resolved esignet conflicts

Signed-off-by: Sohan Kumar Dey <[email protected]>

esignet-integration-api/src/main/java/io/mosip/esignet/api/dto/AuthChallenge.java

@@ -7,22 +7,17 @@
 
 import io.mosip.esignet.api.util.ErrorConstants;
 import io.mosip.esignet.api.validator.AuthChallengeFactorFormat;
-import io.mosip.esignet.api.validator.AuthChallengeLength;
 import lombok.Data;
 
 import javax.validation.constraints.NotBlank;
 
 @Data
-@AuthChallengeLength
 @AuthChallengeFactorFormat
 public class AuthChallenge {
 
-    @NotBlank(message = ErrorConstants.INVALID_AUTH_FACTOR_TYPE)
     private String authFactorType;
 
-    @NotBlank(message = ErrorConstants.INVALID_CHALLENGE)
     private String challenge;
 
-    @NotBlank(message = ErrorConstants.INVALID_CHALLENGE_FORMAT)
     private String format;
 }

esignet-integration-api/src/main/java/io/mosip/esignet/api/validator/AuthChallengeFactorFormat.java

@@ -17,8 +17,8 @@
 @Constraint(validatedBy = AuthChallengeFactorFormatValidator.class)
 @Documented
 public @interface AuthChallengeFactorFormat {
-    String message() default ErrorConstants.INVALID_AUTH_FACTOR_TYPE_FORMAT;
-
+    String message() default ErrorConstants.INVALID_CHALLENGE;
+    
     Class<?>[] groups() default {};
 
     Class<? extends Payload>[] payload() default {};

esignet-integration-api/src/main/java/io/mosip/esignet/api/validator/AuthChallengeFactorFormatValidator.java

@@ -1,6 +1,9 @@
 package io.mosip.esignet.api.validator;
 
 import io.mosip.esignet.api.dto.AuthChallenge;
+import io.mosip.esignet.api.util.ErrorConstants;
+import io.mosip.esignet.api.validator.AuthChallengeFactorFormat;
+
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.core.env.Environment;
@@ -15,17 +18,31 @@
 public class AuthChallengeFactorFormatValidator implements ConstraintValidator<AuthChallengeFactorFormat, AuthChallenge> {
 
     private final String FORMAT_KEY_PREFIX = "mosip.esignet.auth-challenge.%s.format";
-
+    private final String MIN_LENGTH_KEY_PREFIX = "mosip.esignet.auth-challenge.%s.min-length";
+    private final String MAX_LENGTH_KEY_PREFIX = "mosip.esignet.auth-challenge.%s.max-length";
+
     @Autowired
     private Environment environment;
 
     @Override
     public boolean isValid(AuthChallenge authChallenge, ConstraintValidatorContext context) {
-        if(StringUtils.hasText(authChallenge.getAuthFactorType()) && StringUtils.hasText(authChallenge.getFormat())) {
-            String format = environment.getProperty(String.format(FORMAT_KEY_PREFIX, authChallenge.getAuthFactorType()),
-                    String.class, "alpha-numeric");
-            return authChallenge.getFormat().equals(format);
+    	String authFactor = authChallenge.getAuthFactorType();
+        String format = environment.getProperty(String.format(FORMAT_KEY_PREFIX, authFactor),
+                String.class);
+        if( !StringUtils.hasText(authFactor) || !StringUtils.hasText(format)) {
+        	context.disableDefaultConstraintViolation();
+			context.buildConstraintViolationWithTemplate(ErrorConstants.INVALID_AUTH_FACTOR_TYPE).addConstraintViolation();
+			return false;
+        }
+        if( !StringUtils.hasText(authChallenge.getFormat()) || !authChallenge.getFormat().equals(format) ) {
+        	context.disableDefaultConstraintViolation();
+			context.buildConstraintViolationWithTemplate(ErrorConstants.INVALID_CHALLENGE_FORMAT).addConstraintViolation();
+        	return false;
         }
-        return false;
+        int min = environment.getProperty(String.format(MIN_LENGTH_KEY_PREFIX, authFactor), Integer.TYPE, 50);
+        int max = environment.getProperty(String.format(MAX_LENGTH_KEY_PREFIX, authFactor), Integer.TYPE, 50);
+        String challenge = authChallenge.getChallenge();
+        int length = StringUtils.hasText(challenge)? challenge.length():0 ;
+        return length>=min && length<=max;
     }
 }

esignet-service/src/main/resources/application-local.properties

@@ -289,7 +289,7 @@ mosip.esignet.ui.signup.config={'signup.banner': true, 'signup.url': 'http://loc
 
 mosip.esignet.ui.forgot-password.config={'forgot-password': true, 'forgot-password.url': 'http://localhost:3000/forgot-password'}
 
