Remove accessToken user claim validations.

modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/oauth2/OAuth2AuthorizationCodeGrantJWTTokenTestCase.java

@@ -67,6 +67,7 @@
 
 import static org.testng.Assert.assertEquals;
 import static org.testng.Assert.assertNotNull;
+import static org.testng.Assert.assertNull;
 import static org.testng.Assert.assertTrue;
 import static org.wso2.identity.integration.test.utils.DataExtractUtil.KeyValue;
 import static org.wso2.identity.integration.test.utils.OAuth2Constant.ACCESS_TOKEN_ENDPOINT;
@@ -322,11 +323,8 @@ public void testValidateAdditionalUserClaims() {
 
         applicationConfig.getRequestedClaimList().forEach(claim -> {
             if (authorizingUser.getUserClaims().get(claim) != null) {
-                assertNotNull(accessTokenClaims.getClaim(claim.getOidcClaimUri()),
-                        "Claim " + claim.getOidcClaimUri() + " not found in the access token.");
-                assertEquals(accessTokenClaims.getClaim(claim.getOidcClaimUri()),
-                        authorizingUser.getUserClaims().get(claim),
-                        "Value for claim " + claim.getOidcClaimUri() + " is incorrect in the access token.");
+                assertNull(accessTokenClaims.getClaim(claim.getOidcClaimUri()),
+                        "User claim " + claim.getOidcClaimUri() + " found in the access token.");
             }
         });
     }

modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/oauth2/OAuth2ServiceAbstractIntegrationTest.java

@@ -177,6 +177,10 @@ public ApplicationResponseModel addApplication(ApplicationConfig applicationConf
 		accessTokenConfiguration.type(applicationConfig.getTokenType().getTokenTypeProperty());
 		accessTokenConfiguration.applicationAccessTokenExpiryInSeconds(applicationConfig.getExpiryTime());
 		accessTokenConfiguration.userAccessTokenExpiryInSeconds(applicationConfig.getExpiryTime());
+		// Add access token claim list.
+		List<String> accessTokenClaimList = applicationConfig.getRequestedClaimList().stream()
+				.map(UserClaimConfig::getOidcClaimUri).collect(Collectors.toList());
+		accessTokenConfiguration.accessTokenAttributes(accessTokenClaimList);
 		oidcConfig.accessToken(accessTokenConfiguration);
 
 		if (applicationConfig.getAudienceList() != null && !applicationConfig.getRequestedClaimList().isEmpty()) {

modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/oauth2/consented/token/OAuth2ServiceAuthCodeGrantJWTAccessTokenWithConsentedTokenColumnTestCase.java

@@ -239,13 +239,15 @@ private void validateUserClaims(OIDCTokens oidcTokens) throws JSONException, Par
         accessToken = oidcTokens.getAccessToken().getValue();
         refreshToken = oidcTokens.getRefreshToken().getValue();
 
-        // Get the user info from the JWT access token.
+        // Check if user claims are present in access token.
         JSONObject jwtJsonObject = new JSONObject(new String(Base64.decodeBase64(accessToken.split("\\.")[1])));
-        String email = jwtJsonObject.getString(EMAIL_OIDC_CLAIM);
-        Assert.assertEquals(USER_EMAIL, email, "Requested user claim (Email) is not present in the JWT access "
-                + "token.");
-        Assert.assertTrue(jwtJsonObject.isNull(ADDRESS_OIDC_CLAIM), "Non-consented user claim (address) is"
-                + " present in the JWT access token.");
+        boolean assertion = false;
+        try {
+            Object emailClaim = jwtJsonObject.get(EMAIL_OIDC_CLAIM);
+        } catch (JSONException e) {
+            assertion = true;
+        }
+        Assert.assertTrue(assertion, "Requested user claim (email) is present in the JWT access token.");
 
         // Get the user info from the ID token.
         Assert.assertEquals(oidcTokens.getIDToken().getJWTClaimsSet().getClaim(EMAIL_OIDC_CLAIM).toString(), USER_EMAIL,

modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/oauth2/consented/token/OAuth2ServicePasswordGrantJWTAccessTokenWithConsentedTokenColumnTestCase.java

@@ -77,7 +77,6 @@ public void testRegisterApplication() throws Exception {
         registerApplication();
     }
 
-
     @Test(description = "This test case tests the JWT access token generation using password grant type.",
             dependsOnMethods = "testRegisterApplication")
     public void testPasswordGrantBasedAccessTokenGeneration() throws IOException, URISyntaxException, ParseException,
@@ -139,13 +138,15 @@ private void validateUserClaims(OIDCTokens oidcTokens) throws JSONException, jav
         // Get the user info from the JWT access token.
         JSONObject jwtJsonObject = new JSONObject(new String(Base64.decodeBase64(accessToken.split(
                 "\\.")[1])));
-        String email = jwtJsonObject.get(EMAIL_OIDC_CLAIM).toString();
-        String country = ((JSONObject) jwtJsonObject.get(ADDRESS_OIDC_CLAIM)).get(COUNTRY_OIDC_CLAIM).toString();
 
-        // Check the user info of the JWT access token.
-        Assert.assertEquals(USER_EMAIL, email, "Requested user claim (email) is not present in the JWT access token.");
-        Assert.assertEquals(COUNTRY, country, "Requested user claim (country) is not present in the JWT "
-                + "access token.");
+        // Check if user claims are present in access token.
+        boolean assertion = false;
+        try {
+            Object emailClaim = jwtJsonObject.get(EMAIL_OIDC_CLAIM);
+        } catch (JSONException e) {
+            assertion = true;
+        }
+        Assert.assertTrue(assertion, "Requested user claim (email) is present in the JWT access token.");
 
         Assert.assertEquals(oidcTokens.getIDToken().getJWTClaimsSet().getClaim(EMAIL_OIDC_CLAIM), USER_EMAIL,
                 "Requested user claims is not returned back with the ID token.");