From 309d8060a0cfce949ce6794f01521db870ea10fd Mon Sep 17 00:00:00 2001 From: Ashan Thamara Palihakkara <75057725+ashanthamara@users.noreply.github.com> Date: Wed, 8 May 2024 13:50:34 +0530 Subject: [PATCH 1/5] Masked username in scimUserManager --- .../scim2/common/impl/SCIMUserManager.java | 54 ++++++++++--------- .../scim2/common/utils/SCIMCommonUtils.java | 12 +++++ 2 files changed, 41 insertions(+), 25 deletions(-) diff --git a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMUserManager.java b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMUserManager.java index 6b0d3fef..db8e92a5 100644 --- a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMUserManager.java +++ b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMUserManager.java @@ -33,7 +33,6 @@ import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException; import org.wso2.carbon.identity.application.common.model.ServiceProvider; import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; -import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils; import org.wso2.carbon.identity.claim.metadata.mgt.ClaimMetadataManagementService; import org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException; import org.wso2.carbon.identity.claim.metadata.mgt.model.ExternalClaim; @@ -145,6 +144,7 @@ import static org.wso2.carbon.identity.scim2.common.utils.SCIMCommonUtils.mandateDomainForGroupNamesInGroupsResponse; import static org.wso2.carbon.identity.scim2.common.utils.SCIMCommonUtils .mandateDomainForUsernamesAndGroupNamesInResponse; +import static org.wso2.carbon.identity.scim2.common.utils.SCIMCommonUtils.maskIfRequired; import static org.wso2.carbon.identity.scim2.common.utils.SCIMCommonUtils.prependDomain; import static org.wso2.carbon.user.core.UserCoreConstants.ClaimTypeURIs.IDENTITY_CLAIM_URI; import static org.wso2.carbon.user.core.UserCoreConstants.INTERNAL_ROLES_CLAIM; @@ -276,7 +276,8 @@ public User createUser(User user, Map requiredAttributes) } if (isExistingUser) { - String error = "User with the name: " + user.getUserName() + " already exists in the system."; + String error = "User with the name: " + maskIfRequired(user.getUserName()) + + " already exists in the system."; throw new ConflictException(error); } @@ -347,8 +348,8 @@ public User createUser(User user, Map requiredAttributes) // Set the schemas of the SCIM user. user.setSchemas(this); } catch (UserStoreClientException e) { - String errorMessage = String.format("Error in adding the user: " + user.getUserName() + ". %s", - e.getMessage()); + String errorMessage = String.format("Error in adding the user: " + maskIfRequired(user.getUserName()) + + ". %s", e.getMessage()); if (log.isDebugEnabled()) { log.debug(errorMessage, e); } @@ -361,8 +362,8 @@ public User createUser(User user, Map requiredAttributes) // Therefore checking for possible client exception. Throwable ex = ExceptionUtils.getRootCause(e); if (ex instanceof UserStoreClientException) { - String errorMessage = String.format("Error in adding the user: " + user.getUserName() + ". %s", - ex.getMessage()); + String errorMessage = String.format("Error in adding the user: " + maskIfRequired(user.getUserName()) + + ". %s", ex.getMessage()); if (log.isDebugEnabled()) { log.debug(errorMessage, ex); } @@ -533,8 +534,8 @@ public void deleteUser(String userId) throws NotFoundException, CharonException, } else if (userStoreDomainFromSP != null && !(userStoreDomainFromSP .equalsIgnoreCase(coreUser.getUserStoreDomain()))) { - throw new CharonException("User :" + coreUser.getUsername() + "is not belong to user store " + - userStoreDomainFromSP + "Hence user updating fail"); + throw new CharonException("User :" + maskIfRequired(coreUser.getUsername()) + "is not belong to user " + + "store " + userStoreDomainFromSP + "Hence user updating fail"); } else { // We assume (since id is unique per user) only one user exists for a given id. userName = coreUser.getUsername(); @@ -542,8 +543,9 @@ public void deleteUser(String userId) throws NotFoundException, CharonException, // Check if SCIM is enabled for the user store. if (!isSCIMEnabled(userStoreDomainName)) { - throw new CharonException("Cannot delete user: " + userName + " through SCIM from user store: " + - userStoreDomainName + ". SCIM is not enabled for user store: " + userStoreDomainName); + throw new CharonException("Cannot delete user: " + maskIfRequired(userName) + " through SCIM from" + + " user store: " + userStoreDomainName + ". SCIM is not enabled for user store: " + + userStoreDomainName); } carbonUM.deleteUserWithID(coreUser.getUserID()); if (log.isDebugEnabled()) { @@ -1017,8 +1019,8 @@ public User updateUser(User user, Map requiredAttributes) throw User oldUser = this.getUser(user.getId(), ResourceManagerUtil.getAllAttributeURIs(schema)); if (userStoreDomainFromSP != null && !userStoreDomainFromSP .equalsIgnoreCase(IdentityUtil.extractDomainFromName(oldUser.getUserName()))) { - throw new CharonException("User :" + oldUser.getUserName() + "is not belong to user store " + - userStoreDomainFromSP + "Hence user updating fail"); + throw new CharonException("User :" + maskIfRequired(oldUser.getUserName()) + "is not belong to " + + "user store " + userStoreDomainFromSP + "Hence user updating fail"); } if (getUserStoreDomainFromSP() != null && !UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME.equalsIgnoreCase(getUserStoreDomainFromSP())) { @@ -1132,8 +1134,7 @@ public User updateUser(User user, Map requiredAttributes) throw } throw new BadRequestException(errorMessage, ResponseCodeConstants.INVALID_VALUE); } catch (UserStoreException e) { - String errMsg = "Error while updating attributes of user: " + (LoggerUtils.isLogMaskingEnable ? - LoggerUtils.getMaskedContent(user.getUserName()) : user.getUserName()); + String errMsg = "Error while updating attributes of user: " + maskIfRequired(user.getUserName()); // Sometimes client exceptions are wrapped in the super class. // Therefore checking for possible client exception. Throwable ex = ExceptionUtils.getRootCause(e); @@ -1209,7 +1210,7 @@ public User updateUser(User user, Map requiredAttributes, .equalsIgnoreCase(IdentityUtil.extractDomainFromName(oldUser.getUserName()))) { String errorMessage = String.format("User : %s does not belong to userstore %s. Hence user updating failed", - oldUser.getUserName(), userStoreDomainFromSP); + maskIfRequired(oldUser.getUserName()), userStoreDomainFromSP); throw new CharonException(errorMessage); } if (!UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME.equalsIgnoreCase(userStoreDomainFromSP)) { @@ -1313,7 +1314,8 @@ public User updateUser(User user, Map requiredAttributes, return getUser(user.getId(), requiredAttributes); } catch (UserStoreException e) { handleErrorsOnUserNameAndPasswordPolicy(e); - throw resolveError(e, "Error while updating attributes of user: " + user.getUserName()); + throw resolveError(e, "Error while updating attributes of user: " + + maskIfRequired(user.getUserName())); } catch (BadRequestException e) { /* This is needed as most BadRequests are thrown to charon as @@ -1322,9 +1324,11 @@ public User updateUser(User user, Map requiredAttributes, the end party. */ reThrowMutabilityBadRequests(e); - throw new CharonException("Error occurred while trying to update the user: " + user.getUserName(), e); + throw new CharonException("Error occurred while trying to update the user: " + + maskIfRequired(user.getUserName()), e); } catch (CharonException e) { - throw new CharonException("Error occurred while trying to update the user: " + user.getUserName(), e); + throw new CharonException("Error occurred while trying to update the user: " + + maskIfRequired(user.getUserName()), e); } } @@ -1524,8 +1528,7 @@ private String resolveDomainName(String domainName, ExpressionNode node) throws } catch (BadRequestException e) { String errorMessage = String .format("Domain parameter: %s in request does not match with the domain name in the attribute " - + "value: %s ", domainName, (LoggerUtils.isLogMaskingEnable ? - LoggerUtils.getMaskedContent(node.getValue()) : node.getValue())); + + "value: %s ", domainName, maskIfRequired(node.getValue())); throw new CharonException(errorMessage, e); } // Get domain name according to Filter Enhancements properties as in identity.xml @@ -4183,7 +4186,7 @@ private Set getSCIMUsers(Set users, attributes = SCIMCommonUtils.convertLocalToSCIMDialect(userClaimValues, scimToLocalClaimsMap); } catch (UserStoreException e) { throw resolveError(e, "Error in converting local claims to SCIM dialect for user: " - + user.getUsername()); + + maskIfRequired(user.getUsername())); } try { @@ -4294,10 +4297,11 @@ private Set getSCIMUsers(Set users, } } catch (UserStoreException e) { - throw resolveError(e, "Error in getting user information for user: " + user.getUsername()); - } catch (CharonException | NotFoundException | IdentitySCIMException | - BadRequestException e) { - throw new CharonException("Error in getting user information for user: " + user.getUsername(), e); + throw resolveError(e, "Error in getting user information for user: " + + maskIfRequired(user.getUsername())); + } catch (CharonException | NotFoundException | IdentitySCIMException | BadRequestException e) { + throw new CharonException("Error in getting user information for user: " + + maskIfRequired(user.getUsername()), e); } if (scimUser != null) { diff --git a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java index 2606fb4d..0f051abc 100644 --- a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java +++ b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java @@ -24,6 +24,7 @@ import org.apache.commons.logging.LogFactory; import org.wso2.carbon.CarbonConstants; import org.wso2.carbon.context.PrivilegedCarbonContext; +import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils; import org.wso2.carbon.identity.claim.metadata.mgt.ClaimMetadataHandler; import org.wso2.carbon.identity.claim.metadata.mgt.ClaimMetadataManagementService; import org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException; @@ -966,4 +967,15 @@ public static boolean isOrganization(String tenantDomain) throws CharonException throw new CharonException("Error occurred while checking the organization state.", e); } } + + /** + * Mask the given value if it is required. + * + * @param value Value to be masked. + * @return Masked/unmasked value. + */ + public static String maskIfRequired(String value) { + + return LoggerUtils.isLogMaskingEnable ? LoggerUtils.getMaskedContent(value) : value; + } } From 3fb8db71c4c92a12a521455e6b4683a5dfeaeb34 Mon Sep 17 00:00:00 2001 From: Ashan Thamara Palihakkara <75057725+ashanthamara@users.noreply.github.com> Date: Wed, 8 May 2024 23:10:22 +0530 Subject: [PATCH 2/5] Mask username in SCIMUserOperationListener --- .../scim2/common/listener/SCIMUserOperationListener.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/listener/SCIMUserOperationListener.java b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/listener/SCIMUserOperationListener.java index 8b50312f..f9a37765 100644 --- a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/listener/SCIMUserOperationListener.java +++ b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/listener/SCIMUserOperationListener.java @@ -75,6 +75,7 @@ import static org.wso2.carbon.identity.scim2.common.utils.SCIMCommonConstants.REQUIRED; import static org.wso2.carbon.identity.scim2.common.utils.SCIMCommonConstants.ErrorMessages.ERROR_CODE_LENGTH_VIOLATION; import static org.wso2.carbon.identity.scim2.common.utils.SCIMCommonConstants.ErrorMessages.ERROR_CODE_REGEX_VIOLATION; +import static org.wso2.carbon.identity.scim2.common.utils.SCIMCommonUtils.maskIfRequired; /** * This is to perform SCIM related operation on User Operations. @@ -434,7 +435,8 @@ private void validateClaimUpdate(String username) throws UserStoreException { try { isExistingJITProvisionedUser = UserSessionStore.getInstance().isExistingUser(username); } catch (UserSessionException e) { - throw new UserStoreException("Error while checking the federated user existence for the user: " + username); + throw new UserStoreException("Error while checking the federated user existence for the user: " + + maskIfRequired(username)); } // If federated user is already provisioned, block that user's synced attribute editing. From 848728b5be42ce96f86238c5d3357e6d1cfe8c4e Mon Sep 17 00:00:00 2001 From: Ashan Thamara Palihakkara <75057725+ashanthamara@users.noreply.github.com> Date: Mon, 13 May 2024 11:45:01 +0530 Subject: [PATCH 3/5] Minor fix --- .../scim2/common/impl/SCIMUserManager.java | 27 ++++++++++++------- .../listener/SCIMUserOperationListener.java | 4 +-- .../scim2/common/utils/SCIMCommonUtils.java | 11 -------- 3 files changed, 20 insertions(+), 22 deletions(-) diff --git a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMUserManager.java b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMUserManager.java index db8e92a5..a0830428 100644 --- a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMUserManager.java +++ b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMUserManager.java @@ -33,6 +33,7 @@ import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException; import org.wso2.carbon.identity.application.common.model.ServiceProvider; import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; +import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils; import org.wso2.carbon.identity.claim.metadata.mgt.ClaimMetadataManagementService; import org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException; import org.wso2.carbon.identity.claim.metadata.mgt.model.ExternalClaim; @@ -144,7 +145,6 @@ import static org.wso2.carbon.identity.scim2.common.utils.SCIMCommonUtils.mandateDomainForGroupNamesInGroupsResponse; import static org.wso2.carbon.identity.scim2.common.utils.SCIMCommonUtils .mandateDomainForUsernamesAndGroupNamesInResponse; -import static org.wso2.carbon.identity.scim2.common.utils.SCIMCommonUtils.maskIfRequired; import static org.wso2.carbon.identity.scim2.common.utils.SCIMCommonUtils.prependDomain; import static org.wso2.carbon.user.core.UserCoreConstants.ClaimTypeURIs.IDENTITY_CLAIM_URI; import static org.wso2.carbon.user.core.UserCoreConstants.INTERNAL_ROLES_CLAIM; @@ -535,7 +535,7 @@ public void deleteUser(String userId) throws NotFoundException, CharonException, !