From b5269ef9136a026f3a1e72b8cb0689de7c64f317 Mon Sep 17 00:00:00 2001
From: JeethJJ <jihanjeed49@gmail.com>
Date: Wed, 13 Dec 2023 09:43:50 +0530
Subject: [PATCH 1/5] Add user.onboard.core.service.

---
 .../pom.xml                                   | 126 +++++++++++++
 .../core/service/UserOnboardCoreService.java  |  39 ++++
 .../service/UserOnboardCoreServiceImpl.java   |  38 ++++
 .../UserOnboardServiceException.java          |  64 +++++++
 .../service/internal/ServiceComponent.java    |  52 ++++++
 .../core/service/model/Configuration.java     |  97 ++++++++++
 .../service/password/ResetLinkGenerator.java  | 168 ++++++++++++++++++
 .../service/util/UserOnboardCoreUtil.java     |  40 +++++
 .../pom.xml                                   |   9 +
 .../pom.xml                                   |  74 ++++++++
 pom.xml                                       |  20 +++
 11 files changed, 727 insertions(+)
 create mode 100644 components/org.wso2.carbon.identity.user.onboard.core.service/pom.xml
 create mode 100644 components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/UserOnboardCoreService.java
 create mode 100644 components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/UserOnboardCoreServiceImpl.java
 create mode 100644 components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/exception/UserOnboardServiceException.java
 create mode 100644 components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/internal/ServiceComponent.java
 create mode 100644 components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/model/Configuration.java
 create mode 100644 components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/password/ResetLinkGenerator.java
 create mode 100644 components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/util/UserOnboardCoreUtil.java
 create mode 100644 features/org.wso2.carbon.identity.user.onboard.core.service.feature/pom.xml

diff --git a/components/org.wso2.carbon.identity.user.onboard.core.service/pom.xml b/components/org.wso2.carbon.identity.user.onboard.core.service/pom.xml
new file mode 100644
index 0000000000..4c8d85d25f
--- /dev/null
+++ b/components/org.wso2.carbon.identity.user.onboard.core.service/pom.xml
@@ -0,0 +1,126 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ~ Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org).
+ ~
+ ~ WSO2 Inc. licenses this file to you under the Apache License,
+ ~ Version 2.0 (the "License"); you may not use this file except
+ ~ in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~    http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied.  See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+    <parent>
+        <groupId>org.wso2.carbon.identity.governance</groupId>
+        <artifactId>identity-governance</artifactId>
+        <version>1.8.98-SNAPSHOT</version>
+        <relativePath>../../pom.xml</relativePath>
+    </parent>
+
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>org.wso2.carbon.identity.user.onboard.core.service</artifactId>
+    <packaging>bundle</packaging>
+    <name>WSO2 Carbon - Offline User Onboard Management Feature</name>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.apache.felix</groupId>
+            <artifactId>org.apache.felix.scr.ds-annotations</artifactId>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon</groupId>
+            <artifactId>org.wso2.carbon.user.core</artifactId>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon</groupId>
+            <artifactId>org.wso2.carbon.utils</artifactId>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon</groupId>
+            <artifactId>org.wso2.carbon.user.api</artifactId>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon</groupId>
+            <artifactId>org.wso2.carbon.core.services</artifactId>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon.identity.framework</groupId>
+            <artifactId>org.wso2.carbon.identity.event</artifactId>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon.identity.framework</groupId>
+            <artifactId>org.wso2.carbon.identity.base</artifactId>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.wso2.config.mapper</groupId>
+            <artifactId>config-mapper</artifactId>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon.identity.governance</groupId>
+            <artifactId>org.wso2.carbon.identity.recovery</artifactId>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.felix</groupId>
+                <artifactId>maven-bundle-plugin</artifactId>
+                <extensions>true</extensions>
+                <configuration>
+                    <instructions>
+                        <Bundle-SymbolicName>
+                            ${project.artifactId}
+                        </Bundle-SymbolicName>
+                        <Private-Package>
+                            org.wso2.carbon.identity.user.onboard.core.service.internal
+                        </Private-Package>
