Revert "Remove challenge questions related integration tests"

modules/api-resources/api-resources-full/pom.xml

@@ -105,6 +105,14 @@
  <groupId>org.wso2.carbon.identity.user.api</groupId>
  <artifactId>org.wso2.carbon.identity.api.user.common</artifactId>
  </dependency>
+ <dependency>
+ <groupId>org.wso2.carbon.identity.user.api</groupId>
+ <artifactId>org.wso2.carbon.identity.rest.api.user.challenge.v1</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.wso2.carbon.identity.user.api</groupId>
+ <artifactId>org.wso2.carbon.identity.api.user.challenge.common</artifactId>
+ </dependency>
  <dependency>
  <groupId>org.wso2.carbon.identity.user.api</groupId>
  <artifactId>org.wso2.carbon.identity.rest.api.user.association.v1</artifactId>
@@ -252,6 +260,14 @@
  <groupId>org.wso2.carbon.identity.server.api</groupId>
  <artifactId>org.wso2.carbon.identity.api.server.common</artifactId>
  </dependency>
+ <dependency>
+ <groupId>org.wso2.carbon.identity.server.api</groupId>
+ <artifactId>org.wso2.carbon.identity.rest.api.server.challenge.v1</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.wso2.carbon.identity.server.api</groupId>
+ <artifactId>org.wso2.carbon.identity.api.server.challenge.common</artifactId>
+ </dependency>
  <dependency>
  <groupId>org.wso2.carbon.identity.server.api</groupId>
  <artifactId>org.wso2.carbon.identity.rest.api.server.claim.management.v1</artifactId>

modules/api-resources/api-resources-full/src/main/webapp/WEB-INF/beans.xml

@@ -21,6 +21,7 @@
  xmlns:jaxrs="http://cxf.apache.org/jaxrs" xmlns:context="http://www.springframework.org/schema/context"
  xmlns:cxf="http://cxf.apache.org/core"
  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd http://cxf.apache.org/jaxrs http://cxf.apache.org/schemas/jaxrs.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd">
+ <import resource="classpath:META-INF/cxf/user-challenge-v1-cxf.xml"/>
  <import resource="classpath:META-INF/cxf/user-association-v1-cxf.xml"/>
  <import resource="classpath:META-INF/cxf/user-approval-v1-cxf.xml"/>
  <import resource="classpath:META-INF/cxf/authorized-apps-user-v1-cxf.xml"/>
@@ -33,6 +34,7 @@
  <import resource="classpath:META-INF/cxf/permission-management-v1-cxf.xml"/>
  <!--<import resource="classpath:META-INF/cxf/workflow-engine-server-v1-cxf.xml"/>-->
  <import resource="classpath:META-INF/cxf/claim-management-server-v1-cxf.xml"/>
+ <import resource="classpath:META-INF/cxf/challenge-server-v1-cxf.xml"/>
  <import resource="classpath:META-INF/cxf/email-template-server-v1-cxf.xml"/>
  <import resource="classpath:META-INF/cxf/applications-server-v1-cxf.xml"/>
  <import resource="classpath:META-INF/cxf/application-user-v1-cxf.xml"/>
@@ -91,6 +93,7 @@
  </bean>
  <jaxrs:server id="server" address="/server/v1">
  <jaxrs:serviceBeans>
+ <bean class="org.wso2.carbon.identity.rest.api.server.challenge.v1.ChallengesApi"/>
  <bean class="org.wso2.carbon.identity.rest.api.server.claim.management.v1.ClaimManagementApi"/>
  <bean class="org.wso2.carbon.identity.rest.api.server.email.template.v1.EmailApi"/>
  <bean class="org.wso2.carbon.identity.api.server.identity.governance.v1.IdentityGovernanceApi"/>
@@ -206,6 +209,8 @@
  <bean class="org.wso2.carbon.identity.rest.api.user.authorized.apps.v1.MeApi"/>
  <bean class="org.wso2.carbon.identity.rest.api.user.authorized.apps.v1.UserIdApi"/>
  <bean class="org.wso2.carbon.identity.rest.api.user.backupcode.v1.MeApi"/>
+ <bean class="org.wso2.carbon.identity.rest.api.user.challenge.v1.MeApi"/>
+ <bean class="org.wso2.carbon.identity.rest.api.user.challenge.v1.UserIdApi"/>
  <bean class="org.wso2.carbon.identity.rest.api.user.fido2.v1.MeApi"/>
  <bean class="org.wso2.carbon.identity.rest.api.user.functionality.v1.MeApi"/>
  <bean class="org.wso2.carbon.identity.rest.api.user.functionality.v1.UserIdApi"/>
@@ -244,6 +249,8 @@
  <bean class="org.wso2.carbon.identity.rest.api.user.authorized.apps.v1.MeApi"/>
  <bean class="org.wso2.carbon.identity.rest.api.user.authorized.apps.v1.UserIdApi"/>
  <bean class="org.wso2.carbon.identity.rest.api.user.backupcode.v1.MeApi"/>
+ <bean class="org.wso2.carbon.identity.rest.api.user.challenge.v1.MeApi"/>
+ <bean class="org.wso2.carbon.identity.rest.api.user.challenge.v1.UserIdApi"/>
  <bean class="org.wso2.carbon.identity.rest.api.user.fido2.v1.MeApi"/>
  <bean class="org.wso2.carbon.identity.rest.api.user.functionality.v1.MeApi"/>
  <bean class="org.wso2.carbon.identity.rest.api.user.functionality.v1.UserIdApi"/>
@@ -392,7 +399,10 @@
  <bean class="org.wso2.carbon.identity.recovery.endpoint.ClaimsApi"/>
  <bean class="org.wso2.carbon.identity.recovery.endpoint.RecoverPasswordApi"/>
  <bean class="org.wso2.carbon.identity.recovery.endpoint.RecoverUsernameApi"/>
+ <bean class="org.wso2.carbon.identity.recovery.endpoint.SecurityQuestionApi"/>
+ <bean class="org.wso2.carbon.identity.recovery.endpoint.SecurityQuestionsApi"/>
  <bean class="org.wso2.carbon.identity.recovery.endpoint.SetPasswordApi"/>
+ <bean class="org.wso2.carbon.identity.recovery.endpoint.ValidateAnswerApi"/>
  <bean class="org.wso2.carbon.identity.recovery.endpoint.ValidateCodeApi"/>
  <bean class="org.wso2.carbon.identity.recovery.endpoint.CaptchaApi"/>
  </jaxrs:serviceBeans>

