diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/pom.xml b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/pom.xml index f2d9357e..9772bbfd 100644 --- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/pom.xml +++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/pom.xml @@ -222,6 +222,7 @@ **/*DefaultSPMetadataFilter.class **/*IdentityServiceExporter.class **/*DeviceVerificationToken.class + **/wrapper/* diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/main/java/com/wso2/openbanking/accelerator/identity/dcr/utils/ValidatorUtils.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/main/java/com/wso2/openbanking/accelerator/identity/dcr/utils/ValidatorUtils.java index e7bd8359..ec7b9c92 100644 --- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/main/java/com/wso2/openbanking/accelerator/identity/dcr/utils/ValidatorUtils.java +++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/main/java/com/wso2/openbanking/accelerator/identity/dcr/utils/ValidatorUtils.java @@ -1,5 +1,5 @@ /** - * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com). + * Copyright (c) 2023-2024, WSO2 LLC. (https://www.wso2.com). * * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except @@ -21,7 +21,7 @@ import com.wso2.openbanking.accelerator.common.validator.OpenBankingValidator; import com.wso2.openbanking.accelerator.identity.dcr.exception.DCRValidationException; import com.wso2.openbanking.accelerator.identity.dcr.model.RegistrationRequest; -import com.wso2.openbanking.accelerator.identity.dcr.validation.validationorder.ValidationOrder; +import com.wso2.openbanking.accelerator.identity.dcr.validation.validationgroups.ValidationOrder; import com.wso2.openbanking.accelerator.identity.internal.IdentityExtensionsDataHolder; import com.wso2.openbanking.accelerator.identity.util.IdentityCommonConstants; import com.wso2.openbanking.accelerator.identity.util.IdentityCommonUtil; diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/main/java/com/wso2/openbanking/accelerator/identity/dcr/validation/validationgroups/ValidationOrder.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/main/java/com/wso2/openbanking/accelerator/identity/dcr/validation/validationgroups/ValidationOrder.java index fc223fdd..d42af484 100644 --- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/main/java/com/wso2/openbanking/accelerator/identity/dcr/validation/validationgroups/ValidationOrder.java +++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/main/java/com/wso2/openbanking/accelerator/identity/dcr/validation/validationgroups/ValidationOrder.java @@ -17,10 +17,6 @@ */ package com.wso2.openbanking.accelerator.identity.dcr.validation.validationgroups; -import com.wso2.openbanking.accelerator.identity.common.annotations.validationgroups.AttributeChecks; -import com.wso2.openbanking.accelerator.identity.common.annotations.validationgroups.MandatoryChecks; -import com.wso2.openbanking.accelerator.identity.common.annotations.validationgroups.SignatureCheck; - import javax.validation.GroupSequence; /** diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/auth/extensions/authz/request/OBOAuthAuthzRequestTest.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/auth/extensions/authz/request/OBOAuthAuthzRequestTest.java index 1e3b475f..01864c22 100644 --- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/auth/extensions/authz/request/OBOAuthAuthzRequestTest.java +++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/auth/extensions/authz/request/OBOAuthAuthzRequestTest.java @@ -1,5 +1,5 @@ /** - * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com). + * Copyright (c) 2023-2024, WSO2 LLC. (https://www.wso2.com). * * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except @@ -34,6 +34,8 @@ import org.wso2.carbon.identity.oauth.common.CodeTokenResponseValidator; import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration; +import