+                        <Export-Package>
+                            !org.wso2.carbon.identity.user.onboard.core.service.internal,
+                            org.wso2.carbon.identity.user.onboard.core.service.*; version = "${project.version}"
+                        </Export-Package>
+                        <Import-Package>
+                            org.osgi.framework; version="${osgi.framework.imp.pkg.version.range}",
+                            org.osgi.service.component; version="${osgi.service.component.imp.pkg.version.range}",
+                            org.apache.commons.logging.*; version="${commons-logging.osgi.version.range}",
+                            org.apache.commons.lang.*; version="${commons-lang.osgi.version.range}",
+
+                            org.wso2.carbon.base.*; version="${carbon.kernel.package.import.version.range}",
+                            org.wso2.carbon.context.*; version="${carbon.kernel.package.import.version.range}",
+                            org.wso2.carbon.user.core.*; version="${carbon.kernel.package.import.version.range}",
+
+                            org.wso2.carbon.user.api.*; version="${carbon.user.api.imp.pkg.version.range}",
+
+                            org.wso2.carbon.identity.core.*; version="${project.version}",
+                            org.wso2.carbon.identity.application.*; version="${project.version}",
+                            org.wso2.carbon.identity.event.*; version="${project.version}",
+
+                            org.wso2.carbon.identity.recovery.*; version="${identity.governance.imp.pkg.version.range}",
+                            org.wso2.carbon.identity.governance.*; version="${identity.governance.imp.pkg.version.range}"
+                        </Import-Package>
+                        <!--This dynamic import is intentionally added as this is not loaded through the OSGI class loader.-->
+                        <DynamicImport-Package>org.wso2.config.mapper</DynamicImport-Package>
+                    </instructions>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
+
+</project>
\ No newline at end of file
diff --git a/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/UserOnboardCoreService.java b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/UserOnboardCoreService.java
new file mode 100644
index 0000000000..790b0fd4cc
--- /dev/null
+++ b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/UserOnboardCoreService.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.user.onboard.core.service;
+
+
+import org.wso2.carbon.identity.recovery.IdentityRecoveryException;
+import org.wso2.carbon.identity.user.onboard.core.service.exception.UserOnboardServiceException;;
+import org.wso2.carbon.identity.user.onboard.core.service.model.Configuration;
+
+/**
+ * Core OSGi service for user onboarding related utilities.
+ */
+public interface UserOnboardCoreService {
+
+    /**
+     * This method generate password reset link.
+     *
+     * @param configuration Invitation link configuration.
+     * @return password reset link.
+     * @throws UserOnboardServiceException
+     */
+    String generatePasswordResetLink(Configuration configuration) throws IdentityRecoveryException;
+}
diff --git a/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/UserOnboardCoreServiceImpl.java b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/UserOnboardCoreServiceImpl.java
new file mode 100644
index 0000000000..2ffb3be21a
--- /dev/null
+++ b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/UserOnboardCoreServiceImpl.java
@@ -0,0 +1,38 @@
+/*
+ * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.user.onboard.core.service;
+
+
+import org.wso2.carbon.identity.recovery.IdentityRecoveryException;
+import org.wso2.carbon.identity.user.onboard.core.service.model.Configuration;
+import org.wso2.carbon.identity.user.onboard.core.service.password.ResetLinkGenerator;
+
+/**
+ * Default implementation of the @see UserOnboardCoreService.
+ */
+public class UserOnboardCoreServiceImpl implements UserOnboardCoreService {
+
+    @Override
+    public String generatePasswordResetLink(Configuration configuration)
+            throws IdentityRecoveryException {
+
+        ResetLinkGenerator resetLinkGenerator = new ResetLinkGenerator();
+        return resetLinkGenerator.generateResetLink(configuration);
+    }
+}
diff --git a/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/exception/UserOnboardServiceException.java b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/exception/UserOnboardServiceException.java
new file mode 100644
index 0000000000..c590aa3384
--- /dev/null
+++ b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/exception/UserOnboardServiceException.java
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.user.onboard.core.service.exception;
+
+/**
+ * Generic exception that is thrown when there is an error in the user onboard core services.
