ES-541

esignet-core/src/main/java/io/mosip/esignet/core/dto/ClientDetailCreateRequestV2.java

@@ -6,6 +6,7 @@
 package io.mosip.esignet.core.dto;
 
 import io.mosip.esignet.core.constants.ErrorConstants;
+import io.mosip.esignet.core.validator.ClientNameLang;
 import lombok.AllArgsConstructor;
 import lombok.Data;
 import lombok.NoArgsConstructor;
@@ -22,7 +23,7 @@
 public class ClientDetailCreateRequestV2 extends ClientDetailCreateRequest {
 
     @NotEmpty(message = ErrorConstants.INVALID_CLIENT_NAME)
-    private Map<@Size(message= ErrorConstants.INVALID_CLIENT_NAME_MAP_KEY, min=3, max=3) String,
+    private Map<@Size(message= ErrorConstants.INVALID_CLIENT_NAME_MAP_KEY, min=3, max=3) @ClientNameLang String,
             @NotBlank(message = ErrorConstants.INVALID_CLIENT_NAME_MAP_VALUE) String> clientNameLangMap;
 
     public ClientDetailCreateRequestV2(String clientId, String clientName, Map<String, Object> publicKey, String relyingPartyId,

esignet-core/src/main/java/io/mosip/esignet/core/dto/ClientDetailUpdateRequestV2.java

@@ -6,6 +6,7 @@
 package io.mosip.esignet.core.dto;
 
 import io.mosip.esignet.core.constants.ErrorConstants;
+import io.mosip.esignet.core.validator.ClientNameLang;
 import lombok.Data;
 import lombok.NoArgsConstructor;
 
@@ -18,7 +19,7 @@
 public class ClientDetailUpdateRequestV2 extends ClientDetailUpdateRequest {
 
     @NotEmpty(message = ErrorConstants.INVALID_CLIENT_NAME)
-    private Map<@Size(message = ErrorConstants.INVALID_CLIENT_NAME_MAP_KEY, min = 3, max = 3) String,
+    private Map<@Size(message = ErrorConstants.INVALID_CLIENT_NAME_MAP_KEY, min = 3, max = 3) @ClientNameLang String,
             @NotBlank(message = ErrorConstants.INVALID_CLIENT_NAME_MAP_VALUE) String> clientNameLangMap;
 
     public ClientDetailUpdateRequestV2(String logUri, List<String> redirectUris, List<String> userClaims, List<String> authContextRefs, String status, List<String> grantTypes, String clientName, List<String> clientAuthMethods, Map<String,String> clientNameLangMap){

esignet-core/src/main/java/io/mosip/esignet/core/validator/ClientNameLang.java

@@ -0,0 +1,24 @@
+package io.mosip.esignet.core.validator;
+
+import io.mosip.esignet.core.constants.ErrorConstants;
+
+import javax.validation.Constraint;
+import java.lang.annotation.Documented;
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+import static java.lang.annotation.ElementType.FIELD;
+import static java.lang.annotation.ElementType.TYPE_USE;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+@Target({FIELD, TYPE_USE})
+@Retention(RUNTIME)
+@Constraint(validatedBy = ClientNameLangValidator.class)
+@Documented
+public @interface ClientNameLang {
+    String message() default ErrorConstants.INVALID_CLIENT_NAME_MAP_KEY;
+
+    Class<?>[] groups() default {};
+
+    Class<?>[] payload() default {};
+}

esignet-core/src/main/java/io/mosip/esignet/core/validator/ClientNameLangValidator.java

@@ -0,0 +1,22 @@
+package io.mosip.esignet.core.validator;
+
+import javax.validation.ConstraintValidator;
+import javax.validation.ConstraintValidatorContext;
+import java.util.Arrays;
+import java.util.Locale;
+
+public class ClientNameLangValidator implements ConstraintValidator<ClientNameLang, String> {
+
+    private static final Locale[] availableLocales = Locale.getAvailableLocales();
+
+    @Override
+    public void initialize(ClientNameLang constraintAnnotation) {
+    }
+
+    @Override
+    public boolean isValid(String value, ConstraintValidatorContext context) {
+        boolean isValid = Arrays.stream(availableLocales)
+                .anyMatch(locale -> value.equals(locale.getISO3Language()));
+        return isValid;
+    }
+}

esignet-integration-api/src/main/java/io/mosip/esignet/api/dto/AuthChallenge.java

@@ -6,11 +6,13 @@
 package io.mosip.esignet.api.dto;
 
 import io.mosip.esignet.api.util.ErrorConstants;
+import io.mosip.esignet.api.validator.Format;
 import lombok.Data;
 
 import javax.validation.constraints.NotBlank;
 
