diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/pom.xml b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/pom.xml
index f2d9357e..9772bbfd 100644
--- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/pom.xml
+++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/pom.xml
@@ -222,6 +222,7 @@
**/*DefaultSPMetadataFilter.class
**/*IdentityServiceExporter.class
**/*DeviceVerificationToken.class
+ **/wrapper/*
diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/main/java/com/wso2/openbanking/accelerator/identity/dcr/utils/ValidatorUtils.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/main/java/com/wso2/openbanking/accelerator/identity/dcr/utils/ValidatorUtils.java
index e7bd8359..ec7b9c92 100644
--- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/main/java/com/wso2/openbanking/accelerator/identity/dcr/utils/ValidatorUtils.java
+++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/main/java/com/wso2/openbanking/accelerator/identity/dcr/utils/ValidatorUtils.java
@@ -1,5 +1,5 @@
/**
- * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com).
+ * Copyright (c) 2023-2024, WSO2 LLC. (https://www.wso2.com).
*
* WSO2 LLC. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
@@ -21,7 +21,7 @@
import com.wso2.openbanking.accelerator.common.validator.OpenBankingValidator;
import com.wso2.openbanking.accelerator.identity.dcr.exception.DCRValidationException;
import com.wso2.openbanking.accelerator.identity.dcr.model.RegistrationRequest;
-import com.wso2.openbanking.accelerator.identity.dcr.validation.validationorder.ValidationOrder;
+import com.wso2.openbanking.accelerator.identity.dcr.validation.validationgroups.ValidationOrder;
import com.wso2.openbanking.accelerator.identity.internal.IdentityExtensionsDataHolder;
import com.wso2.openbanking.accelerator.identity.util.IdentityCommonConstants;
import com.wso2.openbanking.accelerator.identity.util.IdentityCommonUtil;
diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/main/java/com/wso2/openbanking/accelerator/identity/dcr/validation/validationgroups/ValidationOrder.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/main/java/com/wso2/openbanking/accelerator/identity/dcr/validation/validationgroups/ValidationOrder.java
index fc223fdd..d42af484 100644
--- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/main/java/com/wso2/openbanking/accelerator/identity/dcr/validation/validationgroups/ValidationOrder.java
+++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/main/java/com/wso2/openbanking/accelerator/identity/dcr/validation/validationgroups/ValidationOrder.java
@@ -17,10 +17,6 @@
*/
package com.wso2.openbanking.accelerator.identity.dcr.validation.validationgroups;
-import com.wso2.openbanking.accelerator.identity.common.annotations.validationgroups.AttributeChecks;
-import com.wso2.openbanking.accelerator.identity.common.annotations.validationgroups.MandatoryChecks;
-import com.wso2.openbanking.accelerator.identity.common.annotations.validationgroups.SignatureCheck;
-
import javax.validation.GroupSequence;
/**
diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/auth/extensions/authz/request/OBOAuthAuthzRequestTest.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/auth/extensions/authz/request/OBOAuthAuthzRequestTest.java
index 1e3b475f..01864c22 100644
--- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/auth/extensions/authz/request/OBOAuthAuthzRequestTest.java
+++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/auth/extensions/authz/request/OBOAuthAuthzRequestTest.java
@@ -1,5 +1,5 @@
/**
- * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com).
+ * Copyright (c) 2023-2024, WSO2 LLC. (https://www.wso2.com).