(userStoreDomainFromSP .equalsIgnoreCase(coreUser.getUserStoreDomain()))) { throw new CharonException("User :" + maskIfRequired(coreUser.getUsername()) + "is not belong to user " + - "store " + userStoreDomainFromSP + "Hence user updating fail"); + "store " + userStoreDomainFromSP + ". Hence user updating fail."); } else { // We assume (since id is unique per user) only one user exists for a given id. userName = coreUser.getUsername(); @@ -1020,7 +1020,7 @@ public User updateUser(User user, Map requiredAttributes) throw if (userStoreDomainFromSP != null && !userStoreDomainFromSP .equalsIgnoreCase(IdentityUtil.extractDomainFromName(oldUser.getUserName()))) { throw new CharonException("User :" + maskIfRequired(oldUser.getUserName()) + "is not belong to " + - "user store " + userStoreDomainFromSP + "Hence user updating fail"); + "user store " + userStoreDomainFromSP + ". Hence user updating fail."); } if (getUserStoreDomainFromSP() != null && !UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME.equalsIgnoreCase(getUserStoreDomainFromSP())) { @@ -1208,9 +1208,8 @@ public User updateUser(User user, Map requiredAttributes, if (userStoreDomainFromSP != null) { if (!userStoreDomainFromSP .equalsIgnoreCase(IdentityUtil.extractDomainFromName(oldUser.getUserName()))) { - String errorMessage = - String.format("User : %s does not belong to userstore %s. Hence user updating failed", - maskIfRequired(oldUser.getUserName()), userStoreDomainFromSP); + String errorMessage = String.format("User : %s does not belong to userstore %s. Hence user " + + "updating failed.", maskIfRequired(oldUser.getUserName()), userStoreDomainFromSP); throw new CharonException(errorMessage); } if (!UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME.equalsIgnoreCase(userStoreDomainFromSP)) { @@ -1526,9 +1525,8 @@ private String resolveDomainName(String domainName, ExpressionNode node) throws // Extract the domain name if the domain name is embedded in the filter attribute value. domainName = resolveDomainNameInAttributeValue(domainName, node); } catch (BadRequestException e) { - String errorMessage = String - .format("Domain parameter: %s in request does not match with the domain name in the attribute " - + "value: %s ", domainName, maskIfRequired(node.getValue())); + String errorMessage = String.format("Domain parameter: %s in request does not match with the domain " + + "name in the attribute value: %s ", domainName, maskIfRequired(node.getValue())); throw new CharonException(errorMessage, e); } // Get domain name according to Filter Enhancements properties as in identity.xml @@ -6418,4 +6416,15 @@ private void publishEvent(User user, String eventName, boolean isAdminUpdate) throw new BadRequestException("Error occurred publishing event", ResponseCodeConstants.INVALID_VALUE); } } + + /** + * Mask the given value if it is required. + * + * @param value Value to be masked. + * @return Masked/unmasked value. + */ + private String maskIfRequired(String value) { + + return LoggerUtils.isLogMaskingEnable ? LoggerUtils.getMaskedContent(value) : value; + } } diff --git a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/listener/SCIMUserOperationListener.java b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/listener/SCIMUserOperationListener.java index f9a37765..3163da15 100644 --- a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/listener/SCIMUserOperationListener.java +++ b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/listener/SCIMUserOperationListener.java @@ -27,6 +27,7 @@ import org.wso2.carbon.identity.application.authentication.framework.store.UserSessionStore; import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants; import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils; +import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils; import org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException; import org.wso2.carbon.identity.claim.metadata.mgt.model.LocalClaim; import org.wso2.carbon.identity.core.AbstractIdentityUserOperationEventListener; @@ -75,7 +76,6 @@ import static org.wso2.carbon.identity.scim2.common.utils.SCIMCommonConstants.REQUIRED; import static org.wso2.carbon.identity.scim2.common.utils.SCIMCommonConstants.ErrorMessages.ERROR_CODE_LENGTH_VIOLATION; import static org.wso2.carbon.identity.scim2.common.utils.SCIMCommonConstants.ErrorMessages.ERROR_CODE_REGEX_VIOLATION; -import static org.wso2.carbon.identity.scim2.common.utils.SCIMCommonUtils.maskIfRequired; /** * This is to perform SCIM related operation on User Operations. @@ -436,7 +436,7 @@ private void validateClaimUpdate(String