From c975ec682341324cffa3603128e5e4bcda589e9d Mon Sep 17 00:00:00 2001 From: Aravindhan Alagesan Date: Wed, 1 Nov 2023 14:26:16 +0530 Subject: [PATCH 1/9] Added the string lower case function to avoid error throwing while comparing Signed-off-by: Aravindhan Alagesan --- .../main/java/io/mosip/resident/validator/RequestValidator.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java b/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java index 52b7e4a3626..75a188011e2 100644 --- a/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java +++ b/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java @@ -599,7 +599,7 @@ public void validateAuthType(List authType, String msg) { String[] authTypesArray = authTypes.split(","); List authTypesAllowed = new ArrayList<>(Arrays.asList(authTypesArray)); for (String type : authType) { - if (!authTypesAllowed.contains(type)) { + if (!authTypesAllowed.toLowerCase().contains(type.toLowerCase())) { audit.setAuditRequestDto(EventEnum.getEventEnumWithValue(EventEnum.INPUT_INVALID, "authTypes", msg)); throw new InvalidInputException("authTypes"); } From 081b256393e063da45adcdb4c3bdd4d286d93969 Mon Sep 17 00:00:00 2001 From: Aravindhan Alagesan Date: Wed, 1 Nov 2023 14:29:41 +0530 Subject: [PATCH 2/9] Added the string lower case function to avoid error throwing while comparing Signed-off-by: Aravindhan Alagesan --- .../java/io/mosip/resident/validator/RequestValidator.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java b/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java index 75a188011e2..47f17f6d8ab 100644 --- a/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java +++ b/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java @@ -596,10 +596,10 @@ public void validateAuthType(List authType, String msg) { audit.setAuditRequestDto(EventEnum.getEventEnumWithValue(EventEnum.INPUT_INVALID, "authTypes", msg)); throw new InvalidInputException("authTypes"); } - String[] authTypesArray = authTypes.split(","); + String[] authTypesArray = authTypes.split(",").toLowerCase(); List authTypesAllowed = new ArrayList<>(Arrays.asList(authTypesArray)); for (String type : authType) { - if (!authTypesAllowed.toLowerCase().contains(type.toLowerCase())) { + if (!authTypesAllowed.contains(type.toLowerCase())) { audit.setAuditRequestDto(EventEnum.getEventEnumWithValue(EventEnum.INPUT_INVALID, "authTypes", msg)); throw new InvalidInputException("authTypes"); } From 3e77d17adb94218e27ff07d48800ca5e8ed3d5ba Mon Sep 17 00:00:00 2001 From: Aravindhan Alagesan Date: Wed, 1 Nov 2023 15:03:40 +0530 Subject: [PATCH 3/9] Added the string lower case function to avoid error throwing while comparing Signed-off-by: Aravindhan Alagesan --- .../main/java/io/mosip/resident/validator/RequestValidator.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java b/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java index 47f17f6d8ab..bd6a4252011 100644 --- a/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java +++ b/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java @@ -596,7 +596,7 @@ public void validateAuthType(List authType, String msg) { audit.setAuditRequestDto(EventEnum.getEventEnumWithValue(EventEnum.INPUT_INVALID, "authTypes", msg)); throw new InvalidInputException("authTypes"); } - String[] authTypesArray = authTypes.split(",").toLowerCase(); + String[] authTypesArray = authTypes.toLowerCase().split(","); List authTypesAllowed = new ArrayList<>(Arrays.asList(authTypesArray)); for (String type : authType) { if (!authTypesAllowed.contains(type.toLowerCase())) { From dab85a3150a2e4beca299a4457624324477c0825 Mon Sep 17 00:00:00 2001 From: Aravindhan Alagesan Date: Thu, 2 Nov 2023 12:16:25 +0530 Subject: [PATCH 4/9] Added the condition to validate