modules/api-resources/pom.xml

@@ -136,6 +136,11 @@
  <artifactId>org.wso2.carbon.identity.api.server.common</artifactId>
  <version>${identity.server.api.version}</version>
  </dependency>
+ <dependency>
+ <groupId>org.wso2.carbon.identity.server.api</groupId>
+ <artifactId>org.wso2.carbon.identity.rest.api.server.challenge.v1</artifactId>
+ <version>${identity.server.api.version}</version>
+ </dependency>
  <dependency>
  <groupId>org.wso2.carbon.identity.server.api</groupId>
  <artifactId>org.wso2.carbon.identity.api.server.identity.governance.v1</artifactId>
@@ -156,6 +161,11 @@
  <artifactId>org.wso2.carbon.identity.api.server.admin.advisory.management.common</artifactId>
  <version>${identity.server.api.version}</version>
  </dependency>
+ <dependency>
+ <groupId>org.wso2.carbon.identity.server.api</groupId>
+ <artifactId>org.wso2.carbon.identity.api.server.challenge.common</artifactId>
+ <version>${identity.server.api.version}</version>
+ </dependency>
  <dependency>
  <groupId>org.wso2.carbon.identity.server.api</groupId>
  <artifactId>org.wso2.carbon.identity.rest.api.server.claim.management.v1</artifactId>

modules/integration/tests-common/admin-clients/pom.xml

@@ -134,6 +134,10 @@
  <groupId>org.wso2.carbon.identity.framework</groupId>
  <artifactId>org.wso2.carbon.identity.governance.stub</artifactId>
  </dependency>
+ <dependency>
+ <groupId>org.wso2.carbon.identity.governance</groupId>
+ <artifactId>org.wso2.carbon.identity.recovery.stub</artifactId>
+ </dependency>
  <dependency>
  <groupId>org.wso2.carbon.registry</groupId>
  <artifactId>org.wso2.carbon.registry.resource.stub</artifactId>
@@ -268,18 +272,6 @@
  <groupId>org.wso2.carbon.registry</groupId>
  <artifactId>org.wso2.carbon.registry.properties.stub</artifactId>
  </dependency>
- <!--
- Using the previous stub version for compilation due to deprecation of the challenge question management feature in IS 7.0.0 and onwards
- Note: Adding the version manually is temporary. After hosting the challenge questions as a connector,
- we need to enhance the test cases to download it and run tests on top of it. Once this process is complete,
- this manual version addition can be removed.
- -->
- <dependency>
- <groupId>org.wso2.carbon.identity.governance</groupId>
- <artifactId>org.wso2.carbon.identity.recovery.stub</artifactId>
- <version>1.8.87</version>
- <scope>compile</scope>
- </dependency>
  </dependencies>
 
