": { + "type": "object", + "additionalProperties": true, + "properties": { + "verified_claims": { + "$ref": "#/$defs/verified_claims" + } + } + }, + "userinfo": { + "type": "object", + "additionalProperties": true, + "properties": { + "verified_claims": { + "$ref": "#/$defs/verified_claims" + } + } + } + } +} \ No newline at end of file diff --git a/pom.xml b/pom.xml index ffbac7975..ed686c59d 100644 --- a/pom.xml +++ b/pom.xml @@ -89,7 +89,7 @@ 3.7.0.1746 3.2.0 2.3 - + 2.15.0 Hoxton.SR8 2.3.6.RELEASE @@ -209,6 +209,26 @@ + + + + com.fasterxml.jackson.core + jackson-databind + ${jackson.databind} + + + com.fasterxml.jackson.core + jackson-annotations + ${jackson.databind} + + + com.fasterxml.jackson.core + jackson-core + ${jackson.databind} + + + + From 27983d932bd91dc79addc86f34a420c70d9c16fd Mon Sep 17 00:00:00 2001 From: Nandhukumar Date: Fri, 17 Jan 2025 17:02:20 +0530 Subject: [PATCH 4/5] ES-2147 - Moved 151 changes from develop (#1113) * MOSIP-36485 Signed-off-by: Nandhukumar * MOSIP-36485 Signed-off-by: Nandhukumar * MOSIP-36485 Signed-off-by: Nandhukumar * ES-2147 Signed-off-by: Nandhukumar * ES-2147 Signed-off-by: Nandhukumar --------- Signed-off-by: Nandhukumar --- .../testscripts/SimplePostForAutoGenId.java | 1 + .../apirig/esignet/utils/EsignetUtil.java | 8 +- .../AuthenticateUser/AuthenticateUser.yml | 2 +- .../OAuthDetailsRequestConsent.yml | 14 +- .../OAuthDetailsRequestLinkedConsent.yml | 38 +++- .../OAuthDetailsRequest.yml | 214 +++++++----------- .../OAuthDetailsRequestNonAuth.yml | 52 ++--- .../OAuthDetailsRequestNullClaims.hbs | 16 ++ .../OAuthDetailsRequest.yml | 14 +- .../OAuthDetailsRequest.yml | 4 +- .../OAuthDetailsRequestSunBirdC.yml | 2 +- .../OAuthDetailsRequestSunBirdCNegTC.yml | 56 ++--- 12 files changed, 212 insertions(+), 209 deletions(-) create mode 100644 api-test/src/main/resources/esignet/OAuthDetailsRequest/OAuthDetailsRequestNullClaims.hbs diff --git a/api-test/src/main/java/io/mosip/testrig/apirig/esignet/testscripts/SimplePostForAutoGenId.java b/api-test/src/main/java/io/mosip/testrig/apirig/esignet/testscripts/SimplePostForAutoGenId.java index 5db0bb6c9..a58815946 100644 --- a/api-test/src/main/java/io/mosip/testrig/apirig/esignet/testscripts/SimplePostForAutoGenId.java +++ b/api-test/src/main/java/io/mosip/testrig/apirig/esignet/testscripts/SimplePostForAutoGenId.java @@ -165,6 +165,7 @@ public void test(TestCaseDTO testCaseDTO) //tempUrl = ApplnURI.replace(GlobalConstants.API_INTERNAL, ConfigManager.getSunBirdBaseURL()); testCaseDTO.setEndPoint(testCaseDTO.getEndPoint().replace("$SUNBIRDBASEURL$", "")); } + inputJson = EsignetUtil.inputstringKeyWordHandeler(inputJson, testCaseName); if ((testCaseName.contains("_AuthorizationCode_")) || (testCaseName.contains("_AuthToken_Xsrf_"))) { response = postRequestWithCookieAuthHeaderAndXsrfTokenForAutoGenId( tempUrl + testCaseDTO.getEndPoint(), inputJson, COOKIENAME, testCaseDTO.getTestCaseName(), diff --git a/api-test/src/main/java/io/mosip/testrig/apirig/esignet/utils/EsignetUtil.java b/api-test/src/main/java/io/mosip/testrig/apirig/esignet/utils/EsignetUtil.java index 70ffec3c4..c46e70bec 100644 --- a/api-test/src/main/java/io/mosip/testrig/apirig/esignet/utils/EsignetUtil.java +++ b/api-test/src/main/java/io/mosip/testrig/apirig/esignet/utils/EsignetUtil.java @@ -1,6 +1,7 @@ package io.mosip.testrig.apirig.esignet.utils; import java.util.Arrays; +import java.util.Calendar; import java.util.HashMap; import java.util.Map; import java.util.Set; @@ -235,9 +236,14 @@ public static String isTestCaseValidForExecution(TestCaseDTO testCaseDTO) { } public static String inputstringKeyWordHandeler(String jsonString, String testCaseName) { - if (jsonString.contains(GlobalConstants.TIMESTAMP)) + if (jsonString.contains(GlobalConstants.TIMESTAMP)) { jsonString = replaceKeywordValue(jsonString, GlobalConstants.TIMESTAMP, generateCurrentUTCTimeStamp()); + } + if (jsonString.contains("$UNIQUENONCEVALUEFORESIGNET$")) { + jsonString = replaceKeywordValue(jsonString, "$UNIQUENONCEVALUEFORESIGNET$", + String.valueOf(Calendar.getInstance().getTimeInMillis())); + } return jsonString; diff --git a/api-test/src/main/resources/esignet/AuthenticateUser/AuthenticateUser.yml b/api-test/src/main/resources/esignet/AuthenticateUser/AuthenticateUser.yml index aedb8b76e..a5d780b9d 100644 --- a/api-test/src/main/resources/esignet/AuthenticateUser/AuthenticateUser.yml +++ b/api-test/src/main/resources/esignet/AuthenticateUser/AuthenticateUser.yml @@ -961,7 +961,7 @@ AuthenticateUser: output: '{ "errors": [ { - "errorCode": "invalid_challenge_length", + "errorCode": "invalid_auth_factor_type", "errorMessage": "$IGNORE$" } ], diff --git a/api-test/src/main/resources/esignet/Consent/OAuthDetailsRequestConsent/OAuthDetailsRequestConsent.yml b/api-test/src/main/resources/esignet/Consent/OAuthDetailsRequestConsent/OAuthDetailsRequestConsent.yml index 991d65438..0a11f4d06 100644 --- a/api-test/src/main/resources/esignet/Consent/OAuthDetailsRequestConsent/OAuthDetailsRequestConsent.yml +++ b/api-test/src/main/resources/esignet/Consent/OAuthDetailsRequestConsent/OAuthDetailsRequestConsent.yml @@ -16,7 +16,7 @@ OAuthDetailsRequestConsent: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -41,7 +41,7 @@ OAuthDetailsRequestConsent: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -66,7 +66,7 @@ OAuthDetailsRequestConsent: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -91,7 +91,7 @@ OAuthDetailsRequestConsent: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -116,7 +116,7 @@ OAuthDetailsRequestConsent: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -141,7 +141,7 @@ OAuthDetailsRequestConsent: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -166,7 +166,7 @@ OAuthDetailsRequestConsent: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' diff --git a/api-test/src/main/resources/esignet/LinkedConsent/OAuthDetailsRequestLinkedConsent/OAuthDetailsRequestLinkedConsent.yml b/api-test/src/main/resources/esignet/LinkedConsent/OAuthDetailsRequestLinkedConsent/OAuthDetailsRequestLinkedConsent.yml index f9067ce07..dd3aeb8bd 100644 --- a/api-test/src/main/resources/esignet/LinkedConsent/OAuthDetailsRequestLinkedConsent/OAuthDetailsRequestLinkedConsent.yml +++ b/api-test/src/main/resources/esignet/LinkedConsent/OAuthDetailsRequestLinkedConsent/OAuthDetailsRequestLinkedConsent.yml @@ -16,7 +16,7 @@ OAuthDetailsRequestLinkedConsent: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:linked-wallet", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -41,7 +41,7 @@ OAuthDetailsRequestLinkedConsent: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:linked-wallet", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -55,7 +55,7 @@ OAuthDetailsRequestLinkedConsent: role: resident checkErrorsOnlyInResponse: true restMethod: post - inputTemplate: esignet/OAuthDetailsRequest/OAuthDetailsRequestNoClaims + inputTemplate: esignet/OAuthDetailsRequest/OAuthDetailsRequestNullClaims outputTemplate: esignet/OAuthDetailsRequest/OAuthDetailsRequestResult input: '{ "requestTime": "$TIMESTAMP$", @@ -66,10 +66,40 @@ OAuthDetailsRequestLinkedConsent: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:linked-wallet", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' output: '{ +}' + + ESignet_OAuthDetailsRequest_LinkAuth_Consent_NoClaim_Neg: + endPoint: /v1/esignet/authorization/oauth-details + description: Oauthdetails request with linkAuth consent and empty claim + role: resident + checkErrorsOnlyInResponse: true + restMethod: post + inputTemplate: esignet/OAuthDetailsRequest/OAuthDetailsRequestNoClaims + outputTemplate: esignet/OAuthDetailsRequest/OAuthDetailsRequestResult + input: '{ + "requestTime": "$TIMESTAMP$", + "clientId": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$", + "scope": "openid resident-service profile", + "responseType": "code", + "redirectUri": "$IDPREDIRECTURI$", + "display": "popup", + "prompt": "login", + "acrValues": "mosip:idp:acr:linked-wallet", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", + "state": "eree2311", + "claimsLocales": "en" +}' + output: '{ + "errors": [ + { + "errorCode": "invalid_claim", + "errorMessage": "$IGNORE$" + } + ] }' \ No newline at end of file diff --git a/api-test/src/main/resources/esignet/OAuthDetailsRequest/OAuthDetailsRequest.yml b/api-test/src/main/resources/esignet/OAuthDetailsRequest/OAuthDetailsRequest.yml index bdfd95e81..200c65d51 100644 --- a/api-test/src/main/resources/esignet/OAuthDetailsRequest/OAuthDetailsRequest.yml +++ b/api-test/src/main/resources/esignet/OAuthDetailsRequest/OAuthDetailsRequest.yml @@ -16,7 +16,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -41,7 +41,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -66,7 +66,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -91,7 +91,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -116,7 +116,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -141,7 +141,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -166,7 +166,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -191,7 +191,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -216,7 +216,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -241,7 +241,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -265,7 +265,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -290,7 +290,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -315,7 +315,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -339,7 +339,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -363,7 +363,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -387,7 +387,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -411,7 +411,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -435,7 +435,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -459,7 +459,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -483,7 +483,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -507,7 +507,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -532,7 +532,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -557,7 +557,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -582,7 +582,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -607,7 +607,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -632,7 +632,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -657,7 +657,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -682,7 +682,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -707,7 +707,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -732,7 +732,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -757,7 +757,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -782,7 +782,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -807,7 +807,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -832,7 +832,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -857,7 +857,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -887,7 +887,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -917,7 +917,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -947,7 +947,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -977,7 +977,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1007,7 +1007,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1037,7 +1037,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1067,7 +1067,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1097,7 +1097,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1127,7 +1127,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1157,7 +1157,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1187,7 +1187,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1217,7 +1217,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1247,7 +1247,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1277,7 +1277,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1307,7 +1307,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1337,7 +1337,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1367,7 +1367,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1397,7 +1397,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1422,7 +1422,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp/acr:static?:code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1447,7 +1447,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-codemosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1472,7 +1472,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "$REMOVE$", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1497,7 +1497,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1522,7 +1522,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1547,7 +1547,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "claims": "$REMOVE$" @@ -1573,7 +1573,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "claims": "" @@ -1603,7 +1603,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1628,7 +1628,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "$REMOVE$" }' @@ -1653,7 +1653,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "hn" }' @@ -1678,7 +1678,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "" }' @@ -1703,7 +1703,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "null" }' @@ -1728,7 +1728,7 @@ OAuthDetailsRequest: "display": "$REMOVE$", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1753,7 +1753,7 @@ OAuthDetailsRequest: "display": "abc", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1783,7 +1783,7 @@ OAuthDetailsRequest: "display": "", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1812,7 +1812,7 @@ OAuthDetailsRequest: "display": "null", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1842,7 +1842,7 @@ OAuthDetailsRequest: "display": " ", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -1871,7 +1871,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "$$@#fdhfdkl", "claimsLocales": "en" }' @@ -1896,7 +1896,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "$REMOVE$", "claimsLocales": "en" }' @@ -1921,7 +1921,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "", "claimsLocales": "en" }' @@ -1946,7 +1946,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "null", "claimsLocales": "en" }' @@ -1971,37 +1971,12 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "aa1hmnkz7ee0c1te988gw9bkos5pb4mi830uf6wrxj6hs80z07rmtwpzvjr9qjhgw8aw2rf9iljprvvxxh4y94je13gl4vr9vwaq358tnov5bh3likbef6elkqnqvnn4gu9fh1pzui2b459m0xfwjdsjlinll1s6kayk29d01i3vx1uagewcoc39ssxm4feyci06zoimd6ot3c0w3w8genv1d0hk4ni9ym1mjkwclffj5tfiglipy9sn5fyjqway9c6y", "claimsLocales": "en" }' output: '{ -}' - - ESignet_OAuthDetailsRequest_Invalid_Nonce_Pos: - endPoint: /v1/esignet/authorization/oauth-details - description: Oauthdetails request with invalid Nonce - role: resident - restMethod: post - checkErrorsOnlyInResponse: true - inputTemplate: esignet/OAuthDetailsRequest/OAuthDetailsRequest - outputTemplate: esignet/OAuthDetailsRequest/OAuthDetailsRequestResult - input: '{ - "requestTime": "$TIMESTAMP$", - "clientId": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$", - "scope": "openid resident-service profile", - "responseType": "code", - "redirectUri": "$IDPREDIRECTURI$", - "display": "popup", - "prompt": "login", - "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "$$#@DSNsds", - "state": "eree2311", - "claimsLocales": "en" -}' - output: '{ - }' ESignet_OAuthDetailsRequest_Missing_Nonce_Pos: @@ -2052,31 +2027,6 @@ OAuthDetailsRequest: }' output: '{ -}' - - ESignet_OAuthDetailsRequest_Null_Nonce_Pos: - endPoint: /v1/esignet/authorization/oauth-details - description: Oauthdetails request with Null in Nonce - role: resident - restMethod: post - checkErrorsOnlyInResponse: true - inputTemplate: esignet/OAuthDetailsRequest/OAuthDetailsRequest - outputTemplate: esignet/OAuthDetailsRequest/OAuthDetailsRequestResult - input: '{ - "requestTime": "$TIMESTAMP$", - "clientId": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$", - "scope": "openid resident-service profile", - "responseType": "code", - "redirectUri": "$IDPREDIRECTURI$", - "display": "popup", - "prompt": "login", - "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "null", - "state": "eree2311", - "claimsLocales": "en" -}' - output: '{ - }' ESignet_OAuthDetailsRequest_Invalid_requestTime_Neg: @@ -2096,7 +2046,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -2126,7 +2076,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -2156,7 +2106,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "abc", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -2186,7 +2136,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "$REMOVE$", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -2210,7 +2160,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -2239,7 +2189,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "null", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -2269,7 +2219,7 @@ OAuthDetailsRequest: "display": "popup", "prompt": "select account", "acrValues": "mosip:idp:acr:static-code mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' diff --git a/api-test/src/main/resources/esignet/OAuthDetailsRequest/OAuthDetailsRequestNonAuth.yml b/api-test/src/main/resources/esignet/OAuthDetailsRequest/OAuthDetailsRequestNonAuth.yml index 78cbf8f01..292d2baaf 100644 --- a/api-test/src/main/resources/esignet/OAuthDetailsRequest/OAuthDetailsRequestNonAuth.yml +++ b/api-test/src/main/resources/esignet/OAuthDetailsRequest/OAuthDetailsRequestNonAuth.yml @@ -16,7 +16,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -41,7 +41,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -66,7 +66,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -91,7 +91,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -116,7 +116,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -141,7 +141,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -166,7 +166,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -191,7 +191,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -216,7 +216,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -241,7 +241,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -266,7 +266,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -291,7 +291,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -316,7 +316,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -341,7 +341,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -366,7 +366,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -391,7 +391,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -416,7 +416,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -441,7 +441,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -466,7 +466,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -491,7 +491,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -516,7 +516,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -541,7 +541,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -566,7 +566,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -591,7 +591,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -616,7 +616,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -641,7 +641,7 @@ OAuthDetailsRequestNonAuth: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' diff --git a/api-test/src/main/resources/esignet/OAuthDetailsRequest/OAuthDetailsRequestNullClaims.hbs b/api-test/src/main/resources/esignet/OAuthDetailsRequest/OAuthDetailsRequestNullClaims.hbs new file mode 100644 index 000000000..e3f753c95 --- /dev/null +++ b/api-test/src/main/resources/esignet/OAuthDetailsRequest/OAuthDetailsRequestNullClaims.hbs @@ -0,0 +1,16 @@ +{ + "requestTime": "{{requestTime}}", + "request": { + "clientId": "{{clientId}}", + "scope": "{{scope}}", + "responseType": "{{responseType}}", + "redirectUri": "{{redirectUri}}", + "display": "{{display}}", + "prompt": "{{prompt}}", + "acrValues": "{{acrValues}}", + "claims": null, + "nonce": "{{nonce}}", + "state": "{{state}}", + "claimsLocales": "{{claimsLocales}}" + } +} \ No newline at end of file diff --git a/api-test/src/main/resources/esignet/OAuthDetailsRequestLinked/OAuthDetailsRequest.yml b/api-test/src/main/resources/esignet/OAuthDetailsRequestLinked/OAuthDetailsRequest.yml index 0b58305f1..d5b12145b 100644 --- a/api-test/src/main/resources/esignet/OAuthDetailsRequestLinked/OAuthDetailsRequest.yml +++ b/api-test/src/main/resources/esignet/OAuthDetailsRequestLinked/OAuthDetailsRequest.yml @@ -16,7 +16,7 @@ OAuthDetailsRequestLinked: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:linked-wallet", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -41,7 +41,7 @@ OAuthDetailsRequestLinked: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:linked-wallet", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -66,7 +66,7 @@ OAuthDetailsRequestLinked: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:linked-wallet", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -91,7 +91,7 @@ OAuthDetailsRequestLinked: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:linked-wallet", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -116,7 +116,7 @@ OAuthDetailsRequestLinked: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:linked-wallet", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -141,7 +141,7 @@ OAuthDetailsRequestLinked: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:linked-wallet", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' @@ -166,7 +166,7 @@ OAuthDetailsRequestLinked: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:generated-code", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en" }' diff --git a/api-test/src/main/resources/esignet/OAuthDetailsRequestV2/OAuthDetailsRequest.yml b/api-test/src/main/resources/esignet/OAuthDetailsRequestV2/OAuthDetailsRequest.yml index 7bf1ddc02..6a9d1ac9a 100644 --- a/api-test/src/main/resources/esignet/OAuthDetailsRequestV2/OAuthDetailsRequest.yml +++ b/api-test/src/main/resources/esignet/OAuthDetailsRequestV2/OAuthDetailsRequest.yml @@ -16,7 +16,7 @@ OAuthDetailsRequestV2: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:generated-code mosip:idp:acr:linked-wallet mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -43,7 +43,7 @@ OAuthDetailsRequestV2: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:generated-code mosip:idp:acr:linked-wallet mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "$1STLANG$", "codeChallenge": "$CODECHALLENGE$", diff --git a/api-test/src/main/resources/esignet/SunBirdC/OAuthDetailsRequestSunBirdC/OAuthDetailsRequestSunBirdC.yml b/api-test/src/main/resources/esignet/SunBirdC/OAuthDetailsRequestSunBirdC/OAuthDetailsRequestSunBirdC.yml index ea1dc3e64..847a373a4 100644 --- a/api-test/src/main/resources/esignet/SunBirdC/OAuthDetailsRequestSunBirdC/OAuthDetailsRequestSunBirdC.yml +++ b/api-test/src/main/resources/esignet/SunBirdC/OAuthDetailsRequestSunBirdC/OAuthDetailsRequestSunBirdC.yml @@ -16,7 +16,7 @@ OAuthDetailsRequestSunBirdC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", diff --git a/api-test/src/main/resources/esignet/SunBirdCNegTC/OAuthDetailsRequestSunBirdCNegTC/OAuthDetailsRequestSunBirdCNegTC.yml b/api-test/src/main/resources/esignet/SunBirdCNegTC/OAuthDetailsRequestSunBirdCNegTC/OAuthDetailsRequestSunBirdCNegTC.yml index 14776c06d..b8605ab1a 100644 --- a/api-test/src/main/resources/esignet/SunBirdCNegTC/OAuthDetailsRequestSunBirdCNegTC/OAuthDetailsRequestSunBirdCNegTC.yml +++ b/api-test/src/main/resources/esignet/SunBirdCNegTC/OAuthDetailsRequestSunBirdCNegTC/OAuthDetailsRequestSunBirdCNegTC.yml @@ -16,7 +16,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge mosip:idp:acr:generated-code mosip:idp:acr:linked-wallet mosip:idp:acr:biometrics", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -42,7 +42,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -72,7 +72,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -103,7 +103,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -133,7 +133,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -159,7 +159,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -189,7 +189,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "9sJ3SSa1AfcYwqi", @@ -215,7 +215,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -246,7 +246,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": " ", @@ -276,7 +276,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "9sJ3SSa1AfcYwqieyegdbdbdbdbhey373664gfgfbcbcbcncjccudhdyye7eyeggcbc374hfgdfdsbs98645g4gvgvv", @@ -302,7 +302,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$REMOVE$", @@ -332,7 +332,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -362,7 +362,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$REMOVE$", @@ -393,7 +393,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -420,7 +420,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -447,7 +447,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -474,7 +474,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -501,7 +501,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -528,7 +528,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -555,7 +555,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -582,7 +582,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -609,7 +609,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -636,7 +636,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -663,7 +663,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -690,7 +690,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -717,7 +717,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -744,7 +744,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", @@ -771,7 +771,7 @@ OAuthDetailsRequestSunBirdCNegTC: "display": "popup", "prompt": "login", "acrValues": "mosip:idp:acr:knowledge", - "nonce": "973eieljzng", + "nonce": "$UNIQUENONCEVALUEFORESIGNET$", "state": "eree2311", "claimsLocales": "en", "codeChallenge": "$CODECHALLENGE$", From 4d9d8ac2036a60500394a8b8f506b82863779799 Mon Sep 17 00:00:00 2001 From: Md Humair Kankudti Date: Fri, 17 Jan 2025 17:51:20 +0530 Subject: [PATCH 5/5] [ES-1601] Captcha validation support during send-binding-otp (#961) (#1120) * capcha validation * organized imports * reverted maven mirror changes * already changed earlier * added property tag for oidc * Removed API rate limit changes * fixed test case issues * changed binding otp to v2 flow * addressed review comments * removed unwanted variable * review comments fixed * review comments fixed * review fixes * correct the test case * review comments fixed --------- Signed-off-by: Md-Humair-KK --- binding-service-impl/pom.xml | 2 +- .../services/KeyBindingServiceImpl.java | 17 ++- .../mosip/esignet/KeyBindingServiceTest.java | 93 +++++++++++---- docs/esignet-openapi.yaml | 108 +++++++++++++++++- .../core/config/SharedComponentConfig.java | 7 +- .../esignet/core/dto/BindingOtpRequest.java | 1 + .../esignet/core/dto/BindingOtpRequestV2.java | 15 +++ .../esignet/core/spi/KeyBindingService.java | 7 +- .../esignet/core/util/CaptchaHelper.java | 27 ++++- .../mosip/esignet/core/CaptchaHelperTest.java | 40 ++++++- .../controllers/KeyBindingController.java | 22 +++- .../resources/application-default.properties | 2 +- .../controllers/KeyBindingControllerTest.java | 66 +++++++++++ 13 files changed, 366 insertions(+), 41 deletions(-) create mode 100644 esignet-core/src/main/java/io/mosip/esignet/core/dto/BindingOtpRequestV2.java diff --git a/binding-service-impl/pom.xml b/binding-service-impl/pom.xml index 83f3c6db9..000295b03 100644 --- a/binding-service-impl/pom.xml +++ b/binding-service-impl/pom.xml @@ -29,5 +29,5 @@ esignet-core ${esignet.core.version} - + diff --git a/binding-service-impl/src/main/java/io/mosip/esignet/services/KeyBindingServiceImpl.java b/binding-service-impl/src/main/java/io/mosip/esignet/services/KeyBindingServiceImpl.java index 6f8fd1ec1..497eb729c 100644 --- a/binding-service-impl/src/main/java/io/mosip/esignet/services/KeyBindingServiceImpl.java +++ b/binding-service-impl/src/main/java/io/mosip/esignet/services/KeyBindingServiceImpl.java @@ -20,6 +20,7 @@ import io.mosip.esignet.api.spi.KeyBinder; import io.mosip.esignet.core.dto.*; import io.mosip.esignet.core.exception.EsignetException; +import io.mosip.esignet.core.util.CaptchaHelper; import io.mosip.esignet.repository.PublicKeyRegistryRepository; import io.mosip.kernel.keymanagerservice.util.KeymanagerUtil; import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; @@ -54,12 +55,16 @@ public class KeyBindingServiceImpl implements KeyBindingService { @Autowired private KeyBindingHelperService keyBindingHelperService; + @Autowired + private CaptchaHelper captchaHelper; + @Value("${mosip.esignet.binding.encrypt-binding-id:true}") private boolean encryptBindingId; @Override - public BindingOtpResponse sendBindingOtp(BindingOtpRequest bindingOtpRequest, Map requestHeaders) throws EsignetException { + public BindingOtpResponse sendBindingOtp(BindingOtpRequest bindingOtpRequest, Map requestHeaders) + throws EsignetException { log.debug("sendBindingOtp :: Request headers >> {}", requestHeaders); SendOtpResult sendOtpResult; try { @@ -69,18 +74,24 @@ public BindingOtpResponse sendBindingOtp(BindingOtpRequest bindingOtpRequest, Ma log.error("Failed to send binding otp: {}", e); throw new EsignetException(e.getErrorCode()); } - if (sendOtpResult == null) { log.error("send-otp Failed wrapper returned null result!"); throw new EsignetException(SEND_OTP_FAILED); } - BindingOtpResponse otpResponse = new BindingOtpResponse(); otpResponse.setMaskedEmail(sendOtpResult.getMaskedEmail()); otpResponse.setMaskedMobile(sendOtpResult.getMaskedMobile()); return otpResponse; } + @Override + public BindingOtpResponse sendBindingOtpV2(BindingOtpRequestV2 bindingOtpRequestV2, Map requestHeaders) + throws EsignetException { + captchaHelper.validateCaptchaToken(bindingOtpRequestV2.getCaptchaToken(), "binding-otp"); + return sendBindingOtp(bindingOtpRequestV2, requestHeaders); + } + + private void validateChallengeListAuthFormat(List challengeList){ if(!challengeList.stream().allMatch(challenge->keyBindingWrapper.getSupportedChallengeFormats(challenge.getAuthFactorType()). contains(challenge.getFormat()))) { diff --git a/binding-service-impl/src/test/java/io/mosip/esignet/KeyBindingServiceTest.java b/binding-service-impl/src/test/java/io/mosip/esignet/KeyBindingServiceTest.java index 582ce1eb2..5703cf4e2 100644 --- a/binding-service-impl/src/test/java/io/mosip/esignet/KeyBindingServiceTest.java +++ b/binding-service-impl/src/test/java/io/mosip/esignet/KeyBindingServiceTest.java @@ -5,21 +5,9 @@ */ package io.mosip.esignet; -import static io.mosip.esignet.api.util.ErrorConstants.SEND_OTP_FAILED; -import static org.mockito.ArgumentMatchers.any; -import static org.mockito.ArgumentMatchers.anyString; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.when; - -import java.io.IOException; -import java.security.KeyPair; -import java.security.KeyPairGenerator; -import java.security.interfaces.RSAPrivateKey; -import java.security.interfaces.RSAPublicKey; -import java.time.LocalDateTime; -import java.util.*; - import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.nimbusds.jose.jwk.JWK; import com.nimbusds.jose.jwk.KeyUse; import com.nimbusds.jose.jwk.RSAKey; import io.mosip.esignet.api.dto.AuthChallenge; @@ -28,10 +16,14 @@ import io.mosip.esignet.api.exception.KeyBindingException; import io.mosip.esignet.api.exception.SendOtpException; import io.mosip.esignet.api.spi.KeyBinder; -import io.mosip.esignet.entity.PublicKeyRegistry; -import io.mosip.esignet.core.dto.*; -import io.mosip.esignet.core.exception.EsignetException; import io.mosip.esignet.core.constants.ErrorConstants; +import io.mosip.esignet.core.dto.BindingOtpRequest; +import io.mosip.esignet.core.dto.BindingOtpRequestV2; +import io.mosip.esignet.core.dto.BindingOtpResponse; +import io.mosip.esignet.core.dto.WalletBindingRequest; +import io.mosip.esignet.core.exception.EsignetException; +import io.mosip.esignet.core.util.CaptchaHelper; +import io.mosip.esignet.entity.PublicKeyRegistry; import io.mosip.esignet.repository.PublicKeyRegistryRepository; import io.mosip.esignet.services.KeyBindingHelperService; import io.mosip.esignet.services.KeyBindingServiceImpl; @@ -47,9 +39,21 @@ import org.mockito.MockitoAnnotations; import org.mockito.junit.MockitoJUnitRunner; import org.springframework.test.util.ReflectionTestUtils; +import org.springframework.web.client.RestTemplate; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.nimbusds.jose.jwk.JWK; +import java.io.IOException; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.interfaces.RSAPrivateKey; +import java.security.interfaces.RSAPublicKey; +import java.time.LocalDateTime; +import java.util.*; + +import static io.mosip.esignet.api.util.ErrorConstants.SEND_OTP_FAILED; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.ArgumentMatchers.anyString; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; @Slf4j @RunWith(MockitoJUnitRunner.class) @@ -70,10 +74,16 @@ public class KeyBindingServiceTest { @Mock KeymanagerUtil keymanagerUtil; + CaptchaHelper captchaHelper; + + @Mock + RestTemplate restTemplate; + private JWK clientJWK = generateJWK_RSA(); private ObjectMapper objectMapper = new ObjectMapper(); + @Before public void setUp() { MockitoAnnotations.initMocks(this); @@ -82,13 +92,17 @@ public void setUp() { mockKeyBindingWrapperService = mock(KeyBinder.class); when(mockKeyBindingWrapperService.getSupportedChallengeFormats(Mockito.anyString())) .thenReturn(Arrays.asList("jwt", "alpha-numeric")); + + captchaHelper = new CaptchaHelper(restTemplate, "https://api-internal.camdgc-dev1.mosip.net/v1/captcha/validatecaptcha", + "esignet", List.of("binding-otp")); + ReflectionTestUtils.setField(keyBindingService, "keyBindingWrapper", mockKeyBindingWrapperService); keyBindingHelperService = mock(KeyBindingHelperService.class); ReflectionTestUtils.setField(keyBindingHelperService, "saltLength", 10); ReflectionTestUtils.setField(keyBindingHelperService, "publicKeyRegistryRepository", publicKeyRegistryRepository); ReflectionTestUtils.setField(keyBindingHelperService, "keymanagerUtil", keymanagerUtil); - + ReflectionTestUtils.setField(keyBindingService, "captchaHelper", captchaHelper); ReflectionTestUtils.setField(keyBindingService, "keyBindingHelperService", keyBindingHelperService); } @@ -106,7 +120,8 @@ public void sendBindingOtp_withValidDetails_thenPass() throws SendOtpException { BindingOtpResponse otpResponse = keyBindingService.sendBindingOtp(otpRequest, headers); Assert.assertNotNull(otpResponse); } - + + @Test(expected = EsignetException.class) public void sendBindingOtp_withInvalidRequest_thenFail() throws SendOtpException { BindingOtpRequest otpRequest = new BindingOtpRequest(); @@ -119,6 +134,41 @@ public void sendBindingOtp_withInvalidRequest_thenFail() throws SendOtpException keyBindingService.sendBindingOtp(otpRequest, headers); } + + @Test + public void sendBindingOtpV2_withInvalidCaptcha_thenFail() throws SendOtpException { + + BindingOtpRequestV2 otpRequest = new BindingOtpRequestV2(); + otpRequest.setIndividualId("8267411571"); + otpRequest.setOtpChannels(Arrays.asList("OTP")); + otpRequest.setCaptchaToken("qwerty"); + + Map headers = new HashMap<>(); + + try { + keyBindingService.sendBindingOtpV2(otpRequest, headers); + } catch (EsignetException e) { + Assert.assertTrue(e.getErrorCode().equals(ErrorConstants.INVALID_CAPTCHA)); + } + } + + @Test + public void sendBindingOtpV2_withEmptyCaptcha_thenFail() throws SendOtpException { + + BindingOtpRequestV2 otpRequest = new BindingOtpRequestV2(); + otpRequest.setIndividualId("8267411571"); + otpRequest.setOtpChannels(Arrays.asList("OTP")); + otpRequest.setCaptchaToken(""); + + Map headers = new HashMap<>(); + + try { + keyBindingService.sendBindingOtpV2(otpRequest, headers); + } catch (EsignetException e) { + Assert.assertTrue(e.getErrorCode().equals(ErrorConstants.INVALID_CAPTCHA)); + } + } + @Test public void sendBindingOtp_withNullResponseFromWrapper_thenFail() throws SendOtpException { BindingOtpRequest otpRequest = new BindingOtpRequest(); @@ -368,4 +418,5 @@ public static JWK generateJWK_RSA() { } return null; } + } \ No newline at end of file diff --git a/docs/esignet-openapi.yaml b/docs/esignet-openapi.yaml index c042380ca..2d40f0043 100644 --- a/docs/esignet-openapi.yaml +++ b/docs/esignet-openapi.yaml @@ -4428,6 +4428,112 @@ paths: - url: 'https://esignet.collab.mosip.net/v1/esignet' x-stoplight: id: t315hcecaulyy + /binding/v2/binding-otp: + post: + tags: + - WALLET BACKEND + summary: Send Binding OTP Endpoint + description: Send wallet binding OTP endpoint is invoked by Mimoto server. + operationId: post-binding-otp + parameters: + - name: partner-api-key + in: header + description: 'API key of the binding partner, this will be passed to binder implementation to interact with authentication system.' + schema: + type: string + - name: partner-id + in: header + description: 'Binding partner Identifier, this will be passed to binder implementation to interact with authentication system.' + schema: + type: string + requestBody: + content: + application/json: + schema: + type: object + properties: + requestTime: + type: string + request: + type: object + properties: + individualId: + type: string + description: User Id (UIN/VID) + otpChannels: + type: array + description: Channels to which OTP should be delivered. + items: + type: string + captchaToken: + type: string + description: 'Captcha token, if enabled.' + required: + - individualId + - otpChannels + required: + - requestTime + - request + examples: + Example 1: + value: + requestTime: '2023-09-22T08:01:13.000Z' + request: + individualId: '24554655645' + otpChannels: + - sms + - email + captchaToken: ALSKDJFURIEOQPZMKFURHFVBH + responses: + '200': + description: OK + content: + application/json: + schema: + type: object + properties: + responseTIme: + type: string + response: + type: object + properties: + maskedEmail: + type: string + description: Masked email id of the individualId user. + maskedMobile: + type: string + description: Masked mobile number of the individualId user. + errors: + type: array + items: + type: object + properties: + errorCode: + type: string + enum: + - invalid_otp_channel + - unknown_error + - invalid_individual_id + - send_otp_failed + - invalid_captcha + errorMessage: + type: string + required: + - responseTIme + examples: + Example 1: + value: + responseTIme: '2023-09-22T08:01:16.000Z' + response: + maskedEmail: XXdXXaXXhXXkX@gmail.com + maskedMobile: XXXXXXX357934 + errors: [ ] + security: + - Authorization-send_binding_otp: [ ] + servers: + - url: 'https://esignet.collab.mosip.net/v1/esignet' + x-stoplight: + id: xnl3gyq4v4bh4 /binding/wallet-binding: post: tags: @@ -5290,8 +5396,6 @@ components: - - diff --git a/esignet-core/src/main/java/io/mosip/esignet/core/config/SharedComponentConfig.java b/esignet-core/src/main/java/io/mosip/esignet/core/config/SharedComponentConfig.java index 40643213f..a0e418941 100644 --- a/esignet-core/src/main/java/io/mosip/esignet/core/config/SharedComponentConfig.java +++ b/esignet-core/src/main/java/io/mosip/esignet/core/config/SharedComponentConfig.java @@ -7,6 +7,8 @@ import org.springframework.context.annotation.Configuration; import org.springframework.web.client.RestTemplate; +import java.util.List; + @Configuration public class SharedComponentConfig { @@ -15,7 +17,8 @@ public class SharedComponentConfig { @Bean public CaptchaHelper captchaHelper(@Value("${mosip.esignet.captcha.validator-url}") String validatorUrl, - @Value("${mosip.esignet.captcha.module-name}") String moduleName) { - return new CaptchaHelper(restTemplate, validatorUrl, moduleName); + @Value("${mosip.esignet.captcha.module-name}") String moduleName, + @Value("#{'${mosip.esignet.captcha.required}'}")List captchaRequired) { + return new CaptchaHelper(restTemplate, validatorUrl, moduleName, captchaRequired); } } diff --git a/esignet-core/src/main/java/io/mosip/esignet/core/dto/BindingOtpRequest.java b/esignet-core/src/main/java/io/mosip/esignet/core/dto/BindingOtpRequest.java index a9b2dd872..9aa090885 100644 --- a/esignet-core/src/main/java/io/mosip/esignet/core/dto/BindingOtpRequest.java +++ b/esignet-core/src/main/java/io/mosip/esignet/core/dto/BindingOtpRequest.java @@ -24,4 +24,5 @@ public class BindingOtpRequest { @NotNull(message = ErrorConstants.INVALID_OTP_CHANNEL) @Size(min = 1, message = ErrorConstants.INVALID_OTP_CHANNEL) private List<@OtpChannel String> otpChannels; + } diff --git