*
* WSO2 LLC. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
@@ -34,6 +34,8 @@
import org.wso2.carbon.identity.oauth.common.CodeTokenResponseValidator;
import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
@@ -273,4 +275,54 @@ public void testValidGetStateFromRequestURI() throws OAuthProblemException, OAut
assertEquals(obOAuthAuthzRequest.getState(), "abc");
}
+ @Test
+ public void testInvalidGetStateFromRequestURI() throws OAuthProblemException, OAuthSystemException {
+
+ Map mockParameterMap = new HashMap<>();
+ mockParameterMap.put(IdentityCommonConstants.RESPONSE_TYPE, new String[]{"code id_token"});
+ mockParameterMap.put(IdentityCommonConstants.REQUEST_URI,
+ new String[]{SAMPLE_REQUEST_URI});
+
+ when(mockRequest.getParameterMap()).thenReturn(mockParameterMap);
+ when(mockRequest.getParameter(IdentityCommonConstants.RESPONSE_TYPE)).thenReturn("code id_token");
+ when(mockRequest.getParameter(IdentityCommonConstants.REDIRECT_URI)).thenReturn("abc.com");
+ when(mockRequest.getParameter(IdentityCommonConstants.SCOPE)).thenReturn("openid");
+ when(mockRequest.getParameter(IdentityCommonConstants.REQUEST_URI)).thenReturn(SAMPLE_REQUEST_URI);
+
+ // Simulate an exception being thrown when decoding the state
+ PowerMockito.when(IdentityCommonUtil.decodeRequestObjectAndGetKey(mockRequest, OAuth.OAUTH_STATE))
+ .thenThrow(OAuthProblemException.error("invalid_request").description("Invalid state").state("abc"));
+
+ obOAuthAuthzRequest = new OBOAuthAuthzRequest(mockRequest);
+
+ assertEquals(obOAuthAuthzRequest.getState(), null);
+ }
+
+ @Test
+ public void testValidGetScopesFromRequest_WhenRequestURIIsAbsent() throws OAuthProblemException,
+ OAuthSystemException {
+
+ Map mockParameterMap = new HashMap<>();
+ mockParameterMap.put(IdentityCommonConstants.RESPONSE_TYPE, new String[]{"code id_token"});
+ mockParameterMap.put(IdentityCommonConstants.SCOPE, new String[]{"openid"});
+ mockParameterMap.put(IdentityCommonConstants.REQUEST,
+ new String[]{Base64.getEncoder().encodeToString(
+ "{\"scope\": \"openid\", \"redirect_uri\": \"http://example.com\"}".getBytes(
+ StandardCharsets.UTF_8))});
+ mockParameterMap.put(IdentityCommonConstants.REDIRECT_URI, new String[]{"http://example.com"});
+
+ when(mockRequest.getParameterMap()).thenReturn(mockParameterMap);
+ when(mockRequest.getParameter(IdentityCommonConstants.RESPONSE_TYPE)).thenReturn("code id_token");
+ when(mockRequest.getParameter(IdentityCommonConstants.SCOPE)).thenReturn("openid");
+ when(mockRequest.getParameter(IdentityCommonConstants.REQUEST)).thenReturn(
+ Base64.getEncoder().encodeToString(
+ "{\"scope\": \"openid\", \"redirect_uri\": \"http://example.com\"}".getBytes(
+ StandardCharsets.UTF_8)));
+ when(mockRequest.getParameter(IdentityCommonConstants.REDIRECT_URI)).thenReturn("http://example.com");
+
+ obOAuthAuthzRequest = new OBOAuthAuthzRequest(mockRequest);
+
+ assertEquals(obOAuthAuthzRequest.getScopes(), new HashSet<>(Collections.singletonList("openid")));
+ }
+
}
diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/auth/extensions/response/handler/ResponseTypeHandlerTest.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/auth/extensions/response/handler/ResponseTypeHandlerTest.java
index 0d7f65c7..a6df365f 100644
--- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/auth/extensions/response/handler/ResponseTypeHandlerTest.java
+++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/auth/extensions/response/handler/ResponseTypeHandlerTest.java
@@ -1,5 +1,5 @@
/**
- * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com).
+ * Copyright (c) 2023-2024, WSO2 LLC. (https://www.wso2.com).
