From 36ffa945a10b6f7f3ae6029ea856eec2e18e3133 Mon Sep 17 00:00:00 2001 From: Bhagyasakalanka Date: Mon, 30 Oct 2023 10:21:48 +0530 Subject: [PATCH 1/5] Disable username input validation from IS-7.0.0 by default --- .../self-registration-username-request.jsp | 79 ++++++++++++++++--- 1 file changed, 68 insertions(+), 11 deletions(-) diff --git a/identity-apps-core/apps/recovery-portal/src/main/webapp/self-registration-username-request.jsp b/identity-apps-core/apps/recovery-portal/src/main/webapp/self-registration-username-request.jsp index e8c3999eb3b..dbf5524ace4 100644 --- a/identity-apps-core/apps/recovery-portal/src/main/webapp/self-registration-username-request.jsp +++ b/identity-apps-core/apps/recovery-portal/src/main/webapp/self-registration-username-request.jsp @@ -50,6 +50,8 @@ <%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.client.model.Claim" %> <%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.client.model.User" %> <%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.client.ValidationConfigurationRetrievalClient" %> +<%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.client.PreferenceRetrievalClient" %> +<%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.client.PreferenceRetrievalClientException" %> <%@ page import="org.wso2.carbon.identity.core.util.IdentityTenantUtil" %> <%@ page import="org.wso2.carbon.identity.core.ServiceURLBuilder" %> <%@ page import="org.wso2.carbon.utils.multitenancy.MultitenantUtils" %> @@ -91,7 +93,8 @@ boolean allowchangeusername = Boolean.parseBoolean(request.getParameter("allowchangeusername")); boolean isPasswordProvisionEnabled = Boolean.parseBoolean(request.getParameter("passwordProvisionEnabled")); boolean piisConfigured = false; - + PreferenceRetrievalClient preferenceRetrievalClient = new PreferenceRetrievalClient(); + boolean isSelfRegistrationLockOnCreationEnabled = preferenceRetrievalClient.checkSelfRegistrationLockOnCreation(tenantDomain); String callback = Encode.forHtmlAttribute(request.getParameter("callback")); String backToUrl = callback; String sp = Encode.forHtmlAttribute(request.getParameter("sp")); @@ -118,7 +121,7 @@ SelfRegistrationMgtClient selfRegistrationMgtClient = new SelfRegistrationMgtClient(); User user = IdentityManagementServiceUtil.getInstance().resolveUser(username, tenantDomain, isSaaSApp); - + boolean isUsernameValidationEnabled = Boolean.parseBoolean(IdentityUtil.getProperty("InputValidation.Username.Enabled")); ApplicationDataRetrievalClient applicationDataRetrievalClient = new ApplicationDataRetrievalClient(); try { // Retrieve application Id. @@ -531,10 +534,9 @@
- <% } else { + <% } else { String logoPath = imageURL; - if (!imageURL.isEmpty() && imageURL.contains("/")) { String[] imageURLSegements = imageURL.split("/"); String logoFileName = imageURLSegements[imageURLSegements.length - 1]; @@ -670,7 +672,7 @@ <% if(skipSignUpEnableCheck) {%> value="<%=Encode.forHtmlAttribute(username)%>" <%}%>> <% if (emailPII != null) { %>
+ <%if (isSelfRegistrationLockOnCreationEnabled || emailPII.getRequired() || !isAlphanumericUsernameEnabled) { %> class="field required" <%} else { %> class="field" @@ -687,7 +689,7 @@ placeholder="<%=IdentityManagementEndpointUtil.i18n(recoveryResourceBundle, "enter.your.email")%>" data-testid="self-register-page-username-input" autocomplete="off" - <%if (emailPII.getRequired() || !isAlphanumericUsernameEnabled) {%> required <%}%> + <%if (emailPII.getRequired() || !isAlphanumericUsernameEnabled || isSelfRegistrationLockOnCreationEnabled) {%> required <%}%> />