-mosip.esignet.authenticator.default.auth-factor.kba.field-details={{'id':'policyNumber', 'type':'text', 'format':''},{'id':'name', 'type':'text', 'format':''},{'id':'dob', 'type':'date', 'format':'dd/mm/yyyy'}}
+mosip.esignet.authenticator.default.auth-factor.kba.field-details={{'id':'policyNumber', 'type':'text', 'format':'', 'maxLength': 50, 'regex': '^\\s*[+-]?(\\d+|\\d*\\.\\d+|\\d+\\.\\d*)([Ee][+-]?\\d*)?\\s*$'},{'id':'fullName', 'type':'text', 'format':'', 'maxLength': 50, 'regex': '^[A-Za-z\\s]{1,}[\\.]{0,1}[A-Za-z\\s]{0,}$'},{'id':'dob', 'type':'date', 'format':'dd/mm/yyyy'}}
 mosip.esignet.authenticator.default.auth-factor.kba.individual-id-field=policyNumber
 
 mosip.esignet.ui.config.key-values={'sbi.env': 'Developer', 'sbi.timeout.DISC': 30, \

esignet-service/src/test/java/io/mosip/esignet/controllers/AuthorizationControllerTest.java

@@ -816,7 +816,7 @@ public void authenticateEndUser_withInvalidFormat_returnErrorResponse() throws E
                         .contentType(MediaType.APPLICATION_JSON))
                 .andExpect(status().isOk())
                 .andExpect(jsonPath("$.errors").isNotEmpty())
-                .andExpect(jsonPath("$.errors[0].errorCode").value(INVALID_AUTH_FACTOR_TYPE_FORMAT));
+                .andExpect(jsonPath("$.errors[0].errorCode").value("invalid_challenge_format"));
     }
 
     @Test
@@ -846,10 +846,8 @@ public void authenticateEndUser_withNullAuthFactorType_returnErrorResponse() thr
 
         List<String> errorCodes = Arrays.asList(INVALID_AUTH_FACTOR_TYPE, INVALID_AUTH_FACTOR_TYPE_FORMAT, INVALID_CHALLENGE_LENGTH);
         ResponseWrapper responseWrapper = objectMapper.readValue(mvcResult.getResponse().getContentAsString(), ResponseWrapper.class);
-        Assert.assertTrue(responseWrapper.getErrors().size() == 3);
+        Assert.assertTrue(responseWrapper.getErrors().size() == 1);
         Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(0)).getErrorCode()));
-        Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(1)).getErrorCode()));
-        Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(2)).getErrorCode()));
     }
 
     @Test
@@ -881,11 +879,8 @@ public void authenticateEndUser_withNullAuthChallenge_returnErrorResponse() thro
         List<String> errorCodes = Arrays.asList(INVALID_AUTH_FACTOR_TYPE, INVALID_AUTH_FACTOR_TYPE_FORMAT,INVALID_CHALLENGE_FORMAT,
                 INVALID_CHALLENGE_LENGTH);
         ResponseWrapper responseWrapper = objectMapper.readValue(mvcResult.getResponse().getContentAsString(), ResponseWrapper.class);
-        Assert.assertTrue(responseWrapper.getErrors().size() == 4);
+        Assert.assertTrue(responseWrapper.getErrors().size() == 1);
         Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(0)).getErrorCode()));
-        Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(1)).getErrorCode()));
-        Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(2)).getErrorCode()));
-        Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(3)).getErrorCode()));
     }
 
     @Test
@@ -914,9 +909,8 @@ public void authenticateEndUser_withBlankFormat_returnErrorResponse() throws Exc
                 .andExpect(status().isOk()).andReturn();
         List<String> errorCodes = Arrays.asList(INVALID_CHALLENGE_FORMAT, INVALID_AUTH_FACTOR_TYPE_FORMAT);
         ResponseWrapper responseWrapper = objectMapper.readValue(mvcResult.getResponse().getContentAsString(), ResponseWrapper.class);
-        Assert.assertTrue(responseWrapper.getErrors().size() == 2);
+        Assert.assertTrue(responseWrapper.getErrors().size() == 1);
         Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(0)).getErrorCode()));
-        Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(1)).getErrorCode()));
 
     }
 
@@ -946,9 +940,8 @@ public void authenticateEndUser_withNullFormat_returnErrorResponse() throws Exce
                 .andExpect(status().isOk()).andReturn();
         List<String> errorCodes = Arrays.asList(INVALID_CHALLENGE_FORMAT, INVALID_AUTH_FACTOR_TYPE_FORMAT);
         ResponseWrapper responseWrapper = objectMapper.readValue(mvcResult.getResponse().getContentAsString(), ResponseWrapper.class);
-        Assert.assertTrue(responseWrapper.getErrors().size() == 2);
+        Assert.assertTrue(responseWrapper.getErrors().size() == 1);
         Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(0)).getErrorCode()));
-        Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(1)).getErrorCode()));
     }
 