 @Data
+@Format
 public class AuthChallenge {
 
     @NotBlank(message = ErrorConstants.INVALID_AUTH_FACTOR_TYPE)

esignet-integration-api/src/main/java/io/mosip/esignet/api/validator/Format.java

@@ -0,0 +1,25 @@
+package io.mosip.esignet.api.validator;
+
+import io.mosip.esignet.api.util.ErrorConstants;
+
+import javax.validation.Constraint;
+import javax.validation.Payload;
+import java.lang.annotation.Documented;
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+import static java.lang.annotation.ElementType.FIELD;
+import static java.lang.annotation.ElementType.TYPE_USE;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+@Target({FIELD, TYPE_USE})
+@Retention(RUNTIME)
+@Constraint(validatedBy = FormatValidator.class)
+@Documented
+public @interface Format {
+    String message() default ErrorConstants.INVALID_CHALLENGE_FORMAT;
+
+    Class<?>[] groups() default {};
+
+    Class<? extends Payload>[] payload() default {};
+}

esignet-integration-api/src/main/java/io/mosip/esignet/api/validator/FormatValidator.java

@@ -0,0 +1,41 @@
+package io.mosip.esignet.api.validator;
+
+import io.mosip.esignet.api.dto.AuthChallenge;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+import javax.validation.ConstraintValidator;
+import javax.validation.ConstraintValidatorContext;
+import java.util.List;
+import java.util.Map;
+
+
+@Component
+public class FormatValidator implements ConstraintValidator<Format, AuthChallenge> {
+    @Value("#{${mosip.esignet.supported-formats}}")
+    private Map<String, Object> supportedFormats;
+
+    @Override
+    public void initialize(Format constraintAnnotation) {
+    }
+
+    @Override
+    public boolean isValid(AuthChallenge authChallenge, ConstraintValidatorContext context) {
+        Object supportedFormatType = supportedFormats.get(authChallenge.getAuthFactorType());
+        if(supportedFormatType instanceof List) {
+            List<String> supportedFormatsList = (List<String>) supportedFormatType;
+            if (!supportedFormatsList.contains(authChallenge.getFormat())) {
+                return false;
+            }
+        } else if (supportedFormatType instanceof String) {
+            String supportedFormat = (String) supportedFormatType;
+            if (!supportedFormat.equals(authChallenge.getFormat())) {
+                return false;
+            }
+        } else {
+            return false;
+        }
+        return true;
+    }
+
+}

esignet-service/src/main/resources/application-local.properties

@@ -12,6 +12,7 @@ mosip.esignet.access-token-expire-seconds=3600
 mosip.esignet.link-code-expire-in-secs=60
 mosip.esignet.authentication-expire-in-secs=60
 mosip.esignet.cnonce-expire-seconds=20
+mosip.esignet.supported-formats={'OTP': 'alpha-numeric', 'PWD': 'alpha-numeric', 'BIO': 'encoded-json', 'WLA': 'jwt'}
 
 mosip.esignet.header-filter.paths-to-validate={'${server.servlet.path}/authorization/send-otp', \
   '${server.servlet.path}/authorization/authenticate', \

esignet-service/src/test/java/io/mosip/esignet/controllers/AuthorizationControllerTest.java

@@ -733,7 +733,7 @@ public void authenticateEndUser_withValidDetails_returnSuccessResponse() throws
         AuthChallenge authChallenge = new AuthChallenge();
         authChallenge.setChallenge("12345");
         authChallenge.setAuthFactorType("OTP");
-        authChallenge.setFormat("numeric");
+        authChallenge.setFormat("alpha-numeric");
 
         List<AuthChallenge> authChallengeList = new ArrayList<>();
         authChallengeList.add(authChallenge);
@@ -786,7 +786,36 @@ public void authenticateEndUser_withInvalidTimestamp_returnErrorResponse() throw
     }
 