a/esignet-core/src/main/java/io/mosip/esignet/core/dto/BindingOtpRequestV2.java b/esignet-core/src/main/java/io/mosip/esignet/core/dto/BindingOtpRequestV2.java new file mode 100644 index 000000000..9086b1414 --- /dev/null +++ b/esignet-core/src/main/java/io/mosip/esignet/core/dto/BindingOtpRequestV2.java @@ -0,0 +1,15 @@ +/* + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at https://mozilla.org/MPL/2.0/. + */ +package io.mosip.esignet.core.dto; + +import lombok.Data; +import lombok.EqualsAndHashCode; + +@EqualsAndHashCode(callSuper = true) +@Data +public class BindingOtpRequestV2 extends BindingOtpRequest{ + private String captchaToken; +} diff --git a/esignet-core/src/main/java/io/mosip/esignet/core/spi/KeyBindingService.java b/esignet-core/src/main/java/io/mosip/esignet/core/spi/KeyBindingService.java index f927e7e66..ab80bcb5f 100644 --- a/esignet-core/src/main/java/io/mosip/esignet/core/spi/KeyBindingService.java +++ b/esignet-core/src/main/java/io/mosip/esignet/core/spi/KeyBindingService.java @@ -5,11 +5,8 @@ */ package io.mosip.esignet.core.spi; -import io.mosip.esignet.core.dto.BindingOtpResponse; +import io.mosip.esignet.core.dto.*; import io.mosip.esignet.core.exception.EsignetException; -import io.mosip.esignet.core.dto.BindingOtpRequest; -import io.mosip.esignet.core.dto.WalletBindingRequest; -import io.mosip.esignet.core.dto.WalletBindingResponse; import java.util.Map; @@ -17,5 +14,7 @@ public interface KeyBindingService { BindingOtpResponse sendBindingOtp(BindingOtpRequest otpRequest, Map requestHeaders) throws EsignetException; + BindingOtpResponse sendBindingOtpV2(BindingOtpRequestV2 otpRequest, Map requestHeaders) throws EsignetException; + WalletBindingResponse bindWallet(WalletBindingRequest walletBindingRequest, Map requestHeaders) throws EsignetException; } diff --git a/esignet-core/src/main/java/io/mosip/esignet/core/util/CaptchaHelper.java b/esignet-core/src/main/java/io/mosip/esignet/core/util/CaptchaHelper.java index f6ce7808e..e53147559 100644 --- a/esignet-core/src/main/java/io/mosip/esignet/core/util/CaptchaHelper.java +++ b/esignet-core/src/main/java/io/mosip/esignet/core/util/CaptchaHelper.java @@ -11,16 +11,22 @@ import io.mosip.esignet.core.dto.ResponseWrapper; import io.mosip.esignet.core.exception.EsignetException; import lombok.extern.slf4j.Slf4j; -import org.springframework.http.*; +import org.springframework.http.HttpHeaders; +import org.springframework.http.MediaType; +import org.springframework.http.RequestEntity; +import org.springframework.http.ResponseEntity; import org.springframework.util.CollectionUtils; +import org.springframework.util.StringUtils; import org.springframework.web.client.RestTemplate; import java.net.URI; import java.time.ZoneOffset; import java.time.ZonedDateTime; import java.time.format.DateTimeFormatter; +import java.util.List; import static io.mosip.esignet.core.constants.Constants.UTC_DATETIME_PATTERN; +import static io.mosip.esignet.core.constants.ErrorConstants.INVALID_CAPTCHA; @Slf4j public class CaptchaHelper { @@ -29,12 +35,29 @@ public class CaptchaHelper { private String moduleName; private String validatorUrl; - public CaptchaHelper(RestTemplate restTemplate, String validatorUrl, String moduleName) { + private List captchaRequired; + + public CaptchaHelper(RestTemplate restTemplate, String validatorUrl, String moduleName, List captchaRequired) { this.restTemplate = restTemplate; this.validatorUrl = validatorUrl; this.moduleName = moduleName; + this.captchaRequired = captchaRequired; + } + + public void validateCaptchaToken(String captchaToken, String authFactor) { + if(!captchaRequired.contains(authFactor)) { + log.warn("captcha validation is disabled for {} request!", authFactor); + return; + } + if(!StringUtils.hasText(captchaToken)) { + log.error("Captcha token is Null or Empty"); + throw new EsignetException(INVALID_CAPTCHA); + } + if (!validateCaptcha(captchaToken)) + throw new EsignetException(INVALID_CAPTCHA); } + public boolean validateCaptcha(String captchaToken) { if (captchaToken == null || captchaToken.isBlank()) { diff --git a/esignet-core/src/test/java/io/mosip/esignet/core/CaptchaHelperTest.java b/esignet-core/src/test/java/io/mosip/esignet/core/CaptchaHelperTest.java index 95b8bc056..ec7dbc8ff 100644 --- a/esignet-core/src/test/java/io/mosip/esignet/core/CaptchaHelperTest.java +++ b/esignet-core/src/test/java/io/mosip/esignet/core/CaptchaHelperTest.java @@ -1,5 +1,6 @@ package io.mosip.esignet.core; +import io.mosip.esignet.core.constants.ErrorConstants; import io.mosip.esignet.core.dto.ResponseWrapper; import io.mosip.esignet.core.exception.EsignetException; import io.mosip.esignet.core.util.CaptchaHelper; @@ -7,10 +8,8 @@ import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; -import org.mockito.InjectMocks; import org.mockito.Mock; import org.mockito.Mockito; -import org.mockito.MockitoAnnotations; import org.mockito.junit.MockitoJUnitRunner; import org.springframework.boot.test.context.SpringBootTest; import org.springframework.http.*; @@ -18,8 +17,8 @@ import org.springframework.web.client.RestClientException; import org.springframework.web.client.RestTemplate; -import java.util.ArrayList; import java.util.Arrays; +import java.util.List; import static org.mockito.ArgumentMatchers.any; @@ -35,7 +34,28 @@ public class CaptchaHelperTest { @Before public void setUp() { captchaHelper = new CaptchaHelper(restTemplate, "https://api-internal.camdgc-dev1.mosip.net/v1/captcha/validatecaptcha", - "esignet"); + "esignet", List.of("binding-otp")); + } + + @Test + public void validateCaptchaToken_withEmptyToken_thenFail() { + ReflectionTestUtils.setField(captchaHelper, "captchaRequired", List.of("binding-otp")); + try { + captchaHelper.validateCaptchaToken("", "binding-otp"); + } catch(EsignetException e) { + Assert.assertEquals(ErrorConstants.INVALID_CAPTCHA, e.getErrorCode()); + } + } + + + @Test + public void validateCaptchaToken_withInValidToken_thenFail() { + ReflectionTestUtils.setField(captchaHelper, "captchaRequired", List.of("binding-otp")); + try { + captchaHelper.validateCaptchaToken("captcha-token", "binding-otp"); + } catch(EsignetException e) { + Assert.assertEquals(ErrorConstants.INVALID_CAPTCHA, e.getErrorCode()); + } } @Test @@ -48,6 +68,18 @@ public void validateCaptcha_withEmptyCaptchaToken_thenFail() { Assert.assertThrows(EsignetException.class,()->captchaHelper.validateCaptcha("")); } + @Test + public void validateCaptchaToken_withValidData_thenPass() { + ResponseWrapper responseWrapper = new ResponseWrapper(); + responseWrapper.setResponse("success"); + ResponseEntity responseEntity = ResponseEntity.ok(responseWrapper); + Mockito.when(restTemplate.exchange(Mockito.any(RequestEntity.class), Mockito.eq(ResponseWrapper.class))) + .thenReturn(responseEntity); + boolean