+ */
+public class UserOnboardServiceException extends Exception {
+
+    /**
+     * Creates UserOnboardCoreService Exception.
+     */
+    public UserOnboardServiceException() {
+
+        super();
+    }
+
+    /**
+     * Creates UserOnboardCoreService Exception.
+     *
+     * @param message Error message.
+     */
+    public UserOnboardServiceException(String message) {
+
+        super(message);
+    }
+
+    /**
+     * Creates UserOnboardCoreService Exception.
+     *
+     * @param throwable Error or exception.
+     */
+    public UserOnboardServiceException(Throwable throwable) {
+
+        super(throwable);
+    }
+
+    /**
+     * Creates UserOnboardCoreService Exception.
+     *
+     * @param message Error message.
+     * @param throwable Errors or Exception.
+     */
+    public UserOnboardServiceException(String message, Throwable throwable) {
+
+        super(message, throwable);
+    }
+}
diff --git a/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/internal/ServiceComponent.java b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/internal/ServiceComponent.java
new file mode 100644
index 0000000000..c9a8f396bc
--- /dev/null
+++ b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/internal/ServiceComponent.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.user.onboard.core.service.internal;
+
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.osgi.service.component.ComponentContext;
+import org.osgi.service.component.annotations.Activate;
+import org.osgi.service.component.annotations.Component;
+import org.wso2.carbon.identity.user.onboard.core.service.UserOnboardCoreService;
+import org.wso2.carbon.identity.user.onboard.core.service.UserOnboardCoreServiceImpl;
+
+/**
+ * Service component class of the user onboard manager core service.
+ */
+@Component(
+        name = "org.wso2.carbon.identity.api.user.onboard.core.service.component",
+        immediate = true
+)
+public class ServiceComponent {
+
+    private static final Log LOG = LogFactory.getLog(ServiceComponent.class);
+
+    @Activate
+    protected void activate(ComponentContext componentContext) {
+
+        try {
+            componentContext.getBundleContext().registerService(UserOnboardCoreService.class.getName(),
+                    new UserOnboardCoreServiceImpl(), null);
+            LOG.info("User onboard api core service component activated successfully.");
+        } catch (Throwable throwable) {
+            LOG.error("Failed to activate the User onboard api core service component.", throwable);
+        }
+    }
+}
diff --git a/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/model/Configuration.java b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/model/Configuration.java
new file mode 100644
index 0000000000..d9edef2368
--- /dev/null
+++ b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/model/Configuration.java
@@ -0,0 +1,97 @@
+/*
+ * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.user.onboard.core.service.model;
+
+
+/**
+ * This class holds the configuration of the invite-link.
+ */
+public class Configuration {
+
+    private String username;
+    private String userStore;
+    private String tenantDomain;
+
+    /**
+     * Creates Configuration object.
+     *
+     * @param username      Username of the user to whom the invite-link should be generated.
+     * @param userstore     User store where the user belongs to.
+     * @param tenantDomain  Tenant name where the user belongs to.
+     */
+    public Configuration(String username, String userstore, String tenantDomain) {
+        this.username = username;
+        this.userStore = userstore;
+        this.tenantDomain = tenantDomain;
+    }
+
+    /**
+     * Method to get the username.
+     *
+     * @return username string.
+     */
+    public String getUsername() {
+        return this.username;
+    }
+
+    /**
+     * Get user store name of the user.
+     *
+     * @return user store domain name.
+     */
+    public String getUserStore() {
+        return this.userStore;
+    }
+
+    /**
+     * Get the name of the tenant.
+     *
+     * @return tenant domain name.
+     */
+    public String getTenantDomain() {
+        return this.tenantDomain;
+    }
+
+    /**
+     * Set the username to the configuration.