     @Test
-    public void authenticateEndUser_withInvalidTransectionId_returnErrorResponse() throws Exception {
+    public void authenticateEndUser_withInvalidFormat_returnErrorResponse() throws Exception {
+        AuthRequest authRequest = new AuthRequest();
+        authRequest.setIndividualId("1234567890");
+        authRequest.setTransactionId("1234567890");
+
+        AuthChallenge authChallenge = new AuthChallenge();
+        authChallenge.setChallenge("1234567890");
+        authChallenge.setAuthFactorType("OTP");
+        authChallenge.setFormat("jwt");
+
+        List<AuthChallenge> authChallengeList = new ArrayList<>();
+        authChallengeList.add(authChallenge);
+
+        authRequest.setChallengeList(authChallengeList);
+
+        RequestWrapper wrapper = new RequestWrapper<>();
+        wrapper.setRequestTime(IdentityProviderUtil.getUTCDateTime());
+        wrapper.setRequest(authRequest);
+        when(authorizationService.authenticateUserV2(authRequest)).thenReturn(new AuthResponseV2());
+        mockMvc.perform(post("/authorization/v2/authenticate")
+                        .content(objectMapper.writeValueAsString(wrapper))
+                        .contentType(MediaType.APPLICATION_JSON))
+                .andExpect(status().isOk())
+                .andExpect(jsonPath("$.errors").isNotEmpty())
+                .andExpect(jsonPath("$.errors[0].errorCode").value(ErrorConstants.INVALID_CHALLENGE_FORMAT))
+                .andExpect(jsonPath("$.errors[0].errorMessage").value("request.challengeList[0]: invalid_challenge_format"));
+    }
+
+    @Test
+    public void authenticateEndUser_withInvalidTransactionId_returnErrorResponse() throws Exception {
         AuthRequest authRequest = new AuthRequest();
         authRequest.setIndividualId("1234567890");
 

esignet-service/src/test/java/io/mosip/esignet/controllers/ClientMgmtControllerParameterizedTest.java

@@ -114,6 +114,11 @@ public ClientMgmtControllerParameterizedTest(String title, ClientDetailCreateReq
                     Arrays.asList("mosip:idp:acr:static-code"), "https://logo-url/png",
                     Arrays.asList("https://logo-url/png"), Arrays.asList("authorization_code"),
                     Arrays.asList("private_key_jwt"),new HashMap<String,String>(){{put("eng", "clientname");}}), null, null,  ErrorConstants.INVALID_CLIENT_NAME },
+            { "With Invalid Language_code", new ClientDetailCreateRequestV2("client-id", "clientname", jwk,
+                    "rp-id", Arrays.asList("given_name"),
+                    Arrays.asList("mosip:idp:acr:static-code"), "https://logo-url/png",
+                    Arrays.asList("https://logo-url/png"), Arrays.asList("authorization_code"),
+                    Arrays.asList("private_key_jwt"),new HashMap<String,String>(){{put("abc", "clientname");}}), null, null,  ErrorConstants.INVALID_CLIENT_NAME_MAP_KEY },
             { "With Invalid public key", new ClientDetailCreateRequestV2("client-id", "Test client", new HashMap<>(),
                     "rp-id", Arrays.asList("given_name"),
                     Arrays.asList("mosip:idp:acr:static-code"), "https://logo-url/png",
@@ -184,6 +189,10 @@ public ClientMgmtControllerParameterizedTest(String title, ClientDetailCreateReq
                     Arrays.asList("https://logo-url/png"),Arrays.asList("given_name"),
                     Arrays.asList("mosip:idp:acr:static-code"), "ACTIVE", Arrays.asList("authorization_code"),
                     "client-name#1", Arrays.asList("private_key_jwt"),new HashMap<String,String>(){{put("eng", "clientname");}}), "cid#1", "invalid_client_id" },
+            { "update with invalid language_code", null,  new ClientDetailUpdateRequestV2("https://logo-url/png",
+                    Arrays.asList("https://logo-url/png"),Arrays.asList("given_name"),
+                    Arrays.asList("mosip:idp:acr:static-code"), "ACTIVE", Arrays.asList("authorization_code"),
+                    "client-name", Arrays.asList("private_key_jwt"),new HashMap<String,String>(){{put("abc", "clientname");}}), "cid#1", "invalid_language_code" },
             { "update client-details", new ClientDetailCreateRequestV2("client-id-up1", "client-name",
                     TestUtil.generateJWK_RSA().toPublicJWK().toJSONObject(),
                     "rp-id", Arrays.asList("given_name"),

esignet-service/src/test/java/io/mosip/esignet/controllers/KeyBindingControllerTest.java

@@ -265,7 +265,7 @@ public void bindWallet_withAuthChallengeEmptyFactorAndEmptyChallenge_thenFail()
 
 		List<String> errorCodes = Arrays.asList(INVALID_AUTH_FACTOR_TYPE, INVALID_CHALLENGE, INVALID_CHALLENGE_FORMAT);
 		ResponseWrapper responseWrapper = objectMapper.readValue(mvcResult.getResponse().getContentAsString(), ResponseWrapper.class);
-		Assert.assertTrue(responseWrapper.getErrors().size() == 3);
+		Assert.assertTrue(responseWrapper.getErrors().size() == 4);
 		Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(0)).getErrorCode()));
 		Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(1)).getErrorCode()));
 		Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(2)).getErrorCode()));

esignet-service/src/test/java/io/mosip/esignet/controllers/LinkedAuthorizationControllerTest.java