@@ -1281,6 +1283,9 @@ + " " + (usernameConfig.maxLength ?? 255) + " " + "<%=IdentityManagementEndpointUtil.i18n(recoveryResourceBundle, "characters.including.one.letter")%>" ); + if (!<%=isUsernameValidationEnabled%>) { + $("#alphanumeric-username-msg").hide(); + } // Check whether the alphanumeric username is enabled or disabled. function isAlphanumericUsernameEnabled() { @@ -1292,6 +1297,9 @@ $("#alphanumericUsernameField").show(); document.getElementById("alphanumericUsernameUserInput").setAttribute("name", "alphanumericUsernameUserInput"); } + if (!<%=isUsernameValidationEnabled%>) { + $("#alphanumericUsernameField").show(); + } // Reloads the page if the page is loaded by going back in history. // Fixes issues with Firefox. @@ -1318,7 +1326,11 @@ // Fires when username field lose focus. $('#alphanumericUsernameUserInput').bind('blur', function () { - showAlphanumericUsernameValidationStatus(); + if (<%=isUsernameValidationEnabled%>) { + showAlphanumericUsernameValidationStatus(); + } else { + showUsernameRegexValidationStatus(); + } }); // Fires when password field lose focus. @@ -1488,8 +1500,16 @@ var error_msg = $("#error-msg"); var server_error_msg = $("#server-error-msg"); - // Username validation. - if (isAlphanumericUsernameEnabled()) { + if (!<%=isUsernameValidationEnabled%>) { + if (showUsernameRegexValidationStatus()) { + userName.value = alphanumericUsernameUserInput.value.trim(); + } else { + validInput = false; + } + if (<%=isSelfRegistrationLockOnCreationEnabled%> && !showUsernameValidationStatus()) { + validInput = false + } + } else if (isAlphanumericUsernameEnabled()) { if (showAlphanumericUsernameValidationStatus()) { userName.value = alphanumericUsernameUserInput.value.trim(); } else { @@ -1606,7 +1626,16 @@ var server_error_msg = $("#server-error-msg"); // Username validation. - if (isAlphanumericUsernameEnabled()) { + if (!<%=isUsernameValidationEnabled%>) { + if (showUsernameRegexValidationStatus()) { + userName.value = alphanumericUsernameUserInput.value.trim(); + } else { + validInput = false; + } + if (<%=isSelfRegistrationLockOnCreationEnabled%> && !showUsernameValidationStatus()) { + validInput = false + } + } else if (isAlphanumericUsernameEnabled()) { if (showAlphanumericUsernameValidationStatus()) { userName.value = alphanumericUsernameUserInput.value.trim(); } else { @@ -1797,6 +1826,32 @@ $("#" + element_field).removeClass("error"); } + function showUsernameRegexValidationStatus() { + + var alphanumericUsernameUserInput = document.getElementById("alphanumericUsernameUserInput"); + var alphanumericUsernameField = $("#alphanumericUsernameField"); + var alphanumeric_username_error_msg = $("#alphanumeric-username-error-msg"); + var server_error_msg = $("#server-error-msg"); + var alphanumeric_username_error_msg_text = $("#alphanumeric-username-error-msg-text"); + if (server_error_msg.text() !== null && server_error_msg.text().trim() !== "" ) { + alphanumeric_username_error_msg.hide(); + alphanumericUsernameField.removeClass("error"); + } + + if (alphanumericUsernameUserInput.value.trim() === "") { + alphanumeric_username_error_msg_text.text("<%=IdentityManagementEndpointUtil.i18n(recoveryResourceBundle, "enter.your.username")%>"); + alphanumeric_username_error_msg.show(); + alphanumericUsernameField.addClass("error"); + $("html, body").animate({scrollTop: alphanumeric_username_error_msg_text.offset().top}, 'slow'); + + return false; + } + alphanumeric_username_error_msg.hide(); + alphanumericUsernameField.removeClass("error"); + return true + + } + function showAlphanumericUsernameValidationStatus() { var alphanumericUsernameUserInput = document.getElementById("alphanumericUsernameUserInput"); var alphanumericUsernameField = $("#alphanumericUsernameField"); @@ -1849,7 +1904,9 @@ var username_error_msg = $("#username-error-msg"); var server_error_msg = $("#server-error-msg"); var username_error_msg_text = $("#username-error-msg-text"); - <% if (emailPII != null) { %> + <% if (isSelfRegistrationLockOnCreationEnabled) { %> + var emailRequired = true; + <% } else if (emailPII != null) { %> var emailRequired = <%=emailPII.getRequired()%>; <% } else { %> var emailRequired = false; From 98dd6218c3d142211ef0cf54dae4cae3a239e704 Mon Sep 17 00:00:00 2001 From: bhagyasakalanka <35135065+bhagyasakalanka@users.noreply.github.com> Date: Mon, 30 Oct 2023 10:55:00 +0530 Subject: [PATCH 2/5] Update identity-apps-core/apps/recovery-portal/src/main/webapp/self-registration-username-request.jsp Co-authored-by: Jayashakthi Perera --- .../src/main/webapp/self-registration-username-request.jsp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/identity-apps-core/apps/recovery-portal/src/main/webapp/self-registration-username-request.jsp b/identity-apps-core/apps/recovery-portal/src/main/webapp/self-registration-username-request.jsp index dbf5524ace4..f3e5427c646 100644 --- a/identity-apps-core/apps/recovery-portal/src/main/webapp/self-registration-username-request.jsp +++ b/identity-apps-core/apps/recovery-portal/src/main/webapp/self-registration-username-request.jsp @@ -1833,7 +1833,7 @@ var alphanumeric_username_error_msg = $("#alphanumeric-username-error-msg"); var server_error_msg = $("#server-error-msg"); var alphanumeric_username_error_msg_text = $("#alphanumeric-username-error-msg-text"); - if (server_error_msg.text() !