*
* WSO2 LLC. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
@@ -28,10 +28,12 @@
import static org.mockito.Matchers.anyObject;
import static org.mockito.Mockito.doReturn;
+import static org.mockito.Mockito.doThrow;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
+import static org.testng.Assert.fail;
import static org.testng.AssertJUnit.assertEquals;
/**
@@ -96,7 +98,7 @@ public void checkValidCodeResponseTypeHandling() throws IdentityOAuth2Exception,
}
@Test
- public void checkHandlerLogic() {
+ public void checkHandlerLogic() {
OAuthAuthzReqMessageContext mock = mock(OAuthAuthzReqMessageContext.class);
when(mock.getRefreshTokenvalidityPeriod()).thenReturn(6666L);
@@ -107,4 +109,24 @@ public void checkHandlerLogic() {
assertEquals(6666L, uut.updateRefreshTokenValidityPeriod(mock));
}
+
+ @Test
+ public void checkExceptionHandling_WhenIsRegulatoryThrowsOpenBankingException() throws Exception {
+
+ OAuthAuthzReqMessageContext mockAuthzReqMsgCtx = mock(OAuthAuthzReqMessageContext.class);
+ OAuth2AuthorizeReqDTO mockAuthorizeReqDTO = mock(OAuth2AuthorizeReqDTO.class);
+ when(mockAuthzReqMsgCtx.getAuthorizationReqDTO()).thenReturn(mockAuthorizeReqDTO);
+ when(mockAuthorizeReqDTO.getConsumerKey()).thenReturn("dummyClientId");
+ OBCodeResponseTypeHandlerExtension uut = spy(new OBCodeResponseTypeHandlerExtension());
+ doThrow(new OpenBankingException("Simulated isRegulatory exception"))
+ .when(uut).isRegulatory("dummyClientId");
+
+ try {
+ uut.issue(mockAuthzReqMsgCtx);
+ fail("Expected IdentityOAuth2Exception was not thrown.");
+ } catch (IdentityOAuth2Exception e) {
+ // Verify that the IdentityOAuth2Exception is thrown with the expected message
+ assertEquals("Error while reading regulatory property", e.getMessage());
+ }
+ }
}
diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/dcr/validation/AlgorithmValidatorTest.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/dcr/validation/AlgorithmValidatorTest.java
new file mode 100644
index 00000000..3e474e73
--- /dev/null
+++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/dcr/validation/AlgorithmValidatorTest.java
@@ -0,0 +1,108 @@
+/**
+ * Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package com.wso2.openbanking.accelerator.identity.dcr.validation;
+
+import com.wso2.openbanking.accelerator.common.constant.OpenBankingConstants;
+import com.wso2.openbanking.accelerator.identity.dcr.validation.annotation.ValidateAlgorithm;
+import com.wso2.openbanking.accelerator.identity.internal.IdentityExtensionsDataHolder;
+import org.apache.commons.beanutils.BeanUtils;
+import org.mockito.Mock;
+import org.powermock.api.mockito.PowerMockito;
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.powermock.modules.testng.PowerMockTestCase;
+import org.testng.Assert;
+import org.testng.annotations.BeforeMethod;
+import org.testng.annotations.Test;
+
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.validation.ConstraintValidatorContext;
+
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+@PowerMockIgnore("jdk.internal.reflect.*")
+@PrepareForTest({BeanUtils.class, IdentityExtensionsDataHolder.class})
+public class AlgorithmValidatorTest extends PowerMockTestCase {
+
+ private AlgorithmValidator validator;
+
+ @Mock
+ private ValidateAlgorithm validateAlgorithm;
+
+ @BeforeMethod
+ public void setUp() {
+ validator = new AlgorithmValidator();
+
+ when(validateAlgorithm.idTokenAlg()).thenReturn("idTokenAlg");
+ when(validateAlgorithm.reqObjAlg()).thenReturn("reqObjAlg");
+ when(validateAlgorithm.tokenAuthAlg()).thenReturn("tokenAuthAlg");
+
+ validator.initialize(validateAlgorithm);
+ }
+
+ @Test
+ public void testIsValid_ReturnsTrue_WhenAlgorithmsAreAllowed() throws Exception {
+ Object requestObject = mock(Object.class);
+ ConstraintValidatorContext context = mock(ConstraintValidatorContext.class);