username) throws UserStoreException { isExistingJITProvisionedUser = UserSessionStore.getInstance().isExistingUser(username); } catch (UserSessionException e) { throw new UserStoreException("Error while checking the federated user existence for the user: " + - maskIfRequired(username)); + (LoggerUtils.isLogMaskingEnable ? LoggerUtils.getMaskedContent(username) : username)); } // If federated user is already provisioned, block that user's synced attribute editing. diff --git a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java index 0f051abc..2cbfd247 100644 --- a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java +++ b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java @@ -967,15 +967,4 @@ public static boolean isOrganization(String tenantDomain) throws CharonException throw new CharonException("Error occurred while checking the organization state.", e); } } - - /** - * Mask the given value if it is required. - * - * @param value Value to be masked. - * @return Masked/unmasked value. - */ - public static String maskIfRequired(String value) { - - return LoggerUtils.isLogMaskingEnable ? LoggerUtils.getMaskedContent(value) : value; - } } From d7f04fb59e8d1985dc83c683a849344a731584b3 Mon Sep 17 00:00:00 2001 From: Ashan Thamara Palihakkara <75057725+ashanthamara@users.noreply.github.com> Date: Mon, 13 May 2024 11:46:30 +0530 Subject: [PATCH 4/5] Removed unused import --- .../wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java | 1 - 1 file changed, 1 deletion(-) diff --git a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java index 2cbfd247..2606fb4d 100644 --- a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java +++ b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java @@ -24,7 +24,6 @@ import org.apache.commons.logging.LogFactory; import org.wso2.carbon.CarbonConstants; import org.wso2.carbon.context.PrivilegedCarbonContext; -import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils; import org.wso2.carbon.identity.claim.metadata.mgt.ClaimMetadataHandler; import org.wso2.carbon.identity.claim.metadata.mgt.ClaimMetadataManagementService; import org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException; From e6f0491ed83c1e672a625f0ebcf2c16454953636 Mon Sep 17 00:00:00 2001 From: Ashan Thamara Palihakkara <75057725+ashanthamara@users.noreply.github.com> Date: Mon, 13 May 2024 13:40:58 +0530 Subject: [PATCH 5/5] Addressed comments --- .../identity/scim2/common/impl/SCIMUserManager.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMUserManager.java b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMUserManager.java index a0830428..402cf235 100644 --- a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMUserManager.java +++ b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMUserManager.java @@ -534,8 +534,8 @@ public void deleteUser(String userId) throws NotFoundException, CharonException, } else if (userStoreDomainFromSP != null && !(userStoreDomainFromSP .equalsIgnoreCase(coreUser.getUserStoreDomain()))) { - throw new CharonException("User :" + maskIfRequired(coreUser.getUsername()) + "is not belong to user " + - "store " + userStoreDomainFromSP + ". Hence user updating fail."); + throw new CharonException("User : " + maskIfRequired(coreUser.getUsername()) + " is not belong to " + + "user store " + userStoreDomainFromSP + ". Hence user updating fail."); } else { // We assume (since id is unique per user) only one user exists for a given id. userName = coreUser.getUsername(); @@ -1019,7 +1019,7 @@ public User updateUser(User user, Map requiredAttributes) throw User oldUser = this.getUser(user.getId(), ResourceManagerUtil.getAllAttributeURIs(schema)); if (userStoreDomainFromSP != null && !userStoreDomainFromSP .equalsIgnoreCase(IdentityUtil.extractDomainFromName(oldUser.getUserName()))) { - throw new CharonException("User :" + maskIfRequired(oldUser.getUserName()) + "is not belong to " + + throw new CharonException("User : " + maskIfRequired(oldUser.getUserName()) + " is not belong to " + "user store " + userStoreDomainFromSP + ". Hence user updating fail."); } if (getUserStoreDomainFromSP() != null && @@ -1526,7 +1526,7 @@ private String resolveDomainName(String domainName, ExpressionNode node) throws domainName = resolveDomainNameInAttributeValue(domainName, node); } catch (BadRequestException e) { String errorMessage = String.format("Domain parameter: %s in request does not match with the domain " + - "name in the attribute value: %s ", domainName, maskIfRequired(node.getValue())); + "name in the attribute value: %s", domainName, maskIfRequired(node.getValue())); throw new CharonException(errorMessage, e); } // Get domain name according to Filter Enhancements properties as in identity.xml