+     *
+     * @param username  the username of the user.
+     */
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    /**
+     * Set the user store domain to the configuration.
+     *
+     * @param userStore the user store domain name.
+     */
+    public void setUserStore(String userStore) {
+        this.userStore = userStore;
+    }
+
+    /**
+     * Set tenant domain to the configuration.
+     *
+     * @param tenantDomain tenant domain name.
+     */
+    public void setTenantDomain(String tenantDomain) {
+        this.tenantDomain = tenantDomain;
+    }
+}
diff --git a/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/password/ResetLinkGenerator.java b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/password/ResetLinkGenerator.java
new file mode 100644
index 0000000000..c93ed6d5e9
--- /dev/null
+++ b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/password/ResetLinkGenerator.java
@@ -0,0 +1,168 @@
+/*
+ * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.user.onboard.core.service.password;
+
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.context.CarbonContext;
+import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
+import org.wso2.carbon.identity.application.common.model.User;
+import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
+import org.wso2.carbon.identity.core.util.IdentityUtil;
+import org.wso2.carbon.identity.governance.service.notification.NotificationChannels;
+import org.wso2.carbon.identity.recovery.IdentityRecoveryConstants;
+import org.wso2.carbon.identity.recovery.IdentityRecoveryException;
+import org.wso2.carbon.identity.recovery.RecoveryScenarios;
+import org.wso2.carbon.identity.recovery.RecoverySteps;
+import org.wso2.carbon.identity.recovery.internal.IdentityRecoveryServiceDataHolder;
+import org.wso2.carbon.identity.recovery.model.UserRecoveryData;
+import org.wso2.carbon.identity.recovery.store.JDBCRecoveryDataStore;
+import org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore;
+import org.wso2.carbon.identity.recovery.util.Utils;
+import org.wso2.carbon.identity.user.onboard.core.service.model.Configuration;
+import org.wso2.carbon.user.api.UserStoreException;
+import org.wso2.carbon.user.api.UserStoreManager;
+import org.wso2.carbon.user.core.common.AbstractUserStoreManager;
+
+/**
+ * Generates the password reset link for the user.
+ */
+public class ResetLinkGenerator {
+    private static final Log LOG = LogFactory.getLog(ResetLinkGenerator.class);
+
+    /**
+     * Generate a unique password reset link for the given user.
+     *
+     * @param configuration Link generation configuration.
+     * @return Generated unique link.
+     * @throws IdentityRecoveryException on an error.
+     */
+    public String generateResetLink(Configuration configuration) throws IdentityRecoveryException {
+
+        User user = new User();
+        user.setUserName(configuration.getUsername());
+        user.setTenantDomain(configuration.getTenantDomain());
+        user.setUserStoreDomain(configuration.getUserStore());
+
+        if (!isValidUserStoreExists(user.getUserStoreDomain())) {
+            throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_USER_STORE_INVALID,
+                    user.getUserStoreDomain());
+        }
+
+        if (!isExistingUser(user)) {
+            // If the user does not exist, Check for NOTIFY_USER_EXISTENCE property. If the property is not
+            // enabled, notify with an empty NotificationResponseBean.
+            throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_USER,
+                    user.getUserName());
+        }
+        if (Utils.isAccountDisabled(user)) {
+            // If the NotifyUserAccountStatus is disabled, notify with an empty NotificationResponseBean.
+            throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_DISABLED_ACCOUNT,
+                    user.getUserName());
+        }
+        if (Utils.isAccountLocked(user)) {
+            // If the NotifyUserAccountStatus is disabled, notify with an empty NotificationResponseBean.
+            throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_LOCKED_ACCOUNT,
+                    user.getUserName());
+        }
+
+        UserRecoveryData recoveryDataDO = generateNewConfirmationCode(user, NotificationChannels.EXTERNAL_CHANNEL
+                .getChannelType());
+        String secretKey = recoveryDataDO.getSecret();
+
+        String serverHost = ConfigurationFacade.getInstance().getAccountRecoveryEndpointPath();
+
+        return String.format("%s/confirmrecovery.do?confirmation=%s", serverHost, secretKey);
+    }
+
+    /**
+     * Generates the new confirmation code details for a corresponding user.