     @Test
@@ -1068,4 +1061,4 @@ public void getAuthorizationCode_withInValidPermittedAuthorizeScopes_thenErrorRe
                 .andExpect(jsonPath("$.errors[0].errorCode").value(ErrorConstants.INVALID_PERMITTED_SCOPE));
     }
 
-}
+}

esignet-service/src/test/java/io/mosip/esignet/controllers/KeyBindingControllerTest.java

@@ -278,12 +278,8 @@ public void bindWallet_withAuthChallengeEmptyFactorAndEmptyChallenge_thenFail()
 		List<String> errorCodes = Arrays.asList(INVALID_CHALLENGE_FORMAT,INVALID_AUTH_FACTOR_TYPE, INVALID_AUTH_FACTOR_TYPE_FORMAT,
 				INVALID_CHALLENGE, INVALID_CHALLENGE_LENGTH);
 		ResponseWrapper responseWrapper = objectMapper.readValue(mvcResult.getResponse().getContentAsString(), ResponseWrapper.class);
-		Assert.assertTrue(responseWrapper.getErrors().size() == 5);
+		Assert.assertTrue(responseWrapper.getErrors().size() == 1);
 		Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(0)).getErrorCode()));
-		Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(1)).getErrorCode()));
-		Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(2)).getErrorCode()));
-		Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(3)).getErrorCode()));
-		Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(4)).getErrorCode()));
 	}
 
 	/*@Test

esignet-service/src/test/java/io/mosip/esignet/controllers/LinkedAuthorizationControllerTest.java

@@ -405,12 +405,8 @@ public void authenticate_withInvalidChallengeList_thenFail() throws Exception {
         List<String> errorCodes = Arrays.asList(INVALID_CHALLENGE_FORMAT,INVALID_AUTH_FACTOR_TYPE, INVALID_AUTH_FACTOR_TYPE_FORMAT,
                 INVALID_CHALLENGE, INVALID_CHALLENGE_LENGTH);
         ResponseWrapper responseWrapper = objectMapper.readValue(mvcResult.getResponse().getContentAsString(), ResponseWrapper.class);
-        Assert.assertTrue(responseWrapper.getErrors().size() == 5);
+        Assert.assertTrue(responseWrapper.getErrors().size() == 1);
         Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(0)).getErrorCode()));
-        Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(1)).getErrorCode()));
-        Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(2)).getErrorCode()));
-        Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(3)).getErrorCode()));
-        Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(4)).getErrorCode()));
     }
 
     @Test
@@ -775,12 +771,8 @@ public void authenticateV2_withInvalidChallengeList_thenFail() throws Exception
         List<String> errorCodes = Arrays.asList(INVALID_CHALLENGE_FORMAT,INVALID_AUTH_FACTOR_TYPE, INVALID_AUTH_FACTOR_TYPE_FORMAT,
                 INVALID_CHALLENGE, INVALID_CHALLENGE_LENGTH);
         ResponseWrapper responseWrapper = objectMapper.readValue(mvcResult.getResponse().getContentAsString(), ResponseWrapper.class);
-        Assert.assertTrue(responseWrapper.getErrors().size() == 5);
+        Assert.assertTrue(responseWrapper.getErrors().size() == 1);
         Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(0)).getErrorCode()));
-        Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(1)).getErrorCode()));
-        Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(2)).getErrorCode()));
-        Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(3)).getErrorCode()));
-        Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(4)).getErrorCode()));
     }
 
     @Test
@@ -892,4 +884,4 @@ public void saveConsentV2_withInvalidSignatureFormat_thenFail() throws Exception
                 .andExpect(jsonPath("$.errors").isNotEmpty())
                 .andExpect(jsonPath("$.errors[0].errorCode").value(INVALID_SIGNATURE_FORMAT));
     }
-}
+}

esignet-service/src/test/resources/application-test.properties

@@ -42,7 +42,7 @@ mosip.esignet.header-filter.paths-to-validate={'${server.servlet.path}/authoriza
 
 #This property is used for captcha validation and allowed values are send-otp and pwd.
 #captcha validation is enabled for send-otp and pwd.
-mosip.esignet.captcha.required=send-otp,pwd
+mosip.esignet.captcha.required=pwd
 