unlockfor second param to avoid confusion incase of authentication locked Signed-off-by: Aravindhan Alagesan --- .../resident/constant/ResidentErrorCode.java | 1 + .../java/io/mosip/resident/util/EventEnum.java | 3 +++ .../resident/validator/RequestValidator.java | 15 ++++++++++++--- 3 files changed, 16 insertions(+), 3 deletions(-) diff --git a/resident/resident-service/src/main/java/io/mosip/resident/constant/ResidentErrorCode.java b/resident/resident-service/src/main/java/io/mosip/resident/constant/ResidentErrorCode.java index 3572caf24ab..2a7badc7255 100644 --- a/resident/resident-service/src/main/java/io/mosip/resident/constant/ResidentErrorCode.java +++ b/resident/resident-service/src/main/java/io/mosip/resident/constant/ResidentErrorCode.java @@ -43,6 +43,7 @@ public enum ResidentErrorCode { PACKET_CREATION_EXCEPTION("RES-SER-424", "Exception while creating packet."), OTP_GENERATION_EXCEPTION("RES-SER-425", "while generating otp error is occured"), POLICY_EXCEPTION("RES-SER-426", "while retrieving policy details error is occured"), + UNSUPPORTED_INPUT("RES-SER-427", "Unsupported Input Parameter - "), PACKET_SIGNKEY_EXCEPTION("RES-SER-430", "Public sign key is not available from key manager"), MACHINE_MASTER_CREATE_EXCEPTION("RES-SER-431", "Machine is not created in master data"), INDIVIDUAL_ID_TYPE_INVALID("RES-SER-432", "Individual Id type is invalid"), diff --git a/resident/resident-service/src/main/java/io/mosip/resident/util/EventEnum.java b/resident/resident-service/src/main/java/io/mosip/resident/util/EventEnum.java index 24ea23eef5f..cd656a480fb 100644 --- a/resident/resident-service/src/main/java/io/mosip/resident/util/EventEnum.java +++ b/resident/resident-service/src/main/java/io/mosip/resident/util/EventEnum.java @@ -718,6 +718,9 @@ public enum EventEnum { PACKET_CREATED_FAILURE("RES-SER-425", RegistrationConstants.SYSTEM, "Request to upload UIN packet: Failed", "Packet sync Failure", "RES-SER", "Residence service", "RS-PACK", "Packet creation", RegistrationConstants.RESIDENT_APPLICATION_ID, RegistrationConstants.RESIDENT_APPLICATION_NAME), + UNSUPPORTED_INPUT("RES-SER-427", RegistrationConstants.SYSTEM, "Unsupported input", "Unsupported input parameter %s", + "RES-SER", "Residence service", "RS-VAL", "Validation section", RegistrationConstants.RESIDENT_APPLICATION_ID, + RegistrationConstants.RESIDENT_APPLICATION_NAME), INVALID_PAGE_START_VALUE("RES-SER-446", RegistrationConstants.SYSTEM, "Invalid page start value", "Invalid page start value %s", "RES-SER", "Residence service", "RS-VAL", "Validation", RegistrationConstants.RESIDENT_APPLICATION_ID, RegistrationConstants.RESIDENT_APPLICATION_NAME), diff --git a/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java b/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java index bd6a4252011..a07e71d7bc0 100644 --- a/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java +++ b/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java @@ -402,20 +402,29 @@ private void validateAuthTypeV2(List authType) { audit.setAuditRequestDto(EventEnum.INPUT_DOESNT_EXISTS); throw new InvalidInputException("authTypes"); } - String[] authTypesArray = authTypes.split(","); + String[] authTypesArray = authTypes.toLowerCase().split(","); List authTypesAllowed = new ArrayList<>(Arrays.asList(authTypesArray)); for (AuthTypeStatusDtoV2 authTypeStatusDto : authType) { String authTypeString = ResidentServiceImpl.getAuthTypeBasedOnConfigV2(authTypeStatusDto); - if (StringUtils.isEmpty(authTypeString) || !authTypesAllowed.contains(authTypeString)) { + if (StringUtils.isEmpty(authTypeString) || !authTypesAllowed.contains(authTypeString.toLowerCase())) { audit.setAuditRequestDto(EventEnum.getEventEnumWithValue(EventEnum.INPUT_INVALID, "authTypes", "Request