Skip to content

Commit

Permalink
Merge pull request #580 from KaveeshaPiumini/return-error-code-for-pw…
Browse files Browse the repository at this point in the history
…d-policy-violation
  • Loading branch information
kayathiri4 authored Nov 22, 2024
2 parents 8d52f53 + d2bea67 commit 0fed041
Show file tree
Hide file tree
Showing 3 changed files with 26 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -161,6 +161,7 @@ public class SCIMUserManager implements UserManager {
private static final String ERROR_CODE_INVALID_CREDENTIAL = "30003";
private static final String ERROR_CODE_INVALID_CREDENTIAL_DURING_UPDATE = "36001";
private static final String ERROR_CODE_PASSWORD_HISTORY_VIOLATION = "22001";
private static final String ERROR_CODE_PASSWORD_POLICY_VIOLATION = "20035";
private static final String ERROR_CODE_INVALID_ROLE_NAME = "30011";
private static final Log log = LogFactory.getLog(SCIMUserManager.class);
private AbstractUserStoreManager carbonUM;
Expand Down Expand Up @@ -430,6 +431,11 @@ private void handleErrorsOnUserNameAndPasswordPolicy(Throwable e) throws BadRequ
throw new BadRequestException(e.getMessage(), ResponseCodeConstants.INVALID_VALUE);
}
if (e instanceof PolicyViolationException) {
if (StringUtils.equals(ERROR_CODE_PASSWORD_POLICY_VIOLATION, ((PolicyViolationException) e)
.getErrorCode()) && SCIMCommonUtils.isErrorCodeForPasswordPolicyViolationEnabled()) {
throw new BadRequestException(ERROR_CODE_PASSWORD_POLICY_VIOLATION + " - " + e.getMessage(),
ResponseCodeConstants.INVALID_VALUE);
}
throw new BadRequestException(e.getMessage(), ResponseCodeConstants.INVALID_VALUE);
}
if ((e instanceof IdentityEventException) && StringUtils
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,7 @@ public class SCIMCommonConstants {

public static final java.lang.String ASK_PASSWORD_URI = "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:askPassword";
public static final java.lang.String VERIFY_EMAIL_URI = "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:verifyEmail";
public static final String ENABLE_ERROR_CODE_FOR_PASSWORD_POLICY_VIOLATION = "SCIM2.EnableErrorCodeForPasswordPolicyViolation";

// Identity recovery claims
public static final String ASK_PASSWORD_CLAIM = "http://wso2.org/claims/identity/askPassword";
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2017-2023, WSO2 LLC. (http://www.wso2.com).
* Copyright (c) 2017-2024, WSO2 LLC. (http://www.wso2.com).
*
* WSO2 LLC. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
Expand Down Expand Up @@ -665,6 +665,24 @@ public static Map<ExternalClaim, LocalClaim> getMappedLocalClaimsForDialect(Stri
}
}

/**
* Checks if the configuration in identity.xml enables appending the error code to the error detail.
* By default, this feature is enabled.
*
* @return Returns true by default. If the configuration is present, its value is returned.
*/
public static boolean isErrorCodeForPasswordPolicyViolationEnabled() {

String configValue =
IdentityUtil.getProperty(SCIMCommonConstants.ENABLE_ERROR_CODE_FOR_PASSWORD_POLICY_VIOLATION);

if (configValue == null) {
return true;
}

return Boolean.parseBoolean(configValue);
}

/**
* Get mapped local claim for specified external claim.
*
Expand Down

0 comments on commit 0fed041

Please sign in to comment.