diff --git a/components/org.wso2.carbon.identity.organization.discovery.service/src/main/java/org/wso2/carbon/identity/organization/discovery/service/AttributeBasedOrganizationDiscoveryHandler.java b/components/org.wso2.carbon.identity.organization.discovery.service/src/main/java/org/wso2/carbon/identity/organization/discovery/service/AttributeBasedOrganizationDiscoveryHandler.java index b6961f973..de700aaa6 100644 --- a/components/org.wso2.carbon.identity.organization.discovery.service/src/main/java/org/wso2/carbon/identity/organization/discovery/service/AttributeBasedOrganizationDiscoveryHandler.java +++ b/components/org.wso2.carbon.identity.organization.discovery.service/src/main/java/org/wso2/carbon/identity/organization/discovery/service/AttributeBasedOrganizationDiscoveryHandler.java @@ -60,4 +60,12 @@ boolean isDiscoveryConfigurationEnabled(String organizationId) * @return the list of events. */ List requiredEventValidations(); + + /** + * Check if the given discovery attribute values are in valid format. + * + * @param attributeValues The discovery attribute values. + * @return If the given discovery attribute values are in valid format. + */ + boolean areAttributeValuesInValidFormat(List attributeValues); } diff --git a/components/org.wso2.carbon.identity.organization.discovery.service/src/main/java/org/wso2/carbon/identity/organization/discovery/service/EmailDomainBasedDiscoveryHandler.java b/components/org.wso2.carbon.identity.organization.discovery.service/src/main/java/org/wso2/carbon/identity/organization/discovery/service/EmailDomainBasedDiscoveryHandler.java index c71b487a1..7a2481aff 100644 --- a/components/org.wso2.carbon.identity.organization.discovery.service/src/main/java/org/wso2/carbon/identity/organization/discovery/service/EmailDomainBasedDiscoveryHandler.java +++ b/components/org.wso2.carbon.identity.organization.discovery.service/src/main/java/org/wso2/carbon/identity/organization/discovery/service/EmailDomainBasedDiscoveryHandler.java @@ -30,6 +30,7 @@ import java.util.Collections; import java.util.List; import java.util.Optional; +import java.util.regex.Pattern; import static org.wso2.carbon.identity.organization.discovery.service.constant.DiscoveryConstants.PRE_ADD_USER_EMAIL_DOMAIN_VALIDATE; import static org.wso2.carbon.identity.organization.management.service.constant.OrganizationManagementConstants.ErrorMessages.ERROR_CODE_DISCOVERY_CONFIG_DISABLED; @@ -46,6 +47,7 @@ public class EmailDomainBasedDiscoveryHandler implements AttributeBasedOrganizat private static final String EMAIL_DOMAIN_DISCOVERY_ENABLE_CONFIG = "emailDomain.enable"; private static final OrganizationConfigManager organizationConfigManager = OrganizationDiscoveryServiceHolder .getInstance().getOrganizationConfigManager(); + private static final Pattern EMAIL_DOMAIN_PATTERN = Pattern.compile("^[A-Za-z0-9.-]+\\.[A-Za-z]{2,}$"); @Override public String getType() { @@ -88,4 +90,10 @@ public List requiredEventValidations() { return Collections.singletonList(PRE_ADD_USER_EMAIL_DOMAIN_VALIDATE); } + + @Override + public boolean areAttributeValuesInValidFormat(List attributeValues) { + + return attributeValues.stream().allMatch(emailDomain -> EMAIL_DOMAIN_PATTERN.matcher(emailDomain).matches()); + } } diff --git a/components/org.wso2.carbon.identity.organization.discovery.service/src/main/java/org/wso2/carbon/identity/organization/discovery/service/OrganizationDiscoveryManagerImpl.java b/components/org.wso2.carbon.identity.organization.discovery.service/src/main/java/org/wso2/carbon/identity/organization/discovery/service/OrganizationDiscoveryManagerImpl.java