+
+ PowerMockito.mockStatic(BeanUtils.class);
+ PowerMockito.when(BeanUtils.getProperty(requestObject, "idTokenAlg")).thenReturn("RS256");
+ PowerMockito.when(BeanUtils.getProperty(requestObject, "reqObjAlg")).thenReturn("RS256");
+ PowerMockito.when(BeanUtils.getProperty(requestObject, "tokenAuthAlg")).thenReturn("RS256");
+
+ List allowedAlgorithms = Arrays.asList("RS256", "HS256");
+
+ PowerMockito.mockStatic(IdentityExtensionsDataHolder.class);
+ IdentityExtensionsDataHolder dataHolder = PowerMockito.mock(IdentityExtensionsDataHolder.class);
+ Map configMap = new HashMap<>();
+ configMap.put(OpenBankingConstants.SIGNATURE_ALGORITHMS, allowedAlgorithms);
+ when(dataHolder.getConfigurationMap()).thenReturn(configMap);
+ PowerMockito.when(IdentityExtensionsDataHolder.getInstance()).thenReturn(dataHolder);
+
+ boolean result = validator.isValid(requestObject, context);
+ Assert.assertTrue(result);
+ }
+
+ @Test
+ public void testIsValid_ReturnsFalse_WhenAlgorithmsAreNotAllowed() throws Exception {
+ Object requestObject = mock(Object.class);
+ ConstraintValidatorContext context = mock(ConstraintValidatorContext.class);
+
+ PowerMockito.mockStatic(BeanUtils.class);
+ PowerMockito.when(BeanUtils.getProperty(requestObject, "idTokenAlg")).thenReturn("RS512");
+ PowerMockito.when(BeanUtils.getProperty(requestObject, "reqObjAlg")).thenReturn("RS512");
+ PowerMockito.when(BeanUtils.getProperty(requestObject, "tokenAuthAlg")).thenReturn("RS512");
+
+ List allowedAlgorithms = Arrays.asList("RS256", "HS256");
+
+ PowerMockito.mockStatic(IdentityExtensionsDataHolder.class);
+ IdentityExtensionsDataHolder dataHolder = PowerMockito.mock(IdentityExtensionsDataHolder.class);
+ Map configMap = new HashMap<>();
+ configMap.put(OpenBankingConstants.SIGNATURE_ALGORITHMS, allowedAlgorithms);
+ when(dataHolder.getConfigurationMap()).thenReturn(configMap);
+ PowerMockito.when(IdentityExtensionsDataHolder.getInstance()).thenReturn(dataHolder);
+
+ boolean result = validator.isValid(requestObject, context);
+ Assert.assertFalse(result);
+ }
+}
diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/dcr/validation/IssuerValidatorTest.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/dcr/validation/IssuerValidatorTest.java
new file mode 100644
index 00000000..a5f30382
--- /dev/null
+++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/dcr/validation/IssuerValidatorTest.java
@@ -0,0 +1,81 @@
+/**
+ * Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package com.wso2.openbanking.accelerator.identity.dcr.validation;
+
+import com.wso2.openbanking.accelerator.common.util.JWTUtils;
+import com.wso2.openbanking.accelerator.identity.dcr.validation.annotation.ValidateIssuer;
+import org.apache.commons.beanutils.BeanUtils;
+import org.mockito.Mock;
+import org.powermock.api.mockito.PowerMockito;
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.powermock.modules.testng.PowerMockTestCase;
+import org.testng.Assert;
+import org.testng.annotations.BeforeMethod;
+import org.testng.annotations.Test;
+
+import javax.validation.ConstraintValidatorContext;
+
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+@PowerMockIgnore("jdk.internal.reflect.*")
+@PrepareForTest({JWTUtils.class, BeanUtils.class})
+public class IssuerValidatorTest extends PowerMockTestCase {
+
+ private IssuerValidator validator;
+
+ @Mock
+ private ValidateIssuer validateIssuer;
+
+ @BeforeMethod
+ public void setUp() {
+ validator = new IssuerValidator();
+
+ when(validateIssuer.issuerProperty()).thenReturn("issuer");
+ when(validateIssuer.ssa()).thenReturn("ssa");
+
+ validator.initialize(validateIssuer);
+ }
+
+ @Test
+ public void testIsValid_ReturnsTrue_WhenIssuerOrSoftwareStatementIsNull() throws Exception {
+ Object registrationRequest = mock(Object.class);
