wso2 · Thisara-Welmilla · Dec 10, 2024 · Dec 4, 2024
diff --git a/...o2/carbon/identity/api/server/idp/v1/impl/FederatedAuthenticatorConfigBuilderFactory.java b/...o2/carbon/identity/api/server/idp/v1/impl/FederatedAuthenticatorConfigBuilderFactory.java
@@ -70,6 +70,7 @@ public static FederatedAuthenticatorConfig build(FederatedAuthenticatorPUTReques
         List<Property> properties = Optional.ofNullable(authenticator.getProperties())
                 .map(props -> props.stream().map(propertyToInternal).collect(Collectors.toList()))
                 .orElse(null);
+        validateAuthPropForFederatedAuthenticatorPUTRequest(authenticatorName, properties);
         FederatedAuthenticatorConfigBuilderFactory.Config config =
                 new FederatedAuthenticatorConfigBuilderFactory.Config(authenticatorName,
                         getDisplayNameOfAuthenticator(authenticatorName),
@@ -92,6 +93,7 @@ public static FederatedAuthenticatorConfig build(FederatedAuthenticator authenti
         List<Property> properties = Optional.ofNullable(authenticator.getProperties())
                 .map(props -> props.stream().map(propertyToInternal).collect(Collectors.toList()))
                 .orElse(null);
+        validateAuthPropForFederatedAuthenticator(authenticatorName, properties);
         FederatedAuthenticatorConfigBuilderFactory.Config config =
                 new FederatedAuthenticatorConfigBuilderFactory.Config(authenticatorName,
                         getDisplayNameOfAuthenticator(authenticatorName),
@@ -176,8 +178,6 @@ private static void validateSystemDefinedFederatedAuthenticatorModel(Config conf
             throw new IdentityProviderManagementClientException(error.getCode(), error.getMessage(),
                     String.format(error.getDescription(), config.authenticatorName));
         }
-
-        validateAuthenticatorProperties(config.authenticatorName, config.properties);
     }
 
     private static UserDefinedFederatedAuthenticatorConfig createUserDefinedFederatedAuthenticator(Config config)
@@ -222,8 +222,8 @@ private static void validateUserDefinedFederatedAuthenticatorModel(Config config
         }
     }
 
-    private static void validateAuthenticatorProperties(String authenticatorName, List<Property> properties)
-            throws IdentityProviderManagementClientException {
+    private static void validateAuthPropForFederatedAuthenticator(
+            String authenticatorName, List<Property> properties) throws IdentityProviderManagementClientException {
 
         if (properties == null) {
             return;
@@ -232,18 +232,29 @@ private static void validateAuthenticatorProperties(String authenticatorName, Li
         if (IdentityApplicationConstants.Authenticator.SAML2SSO.FED_AUTH_NAME.equals(authenticatorName)) {
             validateSamlMetadata(properties);
         }
-        if (IdentityApplicationConstants.Authenticator.OIDC.FED_AUTH_NAME.equals(authenticatorName)) {
-            validateDuplicateOpenIDConnectScopes(properties);
-            validateDefaultOpenIDConnectScopes(properties);
-        }
-
         if (!areAllDistinct(properties)) {
             Constants.ErrorMessage error = Constants.ErrorMessage.ERROR_CODE_INVALID_INPUT;
             throw new IdentityProviderManagementClientException(error.getCode(), error.getMessage(),
                     error.getDescription());
         }
     }
 
+    private static void validateAuthPropForFederatedAuthenticatorPUTRequest(
+            String authenticatorName, List<Property> properties) throws IdentityProviderManagementClientException {
+
+        if (properties == null) {
+            return;
+        }
+
+        if (IdentityApplicationConstants.Authenticator.SAML2SSO.FED_AUTH_NAME.equals(authenticatorName)) {
+            validateSamlMetadata(properties);
+        }
+        if (IdentityApplicationConstants.Authenticator.OIDC.FED_AUTH_NAME.equals(authenticatorName)) {
+            validateDuplicateOpenIDConnectScopes(properties);
+            validateDefaultOpenIDConnectScopes(properties);
+        }
+    }
+
     /**
      * If selectMode property is set as saml metadata file configuration mode, this function validates whether a
      * valid base-64 encoded SAML metadata file content is provided with the property key 'meta_data_saml'. If found,