to generate VID")); throw new InvalidInputException("authTypes"); } - if(!isValidUnlockForSeconds(authTypeStatusDto.getUnlockForSeconds())) { + + if(!authTypeStatusDto.getLocked() && !isValidUnlockForSeconds(authTypeStatusDto.getUnlockForSeconds())) { audit.setAuditRequestDto(EventEnum.getEventEnumWithValue(EventEnum.INPUT_INVALID, "unlockForSeconds", "Request to generate VID")); throw new InvalidInputException("unlockForSeconds"); } + + if(authTypeStatusDto.getLocked() && (authTypeStatusDto.getUnlockForSeconds() != null)) { + audit.setAuditRequestDto(EventEnum.getEventEnumWithValue(EventEnum.UNSUPPORTED_INPUT, "unlockForSeconds", + "Request to generate VID")); + throw new InvalidInputException("unlockForSeconds"); + } + + List authTypes = Arrays.asList(authTypeString); validateAuthType(authTypes, "Request auth " + authTypes.toString().toLowerCase() + " API"); From b137813db94be33b06e5e0775ee158baac329c19 Mon Sep 17 00:00:00 2001 From: Aravindhan Alagesan Date: Thu, 2 Nov 2023 12:23:38 +0530 Subject: [PATCH 5/9] Added the condition to validate unlockfor second param to avoid confusion incase of authentication locked Signed-off-by: Aravindhan Alagesan --- .../mosip/resident/validator/RequestValidator.java | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java b/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java index a07e71d7bc0..816ac6e9ec7 100644 --- a/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java +++ b/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java @@ -397,14 +397,14 @@ public void validateAuthLockOrUnlockRequestV2(RequestWrapper authType) { - if (authType == null || authType.isEmpty()) { + private void validateAuthTypeV2(List authTypesList) { + if (authTypesList == null || authTypesList.isEmpty()) { audit.setAuditRequestDto(EventEnum.INPUT_DOESNT_EXISTS); throw new InvalidInputException("authTypes"); } String[] authTypesArray = authTypes.toLowerCase().split(","); List authTypesAllowed = new ArrayList<>(Arrays.asList(authTypesArray)); - for (AuthTypeStatusDtoV2 authTypeStatusDto : authType) { + for (AuthTypeStatusDtoV2 authTypeStatusDto : authTypesList) { String authTypeString = ResidentServiceImpl.getAuthTypeBasedOnConfigV2(authTypeStatusDto); if (StringUtils.isEmpty(authTypeString) || !authTypesAllowed.contains(authTypeString.toLowerCase())) { audit.setAuditRequestDto(EventEnum.getEventEnumWithValue(EventEnum.INPUT_INVALID, "authTypes", @@ -600,14 +600,14 @@ public void validatePageFetchAndPageStartFormat(RequestWrapper authType, String msg) { - if (authType == null || authType.isEmpty()) { + public void validateAuthType(List authTypesList, String msg) { + if (authTypesList == null || authTypesList.isEmpty()) { audit.setAuditRequestDto(EventEnum.getEventEnumWithValue(EventEnum.INPUT_INVALID, "authTypes", msg)); throw new InvalidInputException("authTypes"); } String[] authTypesArray = authTypes.toLowerCase().split(","); List authTypesAllowed = new ArrayList<>(Arrays.asList(authTypesArray)); - for (String type : authType) { + for (String type : authTypesList) { if (!authTypesAllowed.contains(type.toLowerCase())) { audit.setAuditRequestDto(EventEnum.getEventEnumWithValue(EventEnum.INPUT_INVALID, "authTypes", msg)); throw new InvalidInputException("authTypes"); From 9dfdf28b5f93179f78bdc1ebacf98e3f90c44f8d Mon Sep 17 00:00:00 2001 From: Aravindhan Alagesan Date: Thu, 2 Nov 2023 12:52:14 +0530 Subject: [PATCH 6/9] Added the condition to validate unlockfor second param to avoid confusion incase of authentication locked Signed-off-by: Aravindhan Alagesan --- .../resident/validator/RequestValidator.java | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java b/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java index 