+ ConstraintValidatorContext context = mock(ConstraintValidatorContext.class);
+
+ PowerMockito.mockStatic(BeanUtils.class);
+ PowerMockito.when(BeanUtils.getProperty(registrationRequest, "issuer")).thenReturn(null);
+ PowerMockito.when(BeanUtils.getProperty(registrationRequest, "ssa")).thenReturn(null);
+
+ boolean result = validator.isValid(registrationRequest, context);
+ Assert.assertTrue(result);
+ }
+
+ @Test
+ public void testIsValid_ReturnsFalse_OnException() throws Exception {
+ Object registrationRequest = mock(Object.class);
+ ConstraintValidatorContext context = mock(ConstraintValidatorContext.class);
+
+ PowerMockito.mockStatic(BeanUtils.class);
+ PowerMockito.when(BeanUtils.getProperty(registrationRequest, "issuer")).thenThrow(new NoSuchMethodException());
+ PowerMockito.when(BeanUtils.getProperty(registrationRequest, "ssa")).thenReturn("dummy-ssa");
+
+ boolean result = validator.isValid(registrationRequest, context);
+ Assert.assertFalse(result);
+ }
+}
diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/dcr/validation/RequiredParamsValidatorTest.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/dcr/validation/RequiredParamsValidatorTest.java
new file mode 100644
index 00000000..1c286cbf
--- /dev/null
+++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/dcr/validation/RequiredParamsValidatorTest.java
@@ -0,0 +1,160 @@
+/**
+ * Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package com.wso2.openbanking.accelerator.identity.dcr.validation;
+
+import com.wso2.openbanking.accelerator.identity.dcr.model.RegistrationRequest;
+import com.wso2.openbanking.accelerator.identity.dcr.validation.annotation.ValidateRequiredParams;
+import com.wso2.openbanking.accelerator.identity.internal.IdentityExtensionsDataHolder;
+import org.hibernate.validator.internal.engine.constraintvalidation.ConstraintValidatorContextImpl;
+import org.hibernate.validator.internal.engine.path.PathImpl;
+import org.mockito.Mock;
+import org.powermock.api.mockito.PowerMockito;
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.powermock.modules.testng.PowerMockTestCase;
+import org.testng.Assert;
+import org.testng.annotations.BeforeMethod;
+import org.testng.annotations.Test;
+
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.validation.ConstraintValidatorContext;
+
+import static org.mockito.Matchers.anyString;
+import static org.mockito.Mockito.doReturn;
+import static org.mockito.Mockito.mock;
+
+@PowerMockIgnore("jdk.internal.reflect.*")
+@PrepareForTest({IdentityExtensionsDataHolder.class})
+public class RequiredParamsValidatorTest extends PowerMockTestCase {
+
+ private RequiredParamsValidator validator;
+
+ @Mock
+ private ValidateRequiredParams validateRequiredParams;
+
+ private IdentityExtensionsDataHolder identityExtensionsDataHolderMock;
+
+ @BeforeMethod
+ public void setUp() {
+ validator = new RequiredParamsValidator();
+ validator.initialize(validateRequiredParams);
+
+ PowerMockito.mockStatic(IdentityExtensionsDataHolder.class);
+ identityExtensionsDataHolderMock = PowerMockito.mock(IdentityExtensionsDataHolder.class);
+ PowerMockito.when(IdentityExtensionsDataHolder.getInstance()).thenReturn(identityExtensionsDataHolderMock);
+
+ // Mock the DCR registration config map with some test data
+ Map> configMap = new HashMap<>();
+ Map paramConfig = new HashMap<>();
+ paramConfig.put(DCRCommonConstants.DCR_REGISTRATION_PARAM_REQUIRED, "true");
+ configMap.put("tokenEndPointAuthentication", paramConfig);
+
+ Map scopeAllowedValuesConfig = new HashMap<>();
+ scopeAllowedValuesConfig.put(DCRCommonConstants.DCR_REGISTRATION_PARAM_ALLOWED_VALUES, Arrays.asList(
+ "scope1", "scope2"));
+ configMap.put("scope", scopeAllowedValuesConfig);
+
+
+ Map appTypeAllowedValuesConfig = new HashMap<>();
+ appTypeAllowedValuesConfig.put(DCRCommonConstants.DCR_REGISTRATION_PARAM_ALLOWED_VALUES, Arrays.asList(