java.nio.charset.StandardCharsets; +import java.util.Base64; import java.util.Collections; import java.util.HashMap; import java.util.HashSet; @@ -273,4 +275,54 @@ public void testValidGetStateFromRequestURI() throws OAuthProblemException, OAut assertEquals(obOAuthAuthzRequest.getState(), "abc"); } + @Test + public void testInvalidGetStateFromRequestURI() throws OAuthProblemException, OAuthSystemException { + + Map mockParameterMap = new HashMap<>(); + mockParameterMap.put(IdentityCommonConstants.RESPONSE_TYPE, new String[]{"code id_token"}); + mockParameterMap.put(IdentityCommonConstants.REQUEST_URI, + new String[]{SAMPLE_REQUEST_URI}); + + when(mockRequest.getParameterMap()).thenReturn(mockParameterMap); + when(mockRequest.getParameter(IdentityCommonConstants.RESPONSE_TYPE)).thenReturn("code id_token"); + when(mockRequest.getParameter(IdentityCommonConstants.REDIRECT_URI)).thenReturn("abc.com"); + when(mockRequest.getParameter(IdentityCommonConstants.SCOPE)).thenReturn("openid"); + when(mockRequest.getParameter(IdentityCommonConstants.REQUEST_URI)).thenReturn(SAMPLE_REQUEST_URI); + + // Simulate an exception being thrown when decoding the state + PowerMockito.when(IdentityCommonUtil.decodeRequestObjectAndGetKey(mockRequest, OAuth.OAUTH_STATE)) + .thenThrow(OAuthProblemException.error("invalid_request").description("Invalid state").state("abc")); + + obOAuthAuthzRequest = new OBOAuthAuthzRequest(mockRequest); + + assertEquals(obOAuthAuthzRequest.getState(), null); + } + + @Test + public void testValidGetScopesFromRequest_WhenRequestURIIsAbsent() throws OAuthProblemException, + OAuthSystemException { + + Map mockParameterMap = new HashMap<>(); + mockParameterMap.put(IdentityCommonConstants.RESPONSE_TYPE, new String[]{"code id_token"}); + mockParameterMap.put(IdentityCommonConstants.SCOPE, new String[]{"openid"}); + mockParameterMap.put(IdentityCommonConstants.REQUEST, + new String[]{Base64.getEncoder().encodeToString( + "{\"scope\": \"openid\", \"redirect_uri\": \"http://example.com\"}".getBytes( + StandardCharsets.UTF_8))}); + mockParameterMap.put(IdentityCommonConstants.REDIRECT_URI, new String[]{"http://example.com"}); + + when(mockRequest.getParameterMap()).thenReturn(mockParameterMap); + when(mockRequest.getParameter(IdentityCommonConstants.RESPONSE_TYPE)).thenReturn("code id_token"); + when(mockRequest.getParameter(IdentityCommonConstants.SCOPE)).thenReturn("openid"); + when(mockRequest.getParameter(IdentityCommonConstants.REQUEST)).thenReturn( + Base64.getEncoder().encodeToString( + "{\"scope\": \"openid\", \"redirect_uri\": \"http://example.com\"}".getBytes( + StandardCharsets.UTF_8))); + when(mockRequest.getParameter(IdentityCommonConstants.REDIRECT_URI)).thenReturn("http://example.com"); + + obOAuthAuthzRequest = new OBOAuthAuthzRequest(mockRequest); + + assertEquals(obOAuthAuthzRequest.getScopes(), new HashSet<>(Collections.singletonList("openid"))); + } + } diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/auth/extensions/response/handler/ResponseTypeHandlerTest.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/auth/extensions/response/handler/ResponseTypeHandlerTest.java index 0d7f65c7..a6df365f 100644 --- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/auth/extensions/response/handler/ResponseTypeHandlerTest.java +++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/auth/extensions/response/handler/ResponseTypeHandlerTest.java @@ -1,5 +1,5 @@ /** - * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com). + * Copyright (c) 2023-2024, WSO2 LLC. (https://www.wso2.com). * * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except @@ -28,10 +28,12 @@ import static org.mockito.Matchers.anyObject; import static org.mockito.Mockito.doReturn; +import static