@@ -295,7 +295,7 @@ public void authenticate_withValidRequest_thenPass() throws Exception {
         LinkedKycAuthRequest linkedKycAuthRequest = new LinkedKycAuthRequest();
         linkedKycAuthRequest.setLinkedTransactionId("link-transaction-id");
         AuthChallenge authChallenge = new AuthChallenge();
-        authChallenge.setFormat("format");
+        authChallenge.setFormat("alpha-numeric");
         authChallenge.setAuthFactorType("OTP");
         authChallenge.setChallenge("challenge");
         linkedKycAuthRequest.setChallengeList(Arrays.asList(authChallenge));
@@ -319,7 +319,7 @@ public void authenticate_withException_thenFail() throws Exception {
         LinkedKycAuthRequest linkedKycAuthRequest = new LinkedKycAuthRequest();
         linkedKycAuthRequest.setLinkedTransactionId("link-transaction-id");
         AuthChallenge authChallenge = new AuthChallenge();
-        authChallenge.setFormat("format");
+        authChallenge.setFormat("alpha-numeric");
         authChallenge.setAuthFactorType("OTP");
         authChallenge.setChallenge("challenge");
         linkedKycAuthRequest.setChallengeList(Arrays.asList(authChallenge));
@@ -342,7 +342,7 @@ public void authenticate_withInvalidTransactionId_thenFail() throws Exception {
         LinkedKycAuthRequest linkedKycAuthRequest = new LinkedKycAuthRequest();
         linkedKycAuthRequest.setLinkedTransactionId("  ");
         AuthChallenge authChallenge = new AuthChallenge();
-        authChallenge.setFormat("format");
+        authChallenge.setFormat("alpha-numeric");
         authChallenge.setAuthFactorType("OTP");
         authChallenge.setChallenge("challenge");
         linkedKycAuthRequest.setChallengeList(Arrays.asList(authChallenge));
@@ -364,7 +364,7 @@ public void authenticate_withInvalidIndividualId_thenFail() throws Exception {
         LinkedKycAuthRequest linkedKycAuthRequest = new LinkedKycAuthRequest();
         linkedKycAuthRequest.setLinkedTransactionId("txn-id");
         AuthChallenge authChallenge = new AuthChallenge();
-        authChallenge.setFormat("format");
+        authChallenge.setFormat("alpha-numeric");
         authChallenge.setAuthFactorType("OTP");
         authChallenge.setChallenge("challenge");
         linkedKycAuthRequest.setChallengeList(Arrays.asList(authChallenge));
@@ -412,7 +412,7 @@ public void authenticate_withInvalidChallengeList_thenFail() throws Exception {
 
         List<String> errorCodes = Arrays.asList(INVALID_AUTH_FACTOR_TYPE, INVALID_CHALLENGE, INVALID_CHALLENGE_FORMAT);
         ResponseWrapper responseWrapper = objectMapper.readValue(mvcResult.getResponse().getContentAsString(), ResponseWrapper.class);
-        Assert.assertTrue(responseWrapper.getErrors().size() == 3);
+        Assert.assertTrue(responseWrapper.getErrors().size() == 4);
         Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(0)).getErrorCode()));
         Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(1)).getErrorCode()));
         Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(2)).getErrorCode()));
@@ -662,7 +662,7 @@ public void authenticateV2_withValidRequest_thenPass() throws Exception {
         LinkedKycAuthRequest linkedKycAuthRequest = new LinkedKycAuthRequest();
         linkedKycAuthRequest.setLinkedTransactionId("link-transaction-id");
         AuthChallenge authChallenge = new AuthChallenge();
-        authChallenge.setFormat("format");
+        authChallenge.setFormat("alpha-numeric");
         authChallenge.setAuthFactorType("OTP");
         authChallenge.setChallenge("challenge");
         linkedKycAuthRequest.setChallengeList(Arrays.asList(authChallenge));
@@ -686,7 +686,7 @@ public void authenticateV2_withException_thenFail() throws Exception {
         LinkedKycAuthRequest linkedKycAuthRequest = new LinkedKycAuthRequest();
         linkedKycAuthRequest.setLinkedTransactionId("link-transaction-id");
         AuthChallenge authChallenge = new AuthChallenge();
-        authChallenge.setFormat("format");
+        authChallenge.setFormat("alpha-numeric");
         authChallenge.setAuthFactorType("OTP");
         authChallenge.setChallenge("challenge");
         linkedKycAuthRequest.setChallengeList(Arrays.asList(authChallenge));
@@ -709,7 +709,7 @@ public void authenticateV2_withInvalidTransactionId_thenFail() throws Exception
         LinkedKycAuthRequest linkedKycAuthRequest = new LinkedKycAuthRequest();
         linkedKycAuthRequest.setLinkedTransactionId("  ");
         AuthChallenge authChallenge = new AuthChallenge();
-        authChallenge.setFormat("format");
+        authChallenge.setFormat("alpha-numeric");
         authChallenge.setAuthFactorType("OTP");
         authChallenge.setChallenge("challenge");
         linkedKycAuthRequest.setChallengeList(Arrays.asList(authChallenge));
@@ -731,7 +731,7 @@ public void authenticateV2_withInvalidIndividualId_thenFail() throws Exception {
         LinkedKycAuthRequest linkedKycAuthRequest = new LinkedKycAuthRequest();
         linkedKycAuthRequest.setLinkedTransactionId("txn-id");
         AuthChallenge authChallenge = new AuthChallenge();
-        authChallenge.setFormat("format");
+        authChallenge.setFormat("alpha-numeric");
         authChallenge.setAuthFactorType("OTP");
         authChallenge.setChallenge("challenge");
         linkedKycAuthRequest.setChallengeList(Arrays.asList(authChallenge));
@@ -779,7 +779,7 @@ public void authenticateV2_withInvalidChallengeList_thenFail() throws Exception
 
