Merge remote-tracking branch 'upstream/release-1.5.1-temp' into relea…

…se-1.5.1-temp

client-management-service-impl/src/main/java/io/mosip/esignet/entity/ClientDetail.java

@@ -45,7 +45,7 @@ public class ClientDetail {
     private String redirectUris;
 
     @NotBlank(message = INVALID_PUBLIC_KEY)
-    @Column(name = "public_key", columnDefinition = "TEXT")
+    @Column(name = "public_key", columnDefinition = "jsonb")
     private String publicKey;
 
     @NotBlank(message = INVALID_CLAIM)

db_scripts/mosip_esignet/ddl/esignet-client_detail.sql

@@ -23,16 +23,17 @@ CREATE TABLE client_detail(
 	redirect_uris character varying NOT NULL,
 	claims character varying NOT NULL,
 	acr_values character varying NOT NULL,
-	public_key character varying NOT NULL,
+	public_key jsonb NOT NULL,
 	grant_types character varying NOT NULL,
 	auth_methods character varying NOT NULL,
 	status character varying(20) NOT NULL,
 	cr_dtimes timestamp NOT NULL,
 	upd_dtimes timestamp,
-	CONSTRAINT pk_clntdtl_id PRIMARY KEY (id),
-	CONSTRAINT uk_clntdtl_key UNIQUE (public_key)
+	CONSTRAINT pk_clntdtl_id PRIMARY KEY (id)
 );
 
+CREATE UNIQUE INDEX unique_n_value ON client_detail ((public_key->>'n'));
+
 COMMENT ON TABLE client_detail IS 'Contains key alias and  metadata of all the keys used in MOSIP system.';
 
 COMMENT ON COLUMN client_detail.id IS 'Client ID: Unique id assigned to registered OIDC client.';

db_upgrade_script/mosip_esignet/sql/1.5.0_to_1.5.1_rollback.sql

@@ -0,0 +1,49 @@
+\c mosip_esignet
+
+CREATE OR REPLACE FUNCTION is_column_jsonb(
+    p_table_name text,
+    p_column_name text,
+    p_schema_name text DEFAULT current_schema()
+) RETURNS boolean AS $$
+DECLARE
+    v_column_type text;
+BEGIN
+    -- Get the column data type
+    SELECT data_type INTO v_column_type
+    FROM information_schema.columns
+    WHERE table_schema = p_schema_name
+    AND table_name = p_table_name
+    AND column_name = p_column_name;
+
+    -- Handle case when column doesn't exist
+    IF v_column_type IS NULL THEN
+        RAISE EXCEPTION 'Column %.% does not exist', p_table_name, p_column_name;
+    END IF;
+
+    -- Return true if jsonb, false otherwise
+    RETURN v_column_type = 'jsonb';
+
+EXCEPTION
+    WHEN undefined_table THEN
+        RAISE EXCEPTION 'Table %.% does not exist', p_schema_name, p_table_name;
+    WHEN OTHERS THEN
+        RAISE EXCEPTION 'Error checking column type: %', SQLERRM;
+END;
+$$ LANGUAGE plpgsql;
+
+DO $$
+BEGIN
+IF is_column_jsonb('client_detail', 'public_key') THEN
+    IF EXISTS (
+        SELECT 1 FROM information_schema.tables
+        WHERE table_name='client_detail_migr_bkp'
+    ) THEN
+        DROP TABLE client_detail;
+        CREATE TABLE client_detail (LIKE client_detail_migr_bkp including ALL);
+        INSERT INTO client_detail SELECT * FROM client_detail_migr_bkp;
+        DROP TABLE client_detail_migr_bkp;
+    ELSE
+        RAISE EXCEPTION 'Error: Backup doesn''t exist';
+    END IF;
+END IF;
+END $$

