Merge branch 'master' into custom-fed-mgt-integration-tests-success

modules/api-resources/api-resources-full/pom.xml

@@ -500,5 +500,13 @@
             <groupId>org.wso2.carbon.identity.server.api</groupId>
             <artifactId>org.wso2.carbon.identity.api.server.action.management.common</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon.identity.server.api</groupId>
+            <artifactId>org.wso2.carbon.identity.api.server.rule.metadata.v1</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon.identity.server.api</groupId>
+            <artifactId>org.wso2.carbon.identity.api.server.rule.metadata.common</artifactId>
+        </dependency>
     </dependencies>
 </project>

modules/api-resources/api-resources-full/src/main/webapp/WEB-INF/beans.xml

@@ -80,6 +80,7 @@
     <import resource="classpath:META-INF/cxf/user-organization-v1-cxf.xml"/>
     <import resource="classpath:META-INF/cxf/api-resource-server-v1-cxf.xml"/>
     <import resource="classpath:META-INF/cxf/action-server-v1-cxf.xml"/>
+    <import resource="classpath:META-INF/cxf/rule-metadata-server-v1-cxf.xml"/>
 
     <context:property-placeholder/>
     <context:annotation-config/>
@@ -147,6 +148,7 @@
             <bean class="org.wso2.carbon.identity.api.server.organization.selfservice.v1.SelfServiceApi"/>
             <bean class="org.wso2.carbon.identity.api.server.api.resource.v1.MetaApi"/>
             <bean class="org.wso2.carbon.identity.api.server.action.management.v1.ActionsApi"/>
+            <bean class="org.wso2.carbon.identity.api.server.rule.metadata.v1.RulesApi"/>
         </jaxrs:serviceBeans>
         <jaxrs:providers>
             <bean class="com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider">

modules/api-resources/pom.xml

@@ -515,6 +515,16 @@
                 <artifactId>org.wso2.carbon.identity.api.server.action.management.common</artifactId>
                 <version>${identity.server.api.version}</version>
             </dependency>
+            <dependency>
+                <groupId>org.wso2.carbon.identity.server.api</groupId>
+                <artifactId>org.wso2.carbon.identity.api.server.rule.metadata.v1</artifactId>
+                <version>${identity.server.api.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.wso2.carbon.identity.server.api</groupId>
+                <artifactId>org.wso2.carbon.identity.api.server.rule.metadata.common</artifactId>
+                <version>${identity.server.api.version}</version>
+            </dependency>
 
             <!-- Legacy API dependencies -->
             <dependency>

modules/distribution/src/assembly/bin.xml

@@ -181,6 +181,17 @@
                 <include>**/</include>
             </includes>
         </fileSet>
+        <!--copy rule meta data files of rule metadata feature-->
+        <fileSet>
+            <directory>
+                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/resources/identity/rulemeta
+            </directory>
+            <outputDirectory>wso2is-${pom.version}/repository/resources/identity/rulemeta</outputDirectory>
+            <includes>
+                <include>**/*.json</include>
+            </includes>
+        </fileSet>
+
         <fileSet>
             <directory>src/repository/resources/conf/templates</directory>
             <outputDirectory>wso2is-${pom.version}/repository/resources/conf/templates</outputDirectory>

modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/action/management/v1/ActionsFailureTest.java

@@ -32,7 +32,6 @@
 import org.wso2.identity.integration.test.rest.api.server.action.management.v1.model.ActionModel;
 import org.wso2.identity.integration.test.rest.api.server.action.management.v1.model.ActionUpdateModel;
 import org.wso2.identity.integration.test.rest.api.server.action.management.v1.model.AuthenticationType;
-import org.wso2.identity.integration.test.rest.api.server.action.management.v1.model.AuthenticationTypeProperties;
 import org.wso2.identity.integration.test.rest.api.server.action.management.v1.model.Endpoint;
 
 import java.io.IOException;
@@ -159,6 +158,18 @@ public void testCreateActionAfterReachingMaxActionCount() {
     }
 
     @Test(dependsOnMethods = {"testCreateActionAfterReachingMaxActionCount"})
+    public void testGetActionByActionIdWithInvalidID() {
+
+        Response responseOfGet = getResponseOfGet(ACTION_MANAGEMENT_API_BASE_PATH +
+                PRE_ISSUE_ACCESS_TOKEN_PATH + "/" + TEST_ACTION_INVALID_ID);
+
+        responseOfGet.then()
+                .log().ifValidationFails()
+                .assertThat().statusCode(HttpStatus.SC_NOT_FOUND)
+                .body("description", equalTo("No action is found for given action id and action type"));
+    }
+
+    @Test(dependsOnMethods = {"testGetActionByActionIdWithInvalidID"})
     public void testCreateActionWithNotImplementedActionTypes() {
 
         for (String actionTypePath : NOT_IMPLEMENTED_ACTION_TYPE_PATHS) {

modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/action/management/v1/ActionsSuccessTest.java