         List<String> errorCodes = Arrays.asList(INVALID_AUTH_FACTOR_TYPE, INVALID_CHALLENGE, INVALID_CHALLENGE_FORMAT);
         ResponseWrapper responseWrapper = objectMapper.readValue(mvcResult.getResponse().getContentAsString(), ResponseWrapper.class);
-        Assert.assertTrue(responseWrapper.getErrors().size() == 3);
+        Assert.assertTrue(responseWrapper.getErrors().size() == 4);
         Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(0)).getErrorCode()));
         Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(1)).getErrorCode()));
         Assert.assertTrue(errorCodes.contains(((Error)responseWrapper.getErrors().get(2)).getErrorCode()));

esignet-service/src/test/java/io/mosip/esignet/flows/AuthCodeFlowTest.java

@@ -283,7 +283,7 @@ private ResponseWrapper<AuthResponse> authenticate(String transactionId) throws
         AuthChallenge authChallenge = new AuthChallenge();
         authChallenge.setAuthFactorType("PIN");
         authChallenge.setChallenge("34789");
-        authChallenge.setFormat("number");
+        authChallenge.setFormat("numeric");
         kycAuthDto.setChallengeList(Arrays.asList(authChallenge));
         kycAuthDto.setTransactionId(transactionId);
 

esignet-service/src/test/java/io/mosip/esignet/flows/AuthorizationAPIFlowTest.java

@@ -403,7 +403,7 @@ private ResponseWrapper<AuthResponse> authenticateWithInvalidPin(String transact
         AuthChallenge authChallenge = new AuthChallenge();
         authChallenge.setAuthFactorType("PIN");
         authChallenge.setChallenge("1234453");
-        authChallenge.setFormat("number");
+        authChallenge.setFormat("numeric");
         kycAuthDto.setChallengeList(Arrays.asList(authChallenge));
         kycAuthDto.setTransactionId(transactionId);
 
@@ -428,7 +428,7 @@ private ResponseWrapper<AuthResponse> authenticate(String transactionId) throws
         AuthChallenge authChallenge = new AuthChallenge();
         authChallenge.setAuthFactorType("PIN");
         authChallenge.setChallenge("34789");
-        authChallenge.setFormat("number");
+        authChallenge.setFormat("numeric");
         kycAuthDto.setChallengeList(Arrays.asList(authChallenge));
         kycAuthDto.setTransactionId(transactionId);
 

esignet-service/src/test/resources/application-test.properties

@@ -10,6 +10,7 @@ mosip.esignet.supported-id-regex=\\S*
 mosip.esignet.id-token-expire-seconds=3600
 mosip.esignet.access-token.expire.seconds=3600
 mosip.esignet.link-code-expire-in-secs=60
+mosip.esignet.supported-formats={'OTP': 'alpha-numeric', 'PWD': 'alpha-numeric', 'BIO': 'encoded-json', 'WLA': 'jwt', 'PIN': 'numeric'}
 
 mosip.esignet.header-filter.paths-to-validate={'${server.servlet.path}/authorization/send-otp', \
   '${server.servlet.path}/authorization/authenticate', \