db_upgrade_script/mosip_esignet/sql/1.5.0_to_1.5.1_upgrade.sql

@@ -0,0 +1,71 @@
+\c mosip_esignet
+
+CREATE OR REPLACE FUNCTION is_column_jsonb(
+    p_table_name text,
+    p_column_name text,
+    p_schema_name text DEFAULT current_schema()
+) RETURNS boolean AS $$
+DECLARE
+    v_column_type text;
+BEGIN
+    -- Get the column data type
+    SELECT data_type INTO v_column_type
+    FROM information_schema.columns
+    WHERE table_schema = p_schema_name
+    AND table_name = p_table_name
+    AND column_name = p_column_name;
+
+    -- Handle case when column doesn't exist
+    IF v_column_type IS NULL THEN
+        RAISE EXCEPTION 'Column %.% does not exist', p_table_name, p_column_name;
+    END IF;
+
+    -- Return true if jsonb, false otherwise
+    RETURN v_column_type = 'jsonb';
+
+EXCEPTION
+    WHEN undefined_table THEN
+        RAISE EXCEPTION 'Table %.% does not exist', p_schema_name, p_table_name;
+    WHEN OTHERS THEN
+        RAISE EXCEPTION 'Error checking column type: %', SQLERRM;
+END;
+$$ LANGUAGE plpgsql;
+
+
+DO $$
+BEGIN
+IF NOT is_column_jsonb('client_detail', 'public_key') THEN
+
+    -- create backup
+    DROP TABLE IF EXISTS client_detail_migr_bkp;
+    CREATE TABLE client_detail_migr_bkp (LIKE client_detail including ALL);
+    INSERT into client_detail_migr_bkp SELECT * from client_detail;
+    ----
+
+    ALTER TABLE client_detail ADD COLUMN public_key_new jsonb;
+    UPDATE client_detail SET public_key_new = public_key::jsonb;
+    ALTER TABLE client_detail DROP COLUMN public_key;
+    ALTER TABLE client_detail RENAME COLUMN public_key_new TO public_key;
+
+    -- inactivating clients with same modulus in public key
+    WITH duplicates AS (
+        SELECT public_key->>'n' as modulus
+        FROM client_detail
+        WHERE public_key->>'n' IS NOT NULL
+        GROUP BY public_key->>'n'
+        HAVING COUNT(*) > 1
+    )
+    UPDATE client_detail SET status='INACTIVE', public_key='{}'::jsonb where id IN (
+    SELECT
+        client_detail.id
+    FROM client_detail
+    JOIN duplicates ON client_detail.public_key->>'n' = duplicates.modulus);
+    ----
+
+    ALTER TABLE client_detail ALTER COLUMN public_key SET NOT NULL;
+    CREATE UNIQUE INDEX unique_n_value ON client_detail ((public_key->>'n'));
+    RAISE NOTICE 'Upgrade Successful';
+ELSE
+    RAISE NOTICE 'Database already uptodate';
+END IF;
+END $$

docker-compose/init.sql

@@ -33,16 +33,17 @@ CREATE TABLE esignet.client_detail(
   redirect_uris character varying NOT NULL,
   claims character varying NOT NULL,
   acr_values character varying NOT NULL,
-  public_key character varying NOT NULL,
+  public_key jsonb NOT NULL,
   grant_types character varying NOT NULL,
   auth_methods character varying NOT NULL,
   status character varying(20) NOT NULL,
   cr_dtimes timestamp NOT NULL,
   upd_dtimes timestamp,
-  CONSTRAINT pk_clntdtl_id PRIMARY KEY (id),
-  CONSTRAINT uk_clntdtl_key UNIQUE (public_key)
+  CONSTRAINT pk_clntdtl_id PRIMARY KEY (id)
 );
 
+CREATE UNIQUE INDEX unique_n_value ON esignet.client_detail ((public_key->>'n'));
+
 create table esignet.consent_detail (
     id UUID NOT NULL,
     client_id VARCHAR NOT NULL,

esignet-service/src/main/resources/bootstrap.properties

@@ -45,4 +45,7 @@ logging.level.io.mosip.esignet=INFO
 management.endpoint.metrics.enabled=true
 management.endpoints.web.exposure.include=*
 management.endpoint.prometheus.enabled=true
-management.metrics.export.prometheus.enabled=true
+management.metrics.export.prometheus.enabled=true
+
+# to accept string as valid type for jsonb column
+spring.datasource.hikari.data-source-properties=stringtype=unspecified

oidc-ui/src/App.css

@@ -574,6 +574,11 @@ input[type="number"] {
   padding-top: 10px;
 }
 
+input[type='password']::-ms-reveal,
+input[type='password']::-ms-clear {
+  display: none;
+}
+
 @media screen and (max-width: 375px) {
   .pincode-input-text {
     width: 2em !important;

oidc-ui/src/constants/clientConstants.js

@@ -105,6 +105,14 @@ const modalityIconPath = {
   KBI: "images/sign_in_with_kba.png"
 };
 
+const errorCodeObj = {
+  dismiss: "consent_rejected",
+  invalid_transaction: "invalid_transaction",
+  incompatible_browser: "incompatible_browser",
+  ekyc_failed: "ekyc_failed",
+  no_ekyc_provider: "no_ekyc_provider"
+};
+
 export {
   deviceType,
   challengeTypes,
@@ -115,4 +123,5 @@ export {
   challengeFormats,
   walletConfigKeys,
   modalityIconPath,
+  errorCodeObj
 };

oidc-ui/src/pages/Consent.js

@@ -7,6 +7,7 @@ import openIDConnectService from "../services/openIDConnectService";
 import DefaultError from "../components/DefaultError";
 import sha256 from "crypto-js/sha256";
 import Base64 from "crypto-js/enc-base64";
+import { errorCodeObj } from "../constants/clientConstants";
 
 export default function ConsentPage() {
   const [searchParams, setSearchParams] = useSearchParams();
@@ -44,13 +45,6 @@ export default function ConsentPage() {
     return hashB64;
   };
 
-  const errorCodeObj = {
-    dismiss: "consent_rejected",
-    invalid_transaction: "invalid_transaction",
-    incompatible_browser: "incompatible_browser",
-    ekyc_failed: "ekyc_failed"
-  };
-
   const handleRedirection = (redirect_uri, errorCode) => {
     urlInfoParams.set("error", errorCode);