Skip to content

Commit

Permalink
Merge pull request wso2#4442 from bhagyasakalanka/input-valition
Browse files Browse the repository at this point in the history
Disable username input validation from IS-7.0.0 by default
  • Loading branch information
bhagyasakalanka authored Nov 1, 2023
2 parents 5603e89 + 81eed0a commit c30aea5
Show file tree
Hide file tree
Showing 3 changed files with 80 additions and 12 deletions.
5 changes: 5 additions & 0 deletions .changeset/tall-guests-rule.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"@wso2is/identity-apps-core": patch
---

Disable input validation for usename in IS by default
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,7 @@
String SELF_REGISTRATION_WITH_VERIFICATION_PAGE = "self-registration-with-verification.jsp";
String SELF_REGISTRATION_WITHOUT_VERIFICATION_PAGE = "* self-registration-without-verification.jsp";
String passwordPatternErrorCode = "20035";
String usernamePatternErrorCode = "20045";
String AUTO_LOGIN_COOKIE_NAME = "ALOR";
String AUTO_LOGIN_COOKIE_DOMAIN = "AutoLoginCookieDomain";
String AUTO_LOGIN_FLOW_TYPE = "SIGNUP";
Expand Down Expand Up @@ -378,7 +379,13 @@
request.getRequestDispatcher(SELF_REGISTRATION_WITHOUT_VERIFICATION_PAGE).forward(request,
response);
}
return;
} else if (usernamePatternErrorCode.equals(errorCode)) {
String i18Resource = IdentityManagementEndpointUtil.i18n(recoveryResourceBundle, errorCode);
if (!i18Resource.equals(errorCode)) {
request.setAttribute(ERROR_MESSAGE, i18Resource);
}
request.getRequestDispatcher("register.do").forward(request, response);
return;
} else {
if (!StringUtils.isBlank(username)) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,8 @@
<%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.client.model.Claim" %>
<%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.client.model.User" %>
<%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.client.ValidationConfigurationRetrievalClient" %>
<%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.client.PreferenceRetrievalClient" %>
<%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.client.PreferenceRetrievalClientException" %>
<%@ page import="org.wso2.carbon.identity.core.util.IdentityTenantUtil" %>
<%@ page import="org.wso2.carbon.identity.core.ServiceURLBuilder" %>
<%@ page import="org.wso2.carbon.utils.multitenancy.MultitenantUtils" %>
Expand Down Expand Up @@ -91,7 +93,8 @@
boolean allowchangeusername = Boolean.parseBoolean(request.getParameter("allowchangeusername"));
boolean isPasswordProvisionEnabled = Boolean.parseBoolean(request.getParameter("passwordProvisionEnabled"));
boolean piisConfigured = false;
PreferenceRetrievalClient preferenceRetrievalClient = new PreferenceRetrievalClient();
boolean isSelfRegistrationLockOnCreationEnabled = preferenceRetrievalClient.checkSelfRegistrationLockOnCreation(tenantDomain);
String callback = Encode.forHtmlAttribute(request.getParameter("callback"));
String backToUrl = callback;
String sp = Encode.forHtmlAttribute(request.getParameter("sp"));
Expand All @@ -118,7 +121,7 @@
SelfRegistrationMgtClient selfRegistrationMgtClient = new SelfRegistrationMgtClient();
User user = IdentityManagementServiceUtil.getInstance().resolveUser(username, tenantDomain, isSaaSApp);
boolean isUsernameValidationEnabled = Boolean.parseBoolean(IdentityUtil.getProperty("InputValidation.Username.Enabled"));
ApplicationDataRetrievalClient applicationDataRetrievalClient = new ApplicationDataRetrievalClient();
try {
// Retrieve application Id.
Expand Down Expand Up @@ -531,10 +534,9 @@
</div>
</div>
<br>
<% } else {
<% } else {
String logoPath = imageURL;
if (!imageURL.isEmpty() && imageURL.contains("/")) {
String[] imageURLSegements = imageURL.split("/");
String logoFileName = imageURLSegements[imageURLSegements.length - 1];
Expand Down Expand Up @@ -670,7 +672,7 @@
<% if(skipSignUpEnableCheck) {%> value="<%=Encode.forHtmlAttribute(username)%>" <%}%>>
<% if (emailPII != null) { %>
<div id="usernameField"
<%if (emailPII.getRequired() || !isAlphanumericUsernameEnabled) { %>
<%if (isSelfRegistrationLockOnCreationEnabled || emailPII.getRequired() || !isAlphanumericUsernameEnabled) { %>
class="field required"
<%} else { %>
class="field"
Expand All @@ -687,7 +689,7 @@
placeholder="<%=IdentityManagementEndpointUtil.i18n(recoveryResourceBundle, "enter.your.email")%>"
data-testid="self-register-page-username-input"
autocomplete="off"
<%if (emailPII.getRequired() || !isAlphanumericUsernameEnabled) {%> required <%}%>