 ## ------------------------------------------ e-Signet binding ---------------------------------------------------------
 

helm/oidc-ui/values.yaml

@@ -432,6 +432,7 @@ oidc_ui:
       DEFAULT_FEVICON: 'favicon.ico'
       DEFAULT_TITLE: 'eSignet'
       DEFAULT_ID_PROVIDER_NAME: 'eSignet'
+      DEFAULT_FONT_URL: ''
 
 ## OIDC UI swagger should have only internal access. Hence linked to internal gateway
 ## We create a gateway for esignet specific URL(s) listed under `hosts`

oidc-service-impl/src/main/java/io/mosip/esignet/services/AuthorizationHelperService.java

@@ -98,10 +98,14 @@ public class AuthorizationHelperService {
     private List<String> credentialScopes;
 
     protected void validateSendOtpCaptchaToken(String captchaToken) {
-        if(captchaRequired.contains("send-otp")) {
+        if(!captchaRequired.contains("send-otp")) {
             log.warn("captcha validation is disabled for send-otp request!");
             return;
         }
+        if(!StringUtils.hasText(captchaToken)) {
+        	log.error("Captcha token is Null or Empty");
+        	throw new EsignetException(ErrorConstants.INVALID_CAPTCHA);
+        }
         validateCaptchaToken(captchaToken);
     }
 

oidc-service-impl/src/test/java/io/mosip/esignet/services/AuthorizationHelperServiceTest.java

@@ -68,10 +68,39 @@ public class AuthorizationHelperServiceTest {
 
     @Mock
     private CaptchaValidator captchaValidator;
+
+    @Test
+    public void validateSendOtpCaptchaToken_withEmptyToken_thenFail() {
+        ReflectionTestUtils.setField(authorizationHelperService, "captchaRequired", List.of("send-otp"));
+        try {
+        	authorizationHelperService.validateSendOtpCaptchaToken("");
+        } catch(EsignetException e) {
+        	Assert.assertEquals(ErrorConstants.INVALID_CAPTCHA, e.getErrorCode());
+        }
+    }
+
+    @Test
+    public void validateSendOtpCaptchaToken_withValidToken_thenFail() {
+        ReflectionTestUtils.setField(authorizationHelperService, "captchaRequired", List.of("send-otp"));
+        ReflectionTestUtils.setField(authorizationHelperService, "captchaValidator", captchaValidator);
+        Mockito.when(captchaValidator.validateCaptcha(Mockito.anyString())).thenReturn(false);
+        try {
+        	authorizationHelperService.validateSendOtpCaptchaToken("captcha-token");
+        } catch(EsignetException e) {
+        	Assert.assertEquals(ErrorConstants.INVALID_CAPTCHA, e.getErrorCode());
+        }
+    }
+
+    @Test
+    public void validateSendOtpCaptchaToken_withValidToken_thenPass() {
+        ReflectionTestUtils.setField(authorizationHelperService, "captchaRequired", List.of("send-otp"));
+        ReflectionTestUtils.setField(authorizationHelperService, "captchaValidator", captchaValidator);
+        Mockito.when(captchaValidator.validateCaptcha(Mockito.anyString())).thenReturn(true);
+        authorizationHelperService.validateSendOtpCaptchaToken("captcha-token");
+    }
 
     @Test
     public void validateCaptchaToken_withNoValidator_thenFail() {
-        ReflectionTestUtils.setField(authorizationHelperService, "captchaRequired", List.of("send-otp"));
         ReflectionTestUtils.setField(authorizationHelperService, "captchaValidator", null);
         try {
             authorizationHelperService.validateCaptchaToken("captcha-token");
@@ -83,7 +112,6 @@ public void validateCaptchaToken_withNoValidator_thenFail() {
 
     @Test
     public void validateCaptchaToken_withInvalidToken_thenFail() {
-        ReflectionTestUtils.setField(authorizationHelperService, "captchaRequired", List.of("send-otp"));
         ReflectionTestUtils.setField(authorizationHelperService, "captchaValidator", captchaValidator);
         Mockito.when(captchaValidator.validateCaptcha(Mockito.anyString())).thenReturn(false);
         try {
@@ -93,10 +121,9 @@ public void validateCaptchaToken_withInvalidToken_thenFail() {
             Assert.assertEquals(ErrorConstants.INVALID_CAPTCHA, e.getErrorCode());
         }
     }
-
+    
     @Test
     public void validateCaptchaToken_withValidToken_thenPass() {
-        ReflectionTestUtils.setField(authorizationHelperService, "captchaRequired", List.of("send-otp"));
         ReflectionTestUtils.setField(authorizationHelperService, "captchaValidator", captchaValidator);
         Mockito.when(captchaValidator.validateCaptcha(Mockito.anyString())).thenReturn(true);
         authorizationHelperService.validateCaptchaToken("captcha-token");