+ "web", "mobile"));
+ configMap.put("applicationType", appTypeAllowedValuesConfig);
+
+ PowerMockito.when(identityExtensionsDataHolderMock.getDcrRegistrationConfigMap()).thenReturn(configMap);
+ }
+
+ @Test
+ public void testIsValid_ReturnsTrue_WhenAllRequestObjectIsEmpty() {
+ PowerMockito.when(identityExtensionsDataHolderMock.getDcrRegistrationConfigMap()).thenReturn(new HashMap<>());
+ ConstraintValidatorContext context = mock(ConstraintValidatorContext.class);
+ doReturn(getConstraintViolationBuilder()).when(context).buildConstraintViolationWithTemplate(anyString());
+ RegistrationRequest request = new RegistrationRequest();
+ boolean result = validator.isValid(request, context);
+ Assert.assertTrue(result);
+ }
+
+ @Test
+ public void testIsValid_ReturnsTrue_WhenRequiredParametersArePresent() {
+ ConstraintValidatorContext context = mock(ConstraintValidatorContext.class);
+ doReturn(getConstraintViolationBuilder()).when(context).buildConstraintViolationWithTemplate(anyString());
+ RegistrationRequest request = getSampleRegistrationRequestWithRequiredParams();
+ boolean result = validator.isValid(request, context);
+ Assert.assertTrue(result);
+ }
+
+ @Test
+ public void testIsValid_ReturnsFalse_WhenRequiredParameterIsBlank() {
+ ConstraintValidatorContext context = mock(ConstraintValidatorContext.class);
+ doReturn(getConstraintViolationBuilder()).when(context).buildConstraintViolationWithTemplate(anyString());
+ RegistrationRequest request = getSampleRegistrationRequestWithBlankRequiredParams();
+ boolean result = validator.isValid(request, context);
+ Assert.assertFalse(result);
+ }
+
+ @Test
+ public void testIsValid_ReturnsFalse_WhenScopeNotAllowed() {
+ ConstraintValidatorContext context = mock(ConstraintValidatorContext.class);
+ doReturn(getConstraintViolationBuilder()).when(context).buildConstraintViolationWithTemplate(anyString());
+ RegistrationRequest request = getSampleRegistrationRequestWithScope();
+ boolean result = validator.isValid(request, context);
+ Assert.assertFalse(result);
+ }
+
+ private ConstraintValidatorContext.ConstraintViolationBuilder getConstraintViolationBuilder() {
+
+ PathImpl propertyPath = PathImpl.createPathFromString("example.path");
+ ConstraintValidatorContextImpl context = new ConstraintValidatorContextImpl(
+ null,
+ null,
+ propertyPath,
+ null,
+ null
+ );
+ return context.buildConstraintViolationWithTemplate("message");
+ }
+
+ private RegistrationRequest getSampleRegistrationRequestWithRequiredParams() {
+
+ RegistrationRequest registrationRequest = new RegistrationRequest();
+ registrationRequest.setApplicationType("web");
+ registrationRequest.setTokenEndPointAuthentication("auth_method");
+ registrationRequest.setScope("scope1 scope2");
+ return registrationRequest;
+ }
+
+ private RegistrationRequest getSampleRegistrationRequestWithBlankRequiredParams() {
+
+ RegistrationRequest registrationRequest = new RegistrationRequest();
+ registrationRequest.setApplicationType("web");
+ registrationRequest.setTokenEndPointAuthentication("");
+ registrationRequest.setScope("scope1 scope2");
+ return registrationRequest;
+ }
+
+ private RegistrationRequest getSampleRegistrationRequestWithScope() {
+
+ RegistrationRequest registrationRequest = new RegistrationRequest();
+ registrationRequest.setTokenEndPointAuthentication("auth_method");
+ registrationRequest.setScope("scope1 scope3");
+ return registrationRequest;
+ }
+
+}
diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/resources/testng.xml b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/resources/testng.xml
index 2e2d71d2..f2b8a270 100644
--- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/resources/testng.xml
+++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/resources/testng.xml
@@ -67,6 +67,9 @@
+
+
+