<%if (emailPII.getRequired() || !isAlphanumericUsernameEnabled || isSelfRegistrationLockOnCreationEnabled) {%> required <%}%>
/>
<i aria-hidden="true" class="envelope outline icon"></i>
</div>
Expand Down Expand Up @@ -1281,6 +1283,9 @@
+ " " + (usernameConfig.maxLength ?? 255) + " "
+ "<%=IdentityManagementEndpointUtil.i18n(recoveryResourceBundle, "characters.including.one.letter")%>"
);
if (!<%=isUsernameValidationEnabled%>) {
$("#alphanumeric-username-msg").hide();
}
// Check whether the alphanumeric username is enabled or disabled.
function isAlphanumericUsernameEnabled() {
Expand All @@ -1292,6 +1297,9 @@
$("#alphanumericUsernameField").show();
document.getElementById("alphanumericUsernameUserInput").setAttribute("name", "alphanumericUsernameUserInput");
}
if (!<%=isUsernameValidationEnabled%>) {
$("#alphanumericUsernameField").show();
}
// Reloads the page if the page is loaded by going back in history.
// Fixes issues with Firefox.
Expand All @@ -1318,7 +1326,11 @@
// Fires when username field lose focus.
$('#alphanumericUsernameUserInput').bind('blur', function () {
showAlphanumericUsernameValidationStatus();
if (<%=isUsernameValidationEnabled%>) {
showAlphanumericUsernameValidationStatus();
} else {
showUsernameRegexValidationStatus();
}
});
// Fires when password field lose focus.
Expand Down Expand Up @@ -1488,8 +1500,16 @@
var error_msg = $("#error-msg");
var server_error_msg = $("#server-error-msg");
// Username validation.
if (isAlphanumericUsernameEnabled()) {
if (!<%=isUsernameValidationEnabled%>) {
if (showUsernameRegexValidationStatus()) {
userName.value = alphanumericUsernameUserInput.value.trim();
} else {
validInput = false;
}
if (<%=isSelfRegistrationLockOnCreationEnabled%> && !showUsernameValidationStatus()) {
validInput = false
}
} else if (isAlphanumericUsernameEnabled()) {
if (showAlphanumericUsernameValidationStatus()) {
userName.value = alphanumericUsernameUserInput.value.trim();
} else {
Expand Down Expand Up @@ -1606,7 +1626,16 @@
var server_error_msg = $("#server-error-msg");
// Username validation.
if (isAlphanumericUsernameEnabled()) {
if (!<%=isUsernameValidationEnabled%>) {
if (showUsernameRegexValidationStatus()) {
userName.value = alphanumericUsernameUserInput.value.trim();
} else {
validInput = false;
}
if (<%=isSelfRegistrationLockOnCreationEnabled%> && !showUsernameValidationStatus()) {
validInput = false
}
} else if (isAlphanumericUsernameEnabled()) {
if (showAlphanumericUsernameValidationStatus()) {
userName.value = alphanumericUsernameUserInput.value.trim();
} else {
Expand Down Expand Up @@ -1797,6 +1826,31 @@
$("#" + element_field).removeClass("error");
}
function showUsernameRegexValidationStatus() {
var alphanumericUsernameUserInput = document.getElementById("alphanumericUsernameUserInput");
var alphanumericUsernameField = $("#alphanumericUsernameField");
var alphanumeric_username_error_msg = $("#alphanumeric-username-error-msg");
var server_error_msg = $("#server-error-msg");
var alphanumeric_username_error_msg_text = $("#alphanumeric-username-error-msg-text");
if (server_error_msg.text() !== null && server_error_msg.text().trim() !== "") {
alphanumeric_username_error_msg.hide();
alphanumericUsernameField.removeClass("error");
}
if (alphanumericUsernameUserInput.value.trim() === "") {
alphanumeric_username_error_msg_text.text("<%=IdentityManagementEndpointUtil.i18n(recoveryResourceBundle, "enter.your.username")%>");
alphanumeric_username_error_msg.show();
alphanumericUsernameField.addClass("error");
$("html, body").animate({scrollTop: alphanumeric_username_error_msg_text.offset().top}, 'slow');
return false;
}
alphanumeric_username_error_msg.hide();
alphanumericUsernameField.removeClass("error");
return true
}
function showAlphanumericUsernameValidationStatus() {
var alphanumericUsernameUserInput = document.getElementById("alphanumericUsernameUserInput");
var alphanumericUsernameField = $("#alphanumericUsernameField");
Expand Down Expand Up @@ -1849,7 +1903,9 @@
var username_error_msg = $("#username-error-msg");
var server_error_msg = $("#server-error-msg");
var username_error_msg_text = $("#username-error-msg-text");
<% if (emailPII != null) { %>
<% if (isSelfRegistrationLockOnCreationEnabled) { %>
var emailRequired = true;
<% } else if (emailPII != null) { %>
var emailRequired = <%=emailPII.getRequired()%>;
<% } else { %>
var emailRequired = false;
Expand Down

0 comments on commit c30aea5

Please sign in to comment.