result = captchaHelper.validateCaptcha("captchaToken"); + Assert.assertTrue(result); + } + + @Test public void validateCaptcha_withNullResponse_thenFail() { Mockito.when(restTemplate.exchange((RequestEntity) any(), (Class) any())).thenReturn(null); diff --git a/esignet-service/src/main/java/io/mosip/esignet/controllers/KeyBindingController.java b/esignet-service/src/main/java/io/mosip/esignet/controllers/KeyBindingController.java index 1ba2346d0..312dc9689 100644 --- a/esignet-service/src/main/java/io/mosip/esignet/controllers/KeyBindingController.java +++ b/esignet-service/src/main/java/io/mosip/esignet/controllers/KeyBindingController.java @@ -50,7 +50,27 @@ public ResponseWrapper sendBindingOtp(@Valid @RequestBody RequestWr } return responseWrapper; } - + + + @PostMapping(value = "/v2/binding-otp", consumes = {MediaType.APPLICATION_JSON_VALUE}, + produces = {MediaType.APPLICATION_JSON_VALUE}) + public ResponseWrapper sendBindingOtpV2(@Valid @RequestBody RequestWrapper requestWrapper, + @RequestHeader Map headers) + throws EsignetException { + ResponseWrapper responseWrapper = new ResponseWrapper(); + try { + responseWrapper.setResponse(keyBindingService.sendBindingOtpV2(requestWrapper.getRequest(), headers)); + responseWrapper.setResponseTime(IdentityProviderUtil.getUTCDateTime()); + auditPlugin.logAudit(Action.SEND_BINDING_OTP, ActionStatus.SUCCESS, + AuditHelper.buildAuditDto("individualId", null), null); + } catch (EsignetException ex) { + auditPlugin.logAudit(Action.SEND_BINDING_OTP, ActionStatus.ERROR, + AuditHelper.buildAuditDto("individualId", null), ex); + throw ex; + } + return responseWrapper; + } + @PostMapping(value = "wallet-binding", consumes = {MediaType.APPLICATION_JSON_VALUE}, produces = {MediaType.APPLICATION_JSON_VALUE}) public ResponseWrapper bindWallet(@Valid @RequestBody RequestWrapper requestWrapper, diff --git a/esignet-service/src/main/resources/application-default.properties b/esignet-service/src/main/resources/application-default.properties index 5fd499d4b..91b4a5c8a 100644 --- a/esignet-service/src/main/resources/application-default.properties +++ b/esignet-service/src/main/resources/application-default.properties @@ -60,7 +60,7 @@ mosip.esignet.header-filter.paths-to-validate={'${server.servlet.path}/authoriza '${server.servlet.path}/authorization/complete-signup-redirect' } ## captcha validation is enabled for the auth-factors - otp, pwd, bio and pin. -mosip.esignet.captcha.required=send-otp,pwd,kbi +mosip.esignet.captcha.required=send-otp,pwd,kbi,binding-otp mosip.esignet.captcha.validator-url=http://captcha.captcha/v1/captcha/validatecaptcha mosip.esignet.captcha.module-name=esignet mosip.esignet.captcha.site-key=${esignet.captcha.site.key} diff --git a/esignet-service/src/test/java/io/mosip/esignet/controllers/KeyBindingControllerTest.java b/esignet-service/src/test/java/io/mosip/esignet/controllers/KeyBindingControllerTest.java index 5e880349f..1869af3b2 100644 --- a/esignet-service/src/test/java/io/mosip/esignet/controllers/KeyBindingControllerTest.java +++ b/esignet-service/src/test/java/io/mosip/esignet/controllers/KeyBindingControllerTest.java @@ -141,6 +141,72 @@ public void sendBindingOtp_withInvalidChannel_thenPass() throws Exception { .andExpect(jsonPath("$.errors[0].errorCode").value(ErrorConstants.INVALID_OTP_CHANNEL)); } + @Test + public void sendBindingOtpV2_withValidRequest_thenPass() throws Exception { + BindingOtpRequest otpRequest = new BindingOtpRequest(); + otpRequest.setIndividualId("8267411571"); + otpRequest.setOtpChannels(Arrays.asList("email")); + ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); + RequestWrapper wrapper = new RequestWrapper<>(); + wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); + wrapper.setRequest(otpRequest); + + BindingOtpResponse otpResponse = new BindingOtpResponse(); + Map headers = new HashMap<>(); + headers.put("Content-Type", "application/json;charset=UTF-8"); + headers.put("Content-Length", "106"); + when(keyBindingService.sendBindingOtp(otpRequest, headers)).thenReturn(otpResponse); + when(authenticationWrapper.isSupportedOtpChannel(Mockito.anyString())).thenReturn(true); + + mockMvc.perform(post("/binding/v2/binding-otp").content(objectMapper.writeValueAsString(wrapper)) + .contentType(MediaType.APPLICATION_JSON)).andExpect(status().isOk()); + } + + @Test + public void sendBindingOtpV2_withInvalidIndividualId_thenFail() throws Exception { + BindingOtpRequest otpRequest = new BindingOtpRequest(); + otpRequest.setIndividualId(""); + otpRequest.setOtpChannels(Arrays.asList("email")); + ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); + RequestWrapper wrapper = new RequestWrapper<>(); + wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); + wrapper.setRequest(otpRequest); + + BindingOtpResponse otpResponse = new BindingOtpResponse(); + Map headers = new HashMap<>(); + headers.put("Content-Type", "application/json;charset=UTF-8"); + headers.put("Content-Length", "106"); + when(keyBindingService.sendBindingOtp(otpRequest, headers)).thenReturn(otpResponse); + when(authenticationWrapper.isSupportedOtpChannel(Mockito.anyString())).thenReturn(true); + + mockMvc.perform(post("/binding/v2/binding-otp").content(objectMapper.writeValueAsString(wrapper)) + .contentType(MediaType.APPLICATION_JSON)).andExpect(status().isOk()) + .andExpect(jsonPath("$.errors").isNotEmpty()) + .andExpect(jsonPath("$.errors[0].errorCode").value(INVALID_IDENTIFIER)); + } + + @Test + public void sendBindingOtpV2_withInvalidChannel_thenPass() throws Exception { + BindingOtpRequest otpRequest = new BindingOtpRequest(); + otpRequest.setIndividualId("121323123s"); + otpRequest.setOtpChannels(Arrays.asList()); + ZonedDateTime requestTime = ZonedDateTime.now(ZoneOffset.UTC); + RequestWrapper wrapper = new RequestWrapper<>(); + wrapper.setRequestTime(requestTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN))); + wrapper.setRequest(otpRequest); + + BindingOtpResponse otpResponse = new BindingOtpResponse(); + Map headers = new HashMap<>(); + headers.put("Content-Type", "application/json;charset=UTF-8"); + headers.put("Content-Length", "106"); + when(keyBindingService.sendBindingOtp(otpRequest, headers)).thenReturn(otpResponse); + + mockMvc.perform(post("/binding/v2/binding-otp").content(objectMapper.writeValueAsString(wrapper)) + .contentType(MediaType.APPLICATION_JSON)).andExpect(status().isOk()) + .andExpect(jsonPath("$.errors").isNotEmpty()) + .andExpect(jsonPath("$.errors[0].errorCode").value(ErrorConstants.INVALID_OTP_CHANNEL)); + } + @Test public void bindWallet_withValidDetails_thenPass() throws Exception { WalletBindingRequest walletBindingRequest = getWalletBindingRequest();