== null && server_error_msg.text().trim() !== "" ) { + if (server_error_msg.text() !== null && server_error_msg.text().trim() !== "") { alphanumeric_username_error_msg.hide(); alphanumericUsernameField.removeClass("error"); } From 1295f345efcb4b8c3afe87aa958d69646f86fe5f Mon Sep 17 00:00:00 2001 From: bhagyasakalanka <35135065+bhagyasakalanka@users.noreply.github.com> Date: Mon, 30 Oct 2023 10:55:12 +0530 Subject: [PATCH 3/5] Update identity-apps-core/apps/recovery-portal/src/main/webapp/self-registration-username-request.jsp Co-authored-by: Jayashakthi Perera --- .../src/main/webapp/self-registration-username-request.jsp | 1 - 1 file changed, 1 deletion(-) diff --git a/identity-apps-core/apps/recovery-portal/src/main/webapp/self-registration-username-request.jsp b/identity-apps-core/apps/recovery-portal/src/main/webapp/self-registration-username-request.jsp index f3e5427c646..de9d3eab276 100644 --- a/identity-apps-core/apps/recovery-portal/src/main/webapp/self-registration-username-request.jsp +++ b/identity-apps-core/apps/recovery-portal/src/main/webapp/self-registration-username-request.jsp @@ -1849,7 +1849,6 @@ alphanumeric_username_error_msg.hide(); alphanumericUsernameField.removeClass("error"); return true - } function showAlphanumericUsernameValidationStatus() { From 344986b75d91404040d8c3c91c3a3e0abf58c7f9 Mon Sep 17 00:00:00 2001 From: Bhagyasakalanka Date: Mon, 30 Oct 2023 11:26:45 +0530 Subject: [PATCH 4/5] User redirect to register page in case of username validation failed after click signup --- .../src/main/webapp/self-registration-process.jsp | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/identity-apps-core/apps/recovery-portal/src/main/webapp/self-registration-process.jsp b/identity-apps-core/apps/recovery-portal/src/main/webapp/self-registration-process.jsp index 054161b3aa7..6fd679d8b58 100644 --- a/identity-apps-core/apps/recovery-portal/src/main/webapp/self-registration-process.jsp +++ b/identity-apps-core/apps/recovery-portal/src/main/webapp/self-registration-process.jsp @@ -66,6 +66,7 @@ String SELF_REGISTRATION_WITH_VERIFICATION_PAGE = "self-registration-with-verification.jsp"; String SELF_REGISTRATION_WITHOUT_VERIFICATION_PAGE = "* self-registration-without-verification.jsp"; String passwordPatternErrorCode = "20035"; + String usernamePatternErrorCode = "20045"; String AUTO_LOGIN_COOKIE_NAME = "ALOR"; String AUTO_LOGIN_COOKIE_DOMAIN = "AutoLoginCookieDomain"; String AUTO_LOGIN_FLOW_TYPE = "SIGNUP"; @@ -378,7 +379,13 @@ request.getRequestDispatcher(SELF_REGISTRATION_WITHOUT_VERIFICATION_PAGE).forward(request, response); } - + return; + } else if (usernamePatternErrorCode.equals(errorCode)) { + String i18Resource = IdentityManagementEndpointUtil.i18n(recoveryResourceBundle, errorCode); + if (!i18Resource.equals(errorCode)) { + request.setAttribute(ERROR_MESSAGE, i18Resource); + } + request.getRequestDispatcher("register.do").forward(request, response); return; } else { if (!StringUtils.isBlank(username)) { From 81eed0a76c5910d1e07b2746f03e965e68b4310d Mon Sep 17 00:00:00 2001 From: Bhagyasakalanka Date: Mon, 30 Oct 2023 11:48:42 +0530 Subject: [PATCH 5/5] Add changeset --- .changeset/tall-guests-rule.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 .changeset/tall-guests-rule.md diff --git a/.changeset/tall-guests-rule.md b/.changeset/tall-guests-rule.md new file mode 100644 index 00000000000..61dd1d7244f --- /dev/null +++ b/.changeset/tall-guests-rule.md @@ -0,0 +1,5 @@ +--- +"@wso2is/identity-apps-core": patch +--- + +Disable input validation for usename in IS by default