  <properties>

modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/oauth2/OAuth2ServiceAbstractIntegrationTest.java

@@ -81,6 +81,8 @@ public class OAuth2ServiceAbstractIntegrationTest extends ISIntegrationTest {
  protected static final String EMAIL_CLAIM_URI = "http://wso2.org/claims/emailaddress";
  private static final String GIVEN_NAME_CLAIM_URI = "http://wso2.org/claims/givenname";
  protected static final String COUNTRY_CLAIM_URI = "http://wso2.org/claims/country";
+ private static final String customClaimURI1 = "http://wso2.org/claims/challengeQuestion1";
+ private static final String customClaimURI2 = "http://wso2.org/claims/challengeQuestion2";
  private static final String GRANT_TYPE_PASSWORD = "password";
  private static final String SCOPE_PRODUCTION = "PRODUCTION";
  public static final String OIDC = "oidc";
@@ -353,6 +355,12 @@ private ClaimConfiguration getClaimConfigurations() {
  claimConfiguration.addClaimMappingsItem(getClaimMapping(COUNTRY_CLAIM_URI));
  claimConfiguration.addRequestedClaimsItem(getRequestedClaim(COUNTRY_CLAIM_URI));
 
+ claimConfiguration.addClaimMappingsItem(getClaimMapping(customClaimURI1));
+ claimConfiguration.addRequestedClaimsItem(getRequestedClaim(customClaimURI1));
+
+ claimConfiguration.addClaimMappingsItem(getClaimMapping(customClaimURI2));
+ claimConfiguration.addRequestedClaimsItem(getRequestedClaim(customClaimURI2));
+
  return claimConfiguration;
  }
 

modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/oauth2/OAuth2ServiceAuthCodeGrantOpenIdRequestObjectTestCase.java

@@ -79,6 +79,10 @@ public class OAuth2ServiceAuthCodeGrantOpenIdRequestObjectTestCase extends OAuth
 
  public static final String ENCODED_OIDC_CLAIM_DIALECT = "aHR0cDovL3dzbzIub3JnL29pZGMvY2xhaW0";
  private static final String USERS_PATH = "users";
+ private static final String CHALLENGE_QUESTION_SET_ID1 = "challengeQuestion1";
+ private static final String CHALLENGE_QUESTION_SET_ID2 = "challengeQuestion2";
+ private static final String CHALLENGE_QUESTION_SET1_Q1 = "City where you were born ?";
+ private static final String CHALLENGE_QUESTION_SET2_Q1 = "Model of your first car ?";
  private static final String LOCALE = "en_US";
  private ServerConfigurationManager serverConfigurationManager;
 
@@ -100,6 +104,8 @@ public class OAuth2ServiceAuthCodeGrantOpenIdRequestObjectTestCase extends OAuth
  private static final String emailClaimURI = "http://wso2.org/claims/emailaddress";
  private static final String givenNameClaimURI = "http://wso2.org/claims/givenname";
  private static final String countryClaimURI = "http://wso2.org/claims/country";
+ private static final String customClaimURI1 = "http://wso2.org/claims/challengeQuestion1";
+ private static final String customClaimURI2 = "http://wso2.org/claims/challengeQuestion2";
  private static final String externalClaimURI1 = "externalClaim1";
  private static final String externalClaimURI2 = "externalClaim2";
  private static final String USER_EMAIL = "abcrqo@wso2.com";
@@ -120,6 +126,7 @@ public class OAuth2ServiceAuthCodeGrantOpenIdRequestObjectTestCase extends OAuth
 
  private SCIM2RestClient scim2RestClient;
  private ClaimManagementRestClient claimManagementRestClient;
+ private ChallengeQuestionsRestClient challengeQuestionsRestClient;
 
