Add conditional authentication functions for dynamic password migration

[ThaminduDilshan]

Purpose

Currently the approach to migrate users from external systems into WSO2 identity server is to export the user profiles from the existing systems and import into WSO2 Identity Server using the SCIM APIs. However with that method, it is not possible to import the hashed user passwords and have to trigger password resets for each user in the new system. This is not a preferred approach in many cases and need to provide a way to dynamically update user passwords on the fly.

Goals

Provide a way to dynamically update user passwords on the fly for the migrating users.

Approach

This can be achieved using a conditional authentication script. This PR introduces two conditional authentication functions to be used as helper functions for password migration processes. The functions will be as follows.

1. resolveMultiAttributeLoginIdentifier

   Function to resolve username from the provided login identifier when multi attribute login is enabled in the organization.

   Parameters:

   @param {String} loginIdentifier - User provided login identifier.
   @param {String} tenantDomain - Tenant domain/ organization name.
   @return {String} The resolved username.

   Sample usage:

   var username = resolveMultiAttributeLoginIdentifier(loginIdentifier, tenantDomain);

2. updateUserPassword

   Function to update the user password.

   Parameters:

   @param {JsAuthenticatedUser} user - User object.
   @param {String} newPassword - New user password.
   @param {Map<String, Object>} eventHandlers - (Optional) An optional map of callback event handlers.

   Sample usage:

   updateUserPassword(user, "newPassword");
   
   updateUserPassword(user, "newPassword", {
       onSuccess: function(context) {
           Log.info("Password updated successfully.");
       },
       onFail: function(context) {
           Log.info("Password update failed.");
       }
   });

Related issue

• Provide first class support for dynamic password migration from external systems wso2/product-is#20425

User stories

Summary of user stories addressed by this change>

Release note

Brief description of the new feature or bug fix as it will appear in the release notes

Documentation

Link(s) to product documentation that addresses the changes of this PR. If no doc impact, enter “N/A” plus brief explanation of why there’s no doc impact

Training

Link to the PR for changes to the training content in https://github.com/wso2/WSO2-Training, if applicable

Certification

Type “Sent” when you have provided new/updated certification questions, plus four answers for each question (correct answer highlighted in bold), based on this change. Certification questions/answers should be sent to [email protected] and NOT pasted in this PR. If there is no impact on certification exams, type “N/A” and explain why.

Marketing

Link to drafts of marketing content that will describe and promote this feature, including product page changes, technical articles, blog posts, videos, etc., if applicable

Automation tests

• Unit tests

  Code coverage information

• Integration tests

  Details about the test cases and coverage

Security checks

• Followed secure coding standards in http://wso2.com/technical-reports/wso2-secure-engineering-guidelines? yes/no
• Ran FindSecurityBugs plugin and verified report? yes/no
• Confirmed that this PR doesn't commit any keys, passwords, tokens, usernames, or other secrets? yes/no

Samples

Provide high-level details about the samples related to this feature

Related PRs

List any other related PRs

Migrations (if applicable)

Describe migration steps and platforms on which migration has been tested

Test environment

List all JDK versions, operating systems, databases, and browser/versions on which this feature/fix was tested

Learning

Describe the research phase and any blog posts, patterns, libraries, or add-ons you used to solve the problem.

[CLAassistant]

All committers have signed the CLA.

[ThaminduDilshan]

Unit test issue/ build is fixed with #160

[jenkins-is-staging]

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/9163077211

[jenkins-is-staging]

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/9163077211
Status: success

[jenkins-is-staging]

Approving the pull request based on the successful pr build https://github.com/wso2/product-is/actions/runs/9163077211