Merge branch 'wso2:master' into improve-action-execute

.github/workflows/pr-builder.yml

@@ -40,3 +40,10 @@ jobs:
         run: mvn clean install -U -B
       - name: Delete SNAPSHOT artifacts
         run: find ~/.m2/repository/ -name "*-SNAPSHOT" -type d -print -prune -exec rm -r {} +
+      - name: Generate coverage report
+        run: mvn test jacoco:report
+      - name: Upload coverage reports to Codecov
+        uses: codecov/codecov-action@v4
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          files: target/site/jacoco/jacoco.xml

codecov.yml

@@ -0,0 +1,15 @@
+codecov:
+  require_ci_to_pass: yes
+  notify:
+    wait_for_ci: yes
+coverage:
+  status:
+    project: # checks the effect for the overall code coverage rate of the repository.
+      default:
+        enabled: yes
+        threshold: null
+        target: auto
+    patch:  # This status indicates the extent of code coverage achieved by the pull request.
+      default:
+        target: 80%
+        threshold: 40% # With a target of 80% and a threshold of 40%, the acceptable coverage range is 40% to 80%.

components/action-mgt/org.wso2.carbon.identity.action.execution/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <groupId>org.wso2.carbon.identity.framework</groupId>
         <artifactId>action-mgt</artifactId>
-        <version>7.4.16-SNAPSHOT</version>
+        <version>7.5.13-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
@@ -163,7 +163,7 @@
                                         <limit implementation="org.jacoco.report.check.Limit">
                                             <counter>LINE</counter>
                                             <value>COVEREDRATIO</value>
-                                            <minimum>0.80</minimum>
+                                            <minimum>0.79</minimum>
                                         </limit>
                                         <limit implementation="org.jacoco.report.check.Limit">
                                             <counter>COMPLEXITY</counter>

components/action-mgt/org.wso2.carbon.identity.action.execution/src/main/java/org/wso2/carbon/identity/action/execution/ActionExecutionResponseProcessor.java

@@ -21,10 +21,12 @@
 import org.wso2.carbon.identity.action.execution.exception.ActionExecutionResponseProcessorException;
 import org.wso2.carbon.identity.action.execution.model.ActionExecutionStatus;
 import org.wso2.carbon.identity.action.execution.model.ActionInvocationErrorResponse;
+import org.wso2.carbon.identity.action.execution.model.ActionInvocationFailureResponse;
 import org.wso2.carbon.identity.action.execution.model.ActionInvocationSuccessResponse;
 import org.wso2.carbon.identity.action.execution.model.ActionType;
 import org.wso2.carbon.identity.action.execution.model.Event;
 
+import java.util.HashMap;
 import java.util.Map;
 
 /**
@@ -45,4 +47,12 @@ ActionExecutionStatus processErrorResponse(Map<String, Object> eventContext,
                                                Event actionEvent,
                                                ActionInvocationErrorResponse errorResponse) throws
             ActionExecutionResponseProcessorException;
+
+    default ActionExecutionStatus processFailureResponse(Map<String, Object> eventContext,
+                                               Event actionEvent,
+                                               ActionInvocationFailureResponse failureResponse) throws
+            ActionExecutionResponseProcessorException {
+
+        return new ActionExecutionStatus(ActionExecutionStatus.Status.FAILED, new HashMap<>());
+    }
 }

components/action-mgt/org.wso2.carbon.identity.action.execution/src/main/java/org/wso2/carbon/identity/action/execution/ActionExecutionResponseProcessorFactory.java

@@ -38,6 +38,8 @@ public static ActionExecutionResponseProcessor getActionExecutionResponseProcess
         switch (actionType) {
             case PRE_ISSUE_ACCESS_TOKEN:
                 return actionInvocationResponseProcessors.get(ActionType.PRE_ISSUE_ACCESS_TOKEN);
+            case AUTHENTICATION:
+                return actionInvocationResponseProcessors.get(ActionType.AUTHENTICATION);
             default:
                 return null;
         }

components/action-mgt/org.wso2.carbon.identity.action.execution/src/main/java/org/wso2/carbon/identity/action/execution/ActionExecutorServiceImpl.java

@@ -32,6 +32,7 @@
 import org.wso2.carbon.identity.action.execution.model.ActionExecutionRequest;
 import org.wso2.carbon.identity.action.execution.model.ActionExecutionStatus;
 import org.wso2.carbon.identity.action.execution.model.ActionInvocationErrorResponse;
+import org.wso2.carbon.identity.action.execution.model.ActionInvocationFailureResponse;
 import org.wso2.carbon.identity.action.execution.model.ActionInvocationResponse;
 import org.wso2.carbon.identity.action.execution.model.ActionInvocationSuccessResponse;
 import org.wso2.carbon.identity.action.execution.model.ActionType;
@@ -46,7 +47,7 @@
 import org.wso2.carbon.identity.action.management.exception.ActionMgtException;
 import org.wso2.carbon.identity.action.management.model.Action;
 import org.wso2.carbon.identity.action.management.model.AuthProperty;
-import org.wso2.carbon.identity.action.management.model.AuthType;
+import org.wso2.carbon.identity.action.management.model.Authentication;
 
 import java.util.ArrayList;
 import java.util.List;
@@ -221,7 +222,7 @@ private ActionExecutionStatus executeAction(Action action,
                                                 ActionExecutionResponseProcessor actionExecutionResponseProcessor)
             throws ActionExecutionRuntimeException {
 