+     *
+     * @param user                Details of the user that needs the confirmation code.
+     * @param notificationChannel Method to send the recovery information. eg : EMAIL, SMS.
+     * @return Created recovery data object.
+     * @throws IdentityRecoveryException Error while generating the recovery information.
+     */
+    private UserRecoveryData generateNewConfirmationCode(User user, String notificationChannel)
+            throws IdentityRecoveryException {
+
+        UserRecoveryDataStore userRecoveryDataStore = JDBCRecoveryDataStore.getInstance();
+        userRecoveryDataStore.invalidate(user);
+        String secretKey = Utils.generateSecretKey(notificationChannel, user.getTenantDomain(),
+                RecoveryScenarios.NOTIFICATION_BASED_PW_RECOVERY.name());
+        UserRecoveryData recoveryDataDO = new UserRecoveryData(user, secretKey,
+                RecoveryScenarios.NOTIFICATION_BASED_PW_RECOVERY, RecoverySteps.UPDATE_PASSWORD);
+
+        // Store the notified channel in the recovery object for future reference.
+        recoveryDataDO.setRemainingSetIds(notificationChannel);
+        userRecoveryDataStore.store(recoveryDataDO);
+        return recoveryDataDO;
+    }
+
+    /**
+     * Check for user existence.
+     *
+     * @param user User
+     * @return True if the user exists
+     * @throws IdentityRecoveryException Error while checking user existence
+     */
+    private boolean isExistingUser(User user) throws IdentityRecoveryException {
+
+        try {
+            int tenantId = IdentityTenantUtil.getTenantId(user.getTenantDomain());
+            UserStoreManager userStoreManager;
+            userStoreManager = IdentityRecoveryServiceDataHolder.getInstance().getRealmService().
+                    getTenantUserRealm(tenantId).getUserStoreManager();
+            String domainQualifiedUsername = IdentityUtil
+                    .addDomainToName(user.getUserName(), user.getUserStoreDomain());
+            if (!userStoreManager.isExistingUser(domainQualifiedUsername)) {
+                if (LOG.isDebugEnabled()) {
+                    LOG.debug("No user found for recovery with username: " + user.toFullQualifiedUsername());
+                }
+                return false;
+            }
+            return true;
+        } catch (UserStoreException e) {
+            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED, null, e);
+        }
+    }
+
+    /**
+     * To check whether valid type user store is exist.
+     *
+     * @param userStoreDomain User store domain name.
+     * @return True if valid type user store exist for given domain id.
+     * @throws UserStoreException If an error occurred while getting the user store manager.
+     */
+    private boolean isValidUserStoreExists(String userStoreDomain) throws IdentityRecoveryException {
+
+        UserStoreManager userStoreManager;
+        try {
+            userStoreManager = ((AbstractUserStoreManager) CarbonContext.getThreadLocalCarbonContext().getUserRealm()
+                    .getUserStoreManager()).getSecondaryUserStoreManager(userStoreDomain);
+        } catch (UserStoreException e) {
+            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED, null, e);
+        }
+        if (userStoreManager == null) {
+            return false;
+        }
+        return true;
+    }
+}
diff --git a/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/util/UserOnboardCoreUtil.java b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/util/UserOnboardCoreUtil.java
new file mode 100644
index 0000000000..91725a47e8
--- /dev/null
+++ b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/util/UserOnboardCoreUtil.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.user.onboard.core.service.util;
+
+/**
+ * This class has the miscellaneous functions related to the user onboard core service.
+ */
+public class UserOnboardCoreUtil {
+
+    private static final String DOMAIN_SEPARATOR = "/";
+
+    /**
+     * Get the domain name of the user.
+     * @param domainQualifiedUsername Username with user store domain.