@@ -30,7 +30,6 @@
 import org.wso2.identity.integration.test.rest.api.server.action.management.v1.model.ActionModel;
 import org.wso2.identity.integration.test.rest.api.server.action.management.v1.model.ActionUpdateModel;
 import org.wso2.identity.integration.test.rest.api.server.action.management.v1.model.AuthenticationType;
-import org.wso2.identity.integration.test.rest.api.server.action.management.v1.model.AuthenticationTypeProperties;
 import org.wso2.identity.integration.test.rest.api.server.action.management.v1.model.Endpoint;
 import org.wso2.identity.integration.test.rest.api.server.action.management.v1.model.EndpointUpdateModel;
 
@@ -113,7 +112,7 @@ public void testCreateAction() {
     }
 
     @Test(dependsOnMethods = {"testCreateAction"})
-    public void testGetActionByActionType() {
+    public void testGetActionsByActionType() {
 
         Response responseOfGet = getResponseOfGet(ACTION_MANAGEMENT_API_BASE_PATH +
                 PRE_ISSUE_ACCESS_TOKEN_PATH);
@@ -124,14 +123,33 @@ public void testGetActionByActionType() {
                 .body( "find { it.id == '" + testActionId + "' }.name", equalTo(TEST_ACTION_NAME))
                 .body( "find { it.id == '" + testActionId + "' }.description", equalTo(TEST_ACTION_DESCRIPTION))
                 .body( "find { it.id == '" + testActionId + "' }.status", equalTo(TEST_ACTION_ACTIVE_STATUS))
-                .body( "find { it.id == '" + testActionId + "' }.endpoint.uri", equalTo(TEST_ENDPOINT_URI))
-                .body( "find { it.id == '" + testActionId + "' }.endpoint.authentication.type",
-                        equalTo(AuthenticationType.TypeEnum.BASIC.toString()))
-                .body( "find { it.id == '" + testActionId + "' }.endpoint.authentication",
-                        not(hasKey(TEST_PROPERTIES_AUTH_ATTRIBUTE)));
+                .body("find { it.id == '" + testActionId + "' }.links", notNullValue())
+                .body("find { it.id == '" + testActionId + "' }.links.find { it.rel == 'self' }.href",
+                        equalTo(buildBaseURL() + ACTION_MANAGEMENT_API_BASE_PATH +
+                                PRE_ISSUE_ACCESS_TOKEN_PATH + "/" + testActionId))
+                .body("find { it.id == '" + testActionId + "' }.links.find { it.rel == 'self' }.method",
+                        equalTo("GET"));
     }
 
-    @Test(dependsOnMethods = {"testGetActionByActionType"})
+    @Test(dependsOnMethods = {"testGetActionsByActionType"})
+    public void testGetActionByActionId() {
+
+        Response responseOfGet = getResponseOfGet(ACTION_MANAGEMENT_API_BASE_PATH +
+                PRE_ISSUE_ACCESS_TOKEN_PATH + "/" + testActionId);
+        responseOfGet.then()
+                .log().ifValidationFails()
+                .assertThat()
+                .statusCode(HttpStatus.SC_OK)
+                .body("id", equalTo(testActionId))
+                .body("name", equalTo(TEST_ACTION_NAME))
+                .body("description", equalTo(TEST_ACTION_DESCRIPTION))
+                .body("status", equalTo(TEST_ACTION_ACTIVE_STATUS))
+                .body("endpoint.uri", equalTo(TEST_ENDPOINT_URI))
+                .body("endpoint.authentication.type", equalTo(AuthenticationType.TypeEnum.BASIC.toString()))
+                .body("endpoint.authentication", not(hasKey(TEST_PROPERTIES_AUTH_ATTRIBUTE)));
+    }
+
+    @Test(dependsOnMethods = {"testGetActionByActionId"})
     public void testGetActionTypes() {
 
         Response responseOfGet = getResponseOfGet(ACTION_MANAGEMENT_API_BASE_PATH + TYPES_API_PATH);

modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/action/management/v1/ActionsTestBase.java