-        AuthType endpointAuthentication = action.getEndpoint().getAuthentication();
+        Authentication endpointAuthentication = action.getEndpoint().getAuthentication();
         AuthMethods.AuthMethod authenticationMethod;
 
         try {
@@ -280,6 +281,9 @@ private ActionExecutionStatus processActionResponse(Action action,
             return processSuccessResponse(action,
                     (ActionInvocationSuccessResponse) actionInvocationResponse.getResponse(),
                     eventContext, actionRequest, actionExecutionResponseProcessor);
+        } else if (actionInvocationResponse.isFailure() && actionInvocationResponse.getResponse() != null) {
+            return processFailureResponse(action, (ActionInvocationFailureResponse) actionInvocationResponse
+                    .getResponse(), eventContext, actionRequest, actionExecutionResponseProcessor);
         } else if (actionInvocationResponse.isError() && actionInvocationResponse.getResponse() != null) {
             return processErrorResponse(action, (ActionInvocationErrorResponse) actionInvocationResponse.getResponse(),
                     eventContext, actionRequest, actionExecutionResponseProcessor);
@@ -325,6 +329,19 @@ private ActionExecutionStatus processErrorResponse(Action action,
                 errorResponse);
     }
 
+    private ActionExecutionStatus processFailureResponse(Action action,
+                                                       ActionInvocationFailureResponse failureResponse,
+                                                       Map<String, Object> eventContext,
+                                                       ActionExecutionRequest actionRequest,
+                                                       ActionExecutionResponseProcessor
+                                                               actionExecutionResponseProcessor)
+            throws ActionExecutionResponseProcessorException {
+
+        logFailureResponse(action, failureResponse);
+        return actionExecutionResponseProcessor.processFailureResponse(eventContext, actionRequest.getEvent(),
+                failureResponse);
+    }
+
     private void logSuccessResponse(Action action, ActionInvocationSuccessResponse successResponse) {
 
         try {
@@ -364,6 +381,27 @@ private void logErrorResponse(Action action, ActionInvocationErrorResponse error
         }
     }
 
+    private void logFailureResponse(Action action, ActionInvocationFailureResponse failureResponse) {
+
+        if (LOG.isDebugEnabled()) {
+            // todo: add to diagnostic logs
+            try {
+                String responseBody = serializeFailureResponse(failureResponse);
+                LOG.debug(String.format(
+                        "Received failure response from API: %s for action type: %s action id: %s with " +
+                                "authentication: %s. Response: %s",
+                        action.getEndpoint().getUri(),
+                        action.getType().getActionType(),
+                        action.getId(),
+                        action.getEndpoint().getAuthentication().getType(),
+                        responseBody));
+            } catch (JsonProcessingException e) {
+                LOG.debug("Error occurred while deserializing the failure response for action: " +
+                        action.getId() + " for action type: " + action.getType().getActionType(), e);
+            }
+        }
+    }
+
     private void logErrorResponse(Action action, ActionInvocationResponse actionInvocationResponse) {
         // todo: add to diagnostic logs
         if (LOG.isDebugEnabled()) {
@@ -398,6 +436,12 @@ private String serializeErrorResponse(ActionInvocationErrorResponse response) th
         return objectMapper.writeValueAsString(response);
     }
 
+    private String serializeFailureResponse(ActionInvocationFailureResponse response) throws JsonProcessingException {
+
+        ObjectMapper objectMapper = new ObjectMapper();
+        return objectMapper.writeValueAsString(response);
+    }
+
     private List<PerformableOperation> validatePerformableOperations(ActionExecutionRequest request,
                                                                      ActionInvocationSuccessResponse response) {
 
@@ -429,12 +473,12 @@ private List<PerformableOperation> validatePerformableOperations(ActionExecution
         return allowedPerformableOperations;
     }
 
-    private AuthMethods.AuthMethod getAuthenticationMethod(String actionId, AuthType authType)
+    private AuthMethods.AuthMethod getAuthenticationMethod(String actionId, Authentication authentication)
             throws ActionMgtException {
 
-        List<AuthProperty> authProperties = authType.getPropertiesWithDecryptedValues(actionId);
+        List<AuthProperty> authProperties = authentication.getPropertiesWithDecryptedValues(actionId);
 