index da22d9592..b6a3c7879 100644 --- a/components/org.wso2.carbon.identity.organization.discovery.service/src/main/java/org/wso2/carbon/identity/organization/discovery/service/OrganizationDiscoveryManagerImpl.java +++ b/components/org.wso2.carbon.identity.organization.discovery.service/src/main/java/org/wso2/carbon/identity/organization/discovery/service/OrganizationDiscoveryManagerImpl.java @@ -41,6 +41,7 @@ import static org.wso2.carbon.identity.organization.management.service.constant.OrganizationManagementConstants.ErrorMessages.ERROR_CODE_DISCOVERY_CONFIG_DISABLED; import static org.wso2.carbon.identity.organization.management.service.constant.OrganizationManagementConstants.ErrorMessages.ERROR_CODE_DUPLICATE_DISCOVERY_ATTRIBUTE_TYPES; import static org.wso2.carbon.identity.organization.management.service.constant.OrganizationManagementConstants.ErrorMessages.ERROR_CODE_EMPTY_DISCOVERY_ATTRIBUTES; +import static org.wso2.carbon.identity.organization.management.service.constant.OrganizationManagementConstants.ErrorMessages.ERROR_CODE_INVALID_DISCOVERY_ATTRIBUTE_VALUE; import static org.wso2.carbon.identity.organization.management.service.constant.OrganizationManagementConstants.ErrorMessages.ERROR_CODE_INVALID_ORGANIZATION; import static org.wso2.carbon.identity.organization.management.service.constant.OrganizationManagementConstants.ErrorMessages.ERROR_CODE_UNAUTHORIZED_ORG_FOR_DISCOVERY_ATTRIBUTE_MANAGEMENT; import static org.wso2.carbon.identity.organization.management.service.constant.OrganizationManagementConstants.ErrorMessages.ERROR_CODE_UNSUPPORTED_DISCOVERY_ATTRIBUTE; @@ -159,14 +160,6 @@ public String getOrganizationIdByDiscoveryAttribute(String attributeType, String return null; } - private boolean isDiscoveryConfigurationEnabled(String rootOrganizationId, String type) throws - OrganizationManagementException { - - AttributeBasedOrganizationDiscoveryHandler attributeBasedOrganizationDiscoveryHandler = - OrganizationDiscoveryServiceHolder.getInstance().getAttributeBasedOrganizationDiscoveryHandler(type); - return attributeBasedOrganizationDiscoveryHandler.isDiscoveryConfigurationEnabled(rootOrganizationId); - } - private void validateRootOrganization(String rootOrganizationId, String organizationId) throws OrganizationManagementClientException { @@ -199,11 +192,17 @@ private void validateOrganizationDiscoveryAttributes(boolean excludeCurrentOrgan throw handleClientException(ERROR_CODE_UNSUPPORTED_DISCOVERY_ATTRIBUTE, attributeType); } - if (!isDiscoveryConfigurationEnabled(rootOrganizationId, attributeType)) { + AttributeBasedOrganizationDiscoveryHandler discoveryHandler = OrganizationDiscoveryServiceHolder + .getInstance().getAttributeBasedOrganizationDiscoveryHandler(attributeType); + + if (!discoveryHandler.isDiscoveryConfigurationEnabled(rootOrganizationId)) { throw handleClientException(ERROR_CODE_DISCOVERY_CONFIG_DISABLED, getOrganizationId()); } attribute.setValues(attribute.getValues().stream().distinct().collect(Collectors.toList())); + if (!discoveryHandler.areAttributeValuesInValidFormat(attribute.getValues())) { + throw handleClientException(ERROR_CODE_INVALID_DISCOVERY_ATTRIBUTE_VALUE, attributeType); + } boolean discoveryAttributeTaken = organizationDiscoveryDAO.isDiscoveryAttributeExistInHierarchy (excludeCurrentOrganization, rootOrganizationId, organizationId, attributeType, attribute.getValues()); diff --git a/pom.xml b/pom.xml index 7516e61fd..507c9cc2a 100644 --- a/pom.xml +++ b/pom.xml @@ -491,7 +491,7 @@ [1.0.0,2.0.0) - 1.0.72 + 1.0.77 [1.0.0,2.0.0)