org.mockito.Mockito.doThrow; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.spy; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; +import static org.testng.Assert.fail; import static org.testng.AssertJUnit.assertEquals; /** @@ -96,7 +98,7 @@ public void checkValidCodeResponseTypeHandling() throws IdentityOAuth2Exception, } @Test - public void checkHandlerLogic() { + public void checkHandlerLogic() { OAuthAuthzReqMessageContext mock = mock(OAuthAuthzReqMessageContext.class); when(mock.getRefreshTokenvalidityPeriod()).thenReturn(6666L); @@ -107,4 +109,24 @@ public void checkHandlerLogic() { assertEquals(6666L, uut.updateRefreshTokenValidityPeriod(mock)); } + + @Test + public void checkExceptionHandling_WhenIsRegulatoryThrowsOpenBankingException() throws Exception { + + OAuthAuthzReqMessageContext mockAuthzReqMsgCtx = mock(OAuthAuthzReqMessageContext.class); + OAuth2AuthorizeReqDTO mockAuthorizeReqDTO = mock(OAuth2AuthorizeReqDTO.class); + when(mockAuthzReqMsgCtx.getAuthorizationReqDTO()).thenReturn(mockAuthorizeReqDTO); + when(mockAuthorizeReqDTO.getConsumerKey()).thenReturn("dummyClientId"); + OBCodeResponseTypeHandlerExtension uut = spy(new OBCodeResponseTypeHandlerExtension()); + doThrow(new OpenBankingException("Simulated isRegulatory exception")) + .when(uut).isRegulatory("dummyClientId"); + + try { + uut.issue(mockAuthzReqMsgCtx); + fail("Expected IdentityOAuth2Exception was not thrown."); + } catch (IdentityOAuth2Exception e) { + // Verify that the IdentityOAuth2Exception is thrown with the expected message + assertEquals("Error while reading regulatory property", e.getMessage()); + } + } } diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/dcr/validation/AlgorithmValidatorTest.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/dcr/validation/AlgorithmValidatorTest.java new file mode 100644 index 00000000..3e474e73 --- /dev/null +++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/dcr/validation/AlgorithmValidatorTest.java @@ -0,0 +1,108 @@ +/** + * Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package com.wso2.openbanking.accelerator.identity.dcr.validation; + +import com.wso2.openbanking.accelerator.common.constant.OpenBankingConstants; +import com.wso2.openbanking.accelerator.identity.dcr.validation.annotation.ValidateAlgorithm; +import com.wso2.openbanking.accelerator.identity.internal.IdentityExtensionsDataHolder; +import org.apache.commons.beanutils.BeanUtils; +import org.mockito.Mock; +import org.powermock.api.mockito.PowerMockito; +import org.powermock.core.classloader.annotations.PowerMockIgnore; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.testng.PowerMockTestCase; +import org.testng.Assert; +import org.testng.annotations.BeforeMethod; +import org.testng.annotations.Test; + +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.validation.ConstraintValidatorContext; + +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; + +@PowerMockIgnore("jdk.internal.reflect.*") +@PrepareForTest({BeanUtils.class, IdentityExtensionsDataHolder.class}) +public class AlgorithmValidatorTest extends PowerMockTestCase { + + private AlgorithmValidator validator; + + @Mock + private ValidateAlgorithm validateAlgorithm; + + @BeforeMethod + public void setUp() { + validator = new AlgorithmValidator(); + + when(validateAlgorithm.idTokenAlg()).thenReturn("idTokenAlg"); + when(validateAlgorithm.reqObjAlg()).thenReturn("reqObjAlg"); + when(validateAlgorithm.tokenAuthAlg()).thenReturn("tokenAuthAlg"); + + validator.initialize(validateAlgorithm); + } + + @Test + public void testIsValid_ReturnsTrue_WhenAlgorithmsAreAllowed() throws Exception { + Object requestObject = mock(Object.class); + ConstraintValidatorContext context = mock(ConstraintValidatorContext.class); + + PowerMockito.mockStatic(BeanUtils.class); + PowerMockito.when(BeanUtils.getProperty(requestObject, "idTokenAlg")).thenReturn("RS256"); + PowerMockito.when(BeanUtils.getProperty(requestObject, "reqObjAlg")).thenReturn("RS256"); + PowerMockito.when(BeanUtils.getProperty(requestObject, "tokenAuthAlg")).thenReturn("RS256"); + + List allowedAlgorithms = Arrays.asList("RS256", "HS256"); + + PowerMockito.mockStatic(IdentityExtensionsDataHolder.class); + IdentityExtensionsDataHolder dataHolder = PowerMockito.mock(IdentityExtensionsDataHolder.class); + Map configMap = new HashMap<>(); + configMap.put(OpenBankingConstants.SIGNATURE_ALGORITHMS, allowedAlgorithms); + when(dataHolder.getConfigurationMap()).thenReturn(configMap); + PowerMockito.when(IdentityExtensionsDataHolder.getInstance()).thenReturn(dataHolder); + + boolean result = validator.isValid(requestObject, context); + Assert.assertTrue(result); + } + + @Test + public void testIsValid_ReturnsFalse_WhenAlgorithmsAreNotAllowed() throws Exception { + Object requestObject = mock(Object.class); + ConstraintValidatorContext context = mock(ConstraintValidatorContext.class); + + PowerMockito.mockStatic(BeanUtils.class); + PowerMockito.when(BeanUtils.getProperty(requestObject, "idTokenAlg")).thenReturn("RS512"); + PowerMockito.when(BeanUtils.getProperty(requestObject, "reqObjAlg")).thenReturn("RS512"); + PowerMockito.when(BeanUtils.getProperty(requestObject, "tokenAuthAlg")).thenReturn("RS512"); + + List allowedAlgorithms = Arrays.asList("RS256", "HS256"); + + PowerMockito.mockStatic(IdentityExtensionsDataHolder.class); + IdentityExtensionsDataHolder dataHolder = PowerMockito.mock(IdentityExtensionsDataHolder.class); + Map configMap = new HashMap<>(); + configMap.put(OpenBankingConstants.SIGNATURE_ALGORITHMS, allowedAlgorithms); + when(dataHolder.getConfigurationMap()).thenReturn(configMap); + PowerMockito.when(IdentityExtensionsDataHolder.getInstance()).thenReturn(dataHolder); + + boolean result = validator.isValid(requestObject, context); + Assert.assertFalse(result); + } +} diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/dcr/validation/IssuerValidatorTest.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/dcr/validation/IssuerValidatorTest.java new file mode 100644 index 00000000..a5f30382 --- /dev/null +++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/dcr/validation/IssuerValidatorTest.java @@ -0,0 +1,81 @@ +/** + * Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package com.wso2.openbanking.accelerator.identity.dcr.validation; + +import com.wso2.openbanking.accelerator.common.util.JWTUtils; +import com.wso2.openbanking.accelerator.identity.dcr.validation.annotation.ValidateIssuer; +import org.apache.commons.beanutils.BeanUtils; +import org.mockito.Mock; +import org.powermock.api.mockito.PowerMockito; +import org.powermock.core.classloader.annotations.PowerMockIgnore; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.testng.PowerMockTestCase; +import org.testng.Assert; +import org.testng.annotations.BeforeMethod; +import org.testng.annotations.Test; + +import javax.validation.ConstraintValidatorContext; + +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; + +@PowerMockIgnore("jdk.internal.reflect.*") +@PrepareForTest({JWTUtils.class, BeanUtils.class}) +public class IssuerValidatorTest extends PowerMockTestCase { + + private IssuerValidator validator; + + @Mock + private ValidateIssuer validateIssuer; + + @BeforeMethod + public void setUp() { + validator = new IssuerValidator(); + + when(validateIssuer.issuerProperty()).thenReturn("issuer"); + when(validateIssuer.ssa()).thenReturn("ssa"); + + validator.initialize(validateIssuer); + } + + @Test + public void testIsValid_ReturnsTrue_WhenIssuerOrSoftwareStatementIsNull() throws Exception { + Object registrationRequest = mock(Object.class); + ConstraintValidatorContext context = mock(ConstraintValidatorContext.class); + + PowerMockito.mockStatic(BeanUtils.class); + PowerMockito.when(BeanUtils.getProperty(registrationRequest, "issuer")).thenReturn(null); + PowerMockito.when(BeanUtils.getProperty(registrationRequest, "ssa")).thenReturn(null); + + boolean result = validator.isValid(registrationRequest, context); + Assert.assertTrue(result); + } + + @Test + public void testIsValid_ReturnsFalse_OnException() throws Exception { + Object registrationRequest = mock(Object.class); + ConstraintValidatorContext context = mock(ConstraintValidatorContext.class); + + PowerMockito.mockStatic(BeanUtils.class); + PowerMockito.when(BeanUtils.getProperty(registrationRequest, "issuer")).thenThrow(new NoSuchMethodException()); + PowerMockito.when(BeanUtils.getProperty(registrationRequest, "ssa")).thenReturn("dummy-ssa"); + + boolean result = validator.isValid(registrationRequest, context); + Assert.assertFalse(result); + } +} diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/dcr/validation/RequiredParamsValidatorTest.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/dcr/validation/RequiredParamsValidatorTest.java new file mode 100644 index 00000000..1c286cbf --- /dev/null +++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/java/com/wso2/openbanking/accelerator/identity/dcr/validation/RequiredParamsValidatorTest.java @@ -0,0 +1,160 @@ +/** + * Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package com.wso2.openbanking.accelerator.identity.dcr.validation; + +import com.wso2.openbanking.accelerator.identity.dcr.model.RegistrationRequest; +import com.wso2.openbanking.accelerator.identity.dcr.validation.annotation.ValidateRequiredParams; +import com.wso2.openbanking.accelerator.identity.internal.IdentityExtensionsDataHolder; +import org.hibernate.validator.internal.engine.constraintvalidation.ConstraintValidatorContextImpl; +import org.hibernate.validator.internal.engine.path.PathImpl; +import org.mockito.Mock; +import org.powermock.api.mockito.PowerMockito; +import org.powermock.core.classloader.annotations.PowerMockIgnore; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.testng.PowerMockTestCase; +import org.testng.Assert; +import org.testng.annotations.BeforeMethod; +import org.testng.annotations.Test; + +import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; + +import javax.validation.ConstraintValidatorContext; + +import static org.mockito.Matchers.anyString; +import static org.mockito.Mockito.doReturn; +import static org.mockito.Mockito.mock; + +@PowerMockIgnore("jdk.internal.reflect.*") +@PrepareForTest({IdentityExtensionsDataHolder.class}) +public class RequiredParamsValidatorTest extends PowerMockTestCase { + + private RequiredParamsValidator validator; + + @Mock + private ValidateRequiredParams validateRequiredParams; + + private IdentityExtensionsDataHolder identityExtensionsDataHolderMock; + + @BeforeMethod + public void setUp() { + validator = new RequiredParamsValidator(); + validator.initialize(validateRequiredParams); + + PowerMockito.mockStatic(IdentityExtensionsDataHolder.class); + identityExtensionsDataHolderMock = PowerMockito.mock(IdentityExtensionsDataHolder.class); + PowerMockito.when(IdentityExtensionsDataHolder.getInstance()).thenReturn(identityExtensionsDataHolderMock); + + // Mock the DCR registration config map with some test data + Map> configMap = new HashMap<>(); + Map paramConfig = new HashMap<>(); + paramConfig.put(DCRCommonConstants.DCR_REGISTRATION_PARAM_REQUIRED, "true"); + configMap.put("tokenEndPointAuthentication", paramConfig); + + Map scopeAllowedValuesConfig = new HashMap<>(); + scopeAllowedValuesConfig.put(DCRCommonConstants.DCR_REGISTRATION_PARAM_ALLOWED_VALUES, Arrays.asList( + "scope1", "scope2")); + configMap.put("scope", scopeAllowedValuesConfig); + + + Map appTypeAllowedValuesConfig = new