-        switch (authType.getType()) {
+        switch (authentication.getType()) {
             case BASIC:
                 return new AuthMethods.BasicAuth(authProperties);
             case BEARER:
@@ -444,7 +488,7 @@ private AuthMethods.AuthMethod getAuthenticationMethod(String actionId, AuthType
             case NONE:
                 return null;
             default:
-                throw new ActionMgtException("Unsupported authentication type: " + authType.getType());
+                throw new ActionMgtException("Unsupported authentication type: " + authentication.getType());
 
         }
     }

components/action-mgt/org.wso2.carbon.identity.action.execution/src/main/java/org/wso2/carbon/identity/action/execution/model/ActionInvocationFailureResponse.java

@@ -0,0 +1,106 @@
+/*
+ * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.action.execution.model;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import com.fasterxml.jackson.databind.annotation.JsonPOJOBuilder;
+
+/**
+ * This class is used to represent the failure response of an action invocation.
+ * This response will contain the failure reason and the failure description.
+ */
+@JsonDeserialize(builder = ActionInvocationFailureResponse.Builder.class)
+public class ActionInvocationFailureResponse implements ActionInvocationResponse.APIResponse {
+
+    private final ActionInvocationResponse.Status actionStatus;
+    private final String failureReason;
+    private final String failureDescription;
+
+    private ActionInvocationFailureResponse(ActionInvocationFailureResponse.Builder builder) {
+
+        this.actionStatus = builder.actionStatus;
+        this.failureReason = builder.failureReason;
+        this.failureDescription = builder.failureDescription;
+    }
+
+    public ActionInvocationResponse.Status getActionStatus() {
+
+        return actionStatus;
+    }
+
+    public String getFailureReason() {
+
+        return failureReason;
+    }
+
+    public String getFailureDescription() {
+
+        return failureDescription;
+    }
+
+    /**
+     * This class is used to build the {@link ActionInvocationFailureResponse}.
+     */
+    @JsonPOJOBuilder(withPrefix = "")
+    public static class Builder {
+
+        private ActionInvocationResponse.Status actionStatus;
+        private String failureReason;
+        private String failureDescription;
+
+        @JsonProperty("actionStatus")
+        public ActionInvocationFailureResponse.Builder actionStatus(ActionInvocationResponse.Status actionStatus) {
+
+            this.actionStatus = actionStatus;
+            return this;
+        }
+
+        @JsonProperty("failureReason")
+        public ActionInvocationFailureResponse.Builder failureReason(String failureReason) {
+
+            this.failureReason = failureReason;
+            return this;
+        }
+
+        @JsonProperty("failureDescription")
+        public ActionInvocationFailureResponse.Builder failureDescription(String failureDescription) {
+
+            this.failureDescription = failureDescription;
+            return this;
+        }
+
+        public ActionInvocationFailureResponse build() {
+
+            if (actionStatus == null) {
+                throw new IllegalArgumentException("The actionStatus must not be null.");
+            }
+
+            if (!ActionInvocationResponse.Status.FAILED.equals(actionStatus)) {
+                throw new IllegalArgumentException("The actionStatus must be FAILED.");
+            }
+
+            if (failureReason == null || failureReason.isEmpty()) {
+                throw new IllegalArgumentException("The failureReason cannot be null or empty.");
+            }
+
+            return new ActionInvocationFailureResponse(this);
+        }
+    }
+}

components/action-mgt/org.wso2.carbon.identity.action.execution/src/main/java/org/wso2/carbon/identity/action/execution/model/ActionInvocationResponse.java

@@ -45,6 +45,11 @@ public boolean isSuccess() {
         return Status.SUCCESS.equals(actionStatus);
     }
 
+    public boolean isFailure() {
+
+        return Status.FAILED.equals(actionStatus);
+    }
+
     public boolean isError() {
 
         return Status.ERROR.equals(actionStatus);
@@ -65,6 +70,7 @@ public String getErrorLog() {
      */
     public enum Status {
         SUCCESS,
+        FAILED,
         ERROR
     }
 

components/action-mgt/org.wso2.carbon.identity.action.execution/src/main/java/org/wso2/carbon/identity/action/execution/model/ActionType.java

@@ -24,4 +24,5 @@
  */
 public enum ActionType {
     PRE_ISSUE_ACCESS_TOKEN,
+    AUTHENTICATION
 }

components/action-mgt/org.wso2.carbon.identity.action.execution/src/main/java/org/wso2/carbon/identity/action/execution/model/Operation.java

@@ -29,7 +29,8 @@
 public enum Operation {
     ADD("add"),
     REMOVE("remove"),
-    REPLACE("replace");
+    REPLACE("replace"),
+    REDIRECT("redirect");
 
     private final String value;