816ac6e9ec7..7131aca97be 100644 --- a/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java +++ b/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java @@ -179,7 +179,7 @@ public void setAuthHstoryId(String authHstoryId) { } @Value("${auth.types.allowed}") - private String authTypes; + private String allowedAuthTypes; @Value("${resident.authunlock.id}") public void setAuthUnlockId(String authUnLockId) { @@ -402,7 +402,7 @@ private void validateAuthTypeV2(List authTypesList) { audit.setAuditRequestDto(EventEnum.INPUT_DOESNT_EXISTS); throw new InvalidInputException("authTypes"); } - String[] authTypesArray = authTypes.toLowerCase().split(","); + String[] authTypesArray = allowedAuthTypes.toLowerCase().split(","); List authTypesAllowed = new ArrayList<>(Arrays.asList(authTypesArray)); for (AuthTypeStatusDtoV2 authTypeStatusDto : authTypesList) { String authTypeString = ResidentServiceImpl.getAuthTypeBasedOnConfigV2(authTypeStatusDto); @@ -425,8 +425,8 @@ private void validateAuthTypeV2(List authTypesList) { } - List authTypes = Arrays.asList(authTypeString); - validateAuthType(authTypes, + List authTypesList = Arrays.asList(authTypeString); + validateAuthType(authTypesList, "Request auth " + authTypes.toString().toLowerCase() + " API"); } @@ -462,14 +462,14 @@ public void validateAuthLockOrUnlockRequest(RequestWrapper authTypes = new ArrayList(); + List authTypesList = new ArrayList(); if (requestDTO.getRequest().getAuthType() != null && !requestDTO.getRequest().getAuthType().isEmpty()) { for(String authType:requestDTO.getRequest().getAuthType()) { String authTypeString = ResidentServiceImpl.getAuthTypeBasedOnConfig(authType); - authTypes.add(authTypeString); + authTypesList.add(authTypeString); } } - validateAuthType(authTypes, + validateAuthType(authTypesList, "Request auth " + authTypeStatus.toString().toLowerCase() + " API"); } @@ -605,7 +605,7 @@ public void validateAuthType(List authTypesList, String msg) { audit.setAuditRequestDto(EventEnum.getEventEnumWithValue(EventEnum.INPUT_INVALID, "authTypes", msg)); throw new InvalidInputException("authTypes"); } - String[] authTypesArray = authTypes.toLowerCase().split(","); + String[] authTypesArray = allowedAuthTypes.toLowerCase().split(","); List authTypesAllowed = new ArrayList<>(Arrays.asList(authTypesArray)); for (String type : authTypesList) { if (!authTypesAllowed.contains(type.toLowerCase())) { @@ -978,14 +978,14 @@ public void validateAuthUnlockRequest(RequestWrapper reque "Request auth " + authTypeStatus.toString().toLowerCase() + " API")); throw new InvalidInputException("transactionId"); } - List authTypes = new ArrayList(); + List authTypesList = new ArrayList(); if (requestDTO.getRequest().getAuthType() != null && !requestDTO.getRequest().getAuthType().isEmpty()) { for(String authType:requestDTO.getRequest().getAuthType()) { String authTypeString = ResidentServiceImpl.getAuthTypeBasedOnConfig(authType); - authTypes.add(authTypeString); + authTypesList.add(authTypeString); } } - validateAuthType(authTypes, + validateAuthType(authTypesList, "Request auth " + authTypeStatus.toString().toLowerCase() + " API"); if (StringUtils.isEmpty(requestDTO.getRequest().getUnlockForSeconds()) || !isNumeric(requestDTO.getRequest().getUnlockForSeconds())) { audit.setAuditRequestDto(EventEnum.getEventEnumWithValue(EventEnum.INPUT_INVALID, "unlockForSeconds", From 1df962c2cbf3d7602224e63d5cb3f6969511885d Mon Sep 17 00:00:00 2001 From: Aravindhan Alagesan Date: Thu, 2 Nov 2023 13:39:12 +0530 Subject: [PATCH 7/9] Added the condition to validate unlockfor second param to avoid confusion incase of authentication locked Signed-off-by: Aravindhan Alagesan --- .../java/io/mosip/resident/validator/RequestValidator.