  private String applicationId;
  private String userId;
@@ -158,9 +165,12 @@ public void testInit() throws Exception {
  setSystemproperties();
 
  scim2RestClient = new SCIM2RestClient(serverURL, tenantInfo);
+ challengeQuestionsRestClient = new ChallengeQuestionsRestClient(serverURL, tenantInfo);
  claimManagementRestClient = new ClaimManagementRestClient(serverURL, tenantInfo);
 
  addAdminUser();
+ claimId1 = addOIDCClaims(externalClaimURI1, customClaimURI1);
+ claimId2 = addOIDCClaims(externalClaimURI2, customClaimURI2);
 
  }
 
@@ -185,6 +195,7 @@ public void atEnd() throws Exception {
  restClient.closeHttpClient();
  scim2RestClient.closeHttpClient();
  claimManagementRestClient.closeHttpClient();
+ challengeQuestionsRestClient.closeHttpClient();
  client.close();
  }
 
@@ -437,5 +448,16 @@ private void addAdminUser() throws Exception {
  patchRoleItem.addValue(new ListObject().value(userId));
 
  scim2RestClient.updateUserRole(new PatchOperationRequestObject().addOperations(patchRoleItem), roleId);
+
+ setChallengeQuestion(CHALLENGE_QUESTION_SET_ID1, CHALLENGE_QUESTION_SET1_Q1, CUSTOM_CLAIM1);
+ setChallengeQuestion(CHALLENGE_QUESTION_SET_ID2, CHALLENGE_QUESTION_SET2_Q1, CUSTOM_CLAIM2);
+ }
+
+ private void setChallengeQuestion(String questionSetId, String question, String answer) throws Exception {
+ UserChallengeAnswer challengeQuestionObj = new UserChallengeAnswer();
+ challengeQuestionObj.setChallengeQuestion(new Questions(LOCALE, question, null));
+ challengeQuestionObj.setAnswer(answer);
+
+ challengeQuestionsRestClient.setChallengeQuestionAnswer(userId, questionSetId, challengeQuestionObj);
  }
 }

modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/identity/governance/v1/get-category-QWNjb3VudCBNYW5hZ2VtZW50-response.json

@@ -131,6 +131,12 @@
  "displayName": "Notify when recovery success",
  "description": ""
  },
+ {
+ "name": "Recovery.Question.Password.NotifyStart",
+ "value": "false",
+ "displayName": "Notify when security questions based recovery starts",
+ "description": ""
+ },
  {
  "name": "Recovery.ExpiryTime",
  "value": "1440",

modules/integration/tests-integration/tests-backend/src/test/resources/testng.xml

@@ -50,8 +50,7 @@
  <class name="org.wso2.identity.integration.test.AuthenticationAdminTestCase"/>
  <class name="org.wso2.identity.integration.test.identity.mgt.AccountLockEnabledTestCase"/>
  <class name="org.wso2.identity.integration.test.identity.mgt.IdentityGovernanceTestCase"/>
- <!--Disabling since the Challenge Question is provided as a connector and it does not exist in the product by default.-->
- <!--<class name="org.wso2.identity.integration.test.challenge.questions.mgt.ChallengeQuestionManagementAdminServiceTestCase"/>-->
+ <class name="org.wso2.identity.integration.test.challenge.questions.mgt.ChallengeQuestionManagementAdminServiceTestCase"/>
 