HashMap<>(); + appTypeAllowedValuesConfig.put(DCRCommonConstants.DCR_REGISTRATION_PARAM_ALLOWED_VALUES, Arrays.asList( + "web", "mobile")); + configMap.put("applicationType", appTypeAllowedValuesConfig); + + PowerMockito.when(identityExtensionsDataHolderMock.getDcrRegistrationConfigMap()).thenReturn(configMap); + } + + @Test + public void testIsValid_ReturnsTrue_WhenAllRequestObjectIsEmpty() { + PowerMockito.when(identityExtensionsDataHolderMock.getDcrRegistrationConfigMap()).thenReturn(new HashMap<>()); + ConstraintValidatorContext context = mock(ConstraintValidatorContext.class); + doReturn(getConstraintViolationBuilder()).when(context).buildConstraintViolationWithTemplate(anyString()); + RegistrationRequest request = new RegistrationRequest(); + boolean result = validator.isValid(request, context); + Assert.assertTrue(result); + } + + @Test + public void testIsValid_ReturnsTrue_WhenRequiredParametersArePresent() { + ConstraintValidatorContext context = mock(ConstraintValidatorContext.class); + doReturn(getConstraintViolationBuilder()).when(context).buildConstraintViolationWithTemplate(anyString()); + RegistrationRequest request = getSampleRegistrationRequestWithRequiredParams(); + boolean result = validator.isValid(request, context); + Assert.assertTrue(result); + } + + @Test + public void testIsValid_ReturnsFalse_WhenRequiredParameterIsBlank() { + ConstraintValidatorContext context = mock(ConstraintValidatorContext.class); + doReturn(getConstraintViolationBuilder()).when(context).buildConstraintViolationWithTemplate(anyString()); + RegistrationRequest request = getSampleRegistrationRequestWithBlankRequiredParams(); + boolean result = validator.isValid(request, context); + Assert.assertFalse(result); + } + + @Test + public void testIsValid_ReturnsFalse_WhenScopeNotAllowed() { + ConstraintValidatorContext context = mock(ConstraintValidatorContext.class); + doReturn(getConstraintViolationBuilder()).when(context).buildConstraintViolationWithTemplate(anyString()); + RegistrationRequest request = getSampleRegistrationRequestWithScope(); + boolean result = validator.isValid(request, context); + Assert.assertFalse(result); + } + + private ConstraintValidatorContext.ConstraintViolationBuilder getConstraintViolationBuilder() { + + PathImpl propertyPath = PathImpl.createPathFromString("example.path"); + ConstraintValidatorContextImpl context = new ConstraintValidatorContextImpl( + null, + null, + propertyPath, + null, + null + ); + return context.buildConstraintViolationWithTemplate("message"); + } + + private RegistrationRequest getSampleRegistrationRequestWithRequiredParams() { + + RegistrationRequest registrationRequest = new RegistrationRequest(); + registrationRequest.setApplicationType("web"); + registrationRequest.setTokenEndPointAuthentication("auth_method"); + registrationRequest.setScope("scope1 scope2"); + return registrationRequest; + } + + private RegistrationRequest getSampleRegistrationRequestWithBlankRequiredParams() { + + RegistrationRequest registrationRequest = new RegistrationRequest(); + registrationRequest.setApplicationType("web"); + registrationRequest.setTokenEndPointAuthentication(""); + registrationRequest.setScope("scope1 scope2"); + return registrationRequest; + } + + private RegistrationRequest getSampleRegistrationRequestWithScope() { + + RegistrationRequest registrationRequest = new RegistrationRequest(); + registrationRequest.setTokenEndPointAuthentication("auth_method"); + registrationRequest.setScope("scope1 scope3"); + return registrationRequest; + } + +} diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/resources/testng.xml b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/resources/testng.xml index 2e2d71d2..f2b8a270 100644 --- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/resources/testng.xml +++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.identity/src/test/resources/testng.xml @@ -67,6 +67,9 @@ + + +