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java b/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java index 7131aca97be..fe15392e7ad 100644 --- a/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java +++ b/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java @@ -425,8 +425,8 @@ private void validateAuthTypeV2(List authTypesList) { } - List authTypesList = Arrays.asList(authTypeString); - validateAuthType(authTypesList, + List authTypes = Arrays.asList(authTypeString); + validateAuthType(authTypes, "Request auth " + authTypes.toString().toLowerCase() + " API"); } From 037961aa3167598891de4046caaf53322251b999 Mon Sep 17 00:00:00 2001 From: Aravindhan Alagesan Date: Thu, 2 Nov 2023 15:18:32 +0530 Subject: [PATCH 8/9] Changes in test cases based on field name changes Signed-off-by: Aravindhan Alagesan --- .../java/io/mosip/resident/validator/RequestValidatorTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resident/resident-service/src/test/java/io/mosip/resident/validator/RequestValidatorTest.java b/resident/resident-service/src/test/java/io/mosip/resident/validator/RequestValidatorTest.java index 73a2682ce04..676d4542b9e 100644 --- a/resident/resident-service/src/test/java/io/mosip/resident/validator/RequestValidatorTest.java +++ b/resident/resident-service/src/test/java/io/mosip/resident/validator/RequestValidatorTest.java @@ -165,7 +165,7 @@ public void setup() { ReflectionTestUtils.setField(requestValidator, "euinId", "mosip.resident.euin"); ReflectionTestUtils.setField(requestValidator, "authHstoryId", "mosip.resident.authhistory"); ReflectionTestUtils.setField(requestValidator, "uinUpdateId", "mosip.resident.updateuin"); - ReflectionTestUtils.setField(requestValidator, "authTypes", "bio-FIR,bio-IIR"); + ReflectionTestUtils.setField(requestValidator, "allowedAuthTypes", "bio-FIR,bio-IIR"); ReflectionTestUtils.setField(requestValidator, "version", "v1"); ReflectionTestUtils.setField(requestValidator, "map", map); ReflectionTestUtils.setField(requestValidator, "authTypes", "otp,bio-FIR,bio-IIR,bio-FACE"); From a758e912656772ffcbaec74f72f06f07d8b58583 Mon Sep 17 00:00:00 2001 From: Aravindhan Alagesan Date: Thu, 2 Nov 2023 15:38:06 +0530 Subject: [PATCH 9/9] Added the condition to validate unlockfor second param to avoid confusion incase of authentication locked Signed-off-by: Aravindhan Alagesan --- .../io/mosip/resident/validator/RequestValidatorTest.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/resident/resident-service/src/test/java/io/mosip/resident/validator/RequestValidatorTest.java b/resident/resident-service/src/test/java/io/mosip/resident/validator/RequestValidatorTest.java index 676d4542b9e..3926e85964b 100644 --- a/resident/resident-service/src/test/java/io/mosip/resident/validator/RequestValidatorTest.java +++ b/resident/resident-service/src/test/java/io/mosip/resident/validator/RequestValidatorTest.java @@ -168,8 +168,8 @@ public void setup() { ReflectionTestUtils.setField(requestValidator, "allowedAuthTypes", "bio-FIR,bio-IIR"); ReflectionTestUtils.setField(requestValidator, "version", "v1"); ReflectionTestUtils.setField(requestValidator, "map", map); - ReflectionTestUtils.setField(requestValidator, "authTypes", "otp,bio-FIR,bio-IIR,bio-FACE"); - ReflectionTestUtils.setField(residentService, "authTypes", "otp,bio-FIR,bio-IIR,bio-FACE"); + ReflectionTestUtils.setField(requestValidator, "allowedAuthTypes", "otp,bio-FIR,bio-IIR,bio-FACE"); + ReflectionTestUtils.setField(residentService, "allowedAuthTypes", "otp,bio-FIR,bio-IIR,bio-FACE"); ReflectionTestUtils.setField(requestValidator, "mandatoryLanguages", "eng"); ReflectionTestUtils.setField(requestValidator, "optionalLanguages", "ara"); ReflectionTestUtils.setField(requestValidator, "reqResVersion", "1.0");