  <class name="org.wso2.identity.integration.test.user.store.config.UserStoreConfigAdminTestCase"/>
  <class name="org.wso2.identity.integration.test.user.store.config.UserStoreConfigTestForIDENTITY5573"/>
@@ -119,8 +118,7 @@
  <class name="org.wso2.identity.integration.test.saml.SAMLIdPInitiatedSLOTestCase"/>
  <class name="org.wso2.identity.integration.test.saml.SAMLIdPInitiatedSSOTestCase"/>
  <class name="org.wso2.identity.integration.test.saml.SAMLSSOConsentTestCase"/>
- <!--Disabling since the Challenge Question is provided as a connector and it does not exist in the product by default.-->
- <!--<class name="org.wso2.identity.integration.test.postAuthnHandler.ChallengeQuestionPostAuthnHandlerTestCase"/>-->
+ <class name="org.wso2.identity.integration.test.postAuthnHandler.ChallengeQuestionPostAuthnHandlerTestCase"/>
  <class name="org.wso2.identity.integration.test.oauth2.dcrm.api.OAuthDCRMTestCase"/>
  <class name="org.wso2.identity.integration.test.functions.library.mgt.FunctionLibraryManagementTestCase"/>
  <class name="org.wso2.identity.integration.test.oauth2.OAuth2TokenRevocationWithRevokedAccessToken" />
@@ -140,9 +138,8 @@
  <test name="is-test-rest-api" preserve-order="true" parallel="false" group-by-instances="true">
  <classes>
  <!--Test cases for user REST APIs-->
- <!--Disabling since the Challenge Question is provided as a connector and it does not exist in the product by default.-->
- <!--<class name="org.wso2.identity.integration.test.rest.api.user.challenge.v1.UserMeSuccessTest"/>-->
- <!--<class name="org.wso2.identity.integration.test.rest.api.user.challenge.v1.UserMeNegativeTest"/>-->
+ <class name="org.wso2.identity.integration.test.rest.api.user.challenge.v1.UserMeSuccessTest"/>
+ <class name="org.wso2.identity.integration.test.rest.api.user.challenge.v1.UserMeNegativeTest"/>
  <class name="org.wso2.identity.integration.test.rest.api.user.association.v1.UserMeSuccessTestBase"/>
  <class name="org.wso2.identity.integration.test.rest.api.user.association.v1.UserMeNegativeTestBase"/>
  <class name="org.wso2.identity.integration.test.rest.api.user.approval.v1.UserMeApprovalTest"/>
@@ -160,8 +157,7 @@
  <class name="org.wso2.identity.integration.test.rest.api.user.application.v1.UserDiscoverableApplicationSuccessTest"/>
  <class name="org.wso2.identity.integration.test.rest.api.user.application.v1.UserDiscoverableApplicationFailureTest"/>
  <!--Test cases for server REST APIs-->
- <!--Disabling since the Challenge Question is provided as a connector and it does not exist in the product by default.-->
- <!--<class name="org.wso2.identity.integration.test.rest.api.server.challenge.v1.ServerChallengeTestCase"/>-->
+ <class name="org.wso2.identity.integration.test.rest.api.server.challenge.v1.ServerChallengeTestCase"/>
  <class name="org.wso2.identity.integration.test.rest.api.server.claim.management.v1.ClaimManagementSuccessTest"/>
  <class name="org.wso2.identity.integration.test.rest.api.server.claim.management.v1.ClaimManagementNegativeTest"/>
  <class name="org.wso2.identity.integration.test.rest.api.server.email.template.v1.EmailTemplatesPositiveTest"/>

pom.xml

@@ -1175,6 +1175,11 @@
  <artifactId>org.wso2.carbon.identity.recovery</artifactId>
  <version>${identity.governance.version}</version>
  </dependency>
+ <dependency>
+ <groupId>org.wso2.carbon.identity.governance</groupId>
+ <artifactId>org.wso2.carbon.identity.recovery.stub</artifactId>
+ <version>${identity.governance.version}</version>
+ </dependency>
  <dependency>
  <groupId>org.wso2.carbon.deployment</groupId>
  <artifactId>org.wso2.carbon.service.mgt.stub</artifactId>
@@ -2319,7 +2324,7 @@
  <carbon.consent.mgt.version>2.5.2</carbon.consent.mgt.version>
 
  <!--Identity Governance Version-->
- <identity.governance.version>1.8.89</identity.governance.version>
+ <identity.governance.version>1.8.87</identity.governance.version>
 
  <!--Identity Carbon Versions-->
  <identity.carbon.auth.saml2.version>5.8.5</identity.carbon.auth.saml2.version>
@@ -2430,8 +2435,8 @@
 
  <!-- Identity REST API feature -->
  <identity.api.dispatcher.version>2.0.13</identity.api.dispatcher.version>
- <identity.user.api.version>1.3.28</identity.user.api.version>
- <identity.server.api.version>1.2.129</identity.server.api.version>
+ <identity.user.api.version>1.3.27</identity.user.api.version>
+ <identity.server.api.version>1.2.128</identity.server.api.version>
 
  <identity.agent.sso.version>5.5.9</identity.agent.sso.version>
  <identity.tool.samlsso.validator.version>5.5.7</identity.tool.samlsso.validator.version>