@@ -28,6 +28,7 @@
 import org.testng.annotations.BeforeMethod;
 import org.testng.annotations.DataProvider;
 import org.wso2.carbon.automation.engine.context.TestUserMode;
+import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
 import org.wso2.identity.integration.test.rest.api.server.common.RESTAPIServerTestBase;
 
 import java.io.IOException;
@@ -44,8 +45,6 @@ public class ActionsTestBase extends RESTAPIServerTestBase {
     protected static final String PRE_ISSUE_ACCESS_TOKEN_PATH = "/preIssueAccessToken";
     protected static final String ACTION_DEACTIVATE_PATH = "/deactivate";
     protected static final String ACTION_ACTIVATE_PATH = "/activate";
-    protected static final String ACTION_BEARER_AUTH_PATH = "/bearer";
-    protected static final String ACTION_BASIC_AUTH_PATH = "/basic";
 
     protected static final String PRE_ISSUE_ACCESS_TOKEN_ACTION_TYPE = "PRE_ISSUE_ACCESS_TOKEN";
 
@@ -140,5 +139,19 @@ protected String toJSONString(Object object) {
         Gson gson = new GsonBuilder().setPrettyPrinting().create();
         return gson.toJson(object);
     }
+
+    /**
+     * Build the base URL for the REST API.
+     *
+     * @return Base URL.
+     */
+    public String buildBaseURL() {
+
+        if (this.tenant.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
+            return String.format(API_SERVER_BASE_PATH, "v1");
+        } else {
+            return "/t/" + this.tenant + String.format(API_SERVER_BASE_PATH, "v1");
+        }
+    }
 }
 

modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java

@@ -36,13 +36,15 @@
 
 import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.core.IsNull.notNullValue;
+import static org.testng.Assert.assertNotNull;
 
 /**
  * Test class for Identity Provider Management REST APIs failure paths.
  */
 public class IdPFailureTest extends IdPTestBase {
 
     private String idPId;
+    private static final String OIDC_IDP_ID = "T3BlbklEQ29ubmVjdEF1dGhlbnRpY2F0b3I";
 
     @Factory(dataProvider = "restAPIUserConfigProvider")
     public IdPFailureTest(TestUserMode userMode) throws Exception {
@@ -179,4 +181,58 @@ public void testPatchIdPNonExistentProperties() throws IOException {
         Response response = getResponseOfPatch(IDP_API_BASE_PATH + PATH_SEPARATOR + idPId, body);
         validateErrorResponse(response, HttpStatus.SC_NOT_FOUND, "IDP-65005", "JWKS URI");
     }
+
+    @Test
+    public void testUpdateIdPWithDuplicateOIDCScopes() throws IOException {
+
+        String body = readResource("add-idp-oidc-standard-based.json");
+        Response response = getResponseOfPost(IDP_API_BASE_PATH, body);
+        response.then()
+                .log().ifValidationFails()
+                .assertThat()
+                .statusCode(HttpStatus.SC_CREATED)
+                .header(HttpHeaders.LOCATION, notNullValue());
+
+        String location = response.getHeader(HttpHeaders.LOCATION);
+        assertNotNull(location);
+        String oidcIdPId = location.substring(location.lastIndexOf("/") + 1);
+        assertNotNull(oidcIdPId);
+
+        // update the OIDC IDP with duplicated scopes
+        String updateBody = readResource("update-idp-oidc-standard-based-duplicated-scopes.json");
+        Response updateResponse = getResponseOfPut(IDP_API_BASE_PATH + PATH_SEPARATOR + oidcIdPId +
+                PATH_SEPARATOR + IDP_FEDERATED_AUTHENTICATORS_PATH + PATH_SEPARATOR + OIDC_IDP_ID, updateBody);
+        updateResponse.then()
+                .log().ifValidationFails()
+                .assertThat()
+                .statusCode(HttpStatus.SC_BAD_REQUEST)
+                .body("message", equalTo("Duplicate OIDC Scopes."))
+                .body("description", equalTo("Cannot set scopes in both Scopes and Additional Query Parameters. " +
+                        "Recommend to use Scopes field."));
+
+        deleteCreatedIdP(oidcIdPId);
+    }
+
+    /**
+     * Deletes an Identity Provider by its ID and verifies the deletion.
+     *
+     * @param idPId ID of the Identity Provider to be deleted.
+     */
+    private void deleteCreatedIdP(String idPId) {
+
+        Response response = getResponseOfDelete(IDP_API_BASE_PATH + PATH_SEPARATOR + idPId);
+        response.then()
+                .log().ifValidationFails()
+                .assertThat()
+                .statusCode(HttpStatus.SC_NO_CONTENT);
+
+        Response responseOfGet = getResponseOfGet(IDP_API_BASE_PATH + PATH_SEPARATOR + idPId);
+        responseOfGet.then()
+                .log().ifValidationFails()
+                .assertThat()
+                .statusCode(HttpStatus.SC_NOT_FOUND)
+                .body("message", equalTo("Resource not found."))
+                .body("description", equalTo("Unable to find a resource matching the provided identity " +
+                        "provider identifier " + idPId + "."));
+    }
 }