+     * @return Domain name as a string.
+     */
+    public static String getUserDomainName(String domainQualifiedUsername) {
+        int index = domainQualifiedUsername.indexOf(DOMAIN_SEPARATOR);
+        if (index > 0) {
+            return domainQualifiedUsername.substring(0, index);
+        }
+        return null;
+    }
+}
diff --git a/features/org.wso2.carbon.identity.governance.feature/pom.xml b/features/org.wso2.carbon.identity.governance.feature/pom.xml
index 20a11ff4b7..de6c7a405b 100644
--- a/features/org.wso2.carbon.identity.governance.feature/pom.xml
+++ b/features/org.wso2.carbon.identity.governance.feature/pom.xml
@@ -99,6 +99,12 @@
             <version>${project.version}</version>
             <type>zip</type>
         </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon.identity.governance</groupId>
+            <artifactId>org.wso2.carbon.identity.user.onboard.core.service.feature</artifactId>
+            <version>${project.version}</version>
+            <type>zip</type>
+        </dependency>
     </dependencies>
 
     <build>
@@ -154,6 +160,9 @@
                                 <includedFeatureDef>
                                     org.wso2.carbon.identity.governance:org.wso2.carbon.identity.auth.attribute.handler.server.feature
                                 </includedFeatureDef>
+                                <includedFeatureDef>
+                                    org.wso2.carbon.identity.governance:org.wso2.carbon.identity.user.onboard.core.service.feature
+                                </includedFeatureDef>
                             </includedFeatures>
                         </configuration>
                     </execution>
diff --git a/features/org.wso2.carbon.identity.user.onboard.core.service.feature/pom.xml b/features/org.wso2.carbon.identity.user.onboard.core.service.feature/pom.xml
new file mode 100644
index 0000000000..a7c6c4e570
--- /dev/null
+++ b/features/org.wso2.carbon.identity.user.onboard.core.service.feature/pom.xml
@@ -0,0 +1,74 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!--
+  ~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+  ~
+  ~ Licensed under the Apache License, Version 2.0 (the "License");
+  ~ you may not use this file except in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+    <parent>
+        <groupId>org.wso2.carbon.identity.governance</groupId>
+        <artifactId>identity-governance</artifactId>
+        <version>1.8.98-SNAPSHOT</version>
+        <relativePath>../../pom.xml</relativePath>
+    </parent>
+
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>org.wso2.carbon.identity.user.onboard.core.service.feature</artifactId>
+    <packaging>pom</packaging>
+    <name>WSO2 Carbon - Offline User Onboard Management Feature</name>
+    <url>http://wso2.org</url>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.wso2.carbon.identity.governance</groupId>
+            <artifactId>org.wso2.carbon.identity.user.onboard.core.service</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.wso2.maven</groupId>
+                <artifactId>carbon-p2-plugin</artifactId>
+                <version>${carbon.p2.plugin.version}</version>
+                <executions>
+                    <execution>
+                        <id>p2-feature-generation</id>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>p2-feature-gen</goal>
+                        </goals>
+                        <configuration>
+                            <id>org.wso2.carbon.identity.user.onboard.core.service</id>
+                            <propertiesFile>../../etc/feature.properties</propertiesFile>
+                            <adviceFile>
+                                <properties>
+                                    <propertyDef>org.wso2.carbon.p2.category.type:server</propertyDef>
+                                </properties>
+                            </adviceFile>
+                            <bundles>
+                                <bundleDef>
+                                    org.wso2.carbon.identity.governance:org.wso2.carbon.identity.user.onboard.core.service
+                                </bundleDef>
+                            </bundles>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+
+</project>
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index ad41c1b6b7..0497153d0e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -61,6 +61,7 @@
         <module>components/org.wso2.carbon.identity.auth.attribute.handler</module>
         <module>components/org.wso2.carbon.identity.password.expiry</module>
         <module>components/org.wso2.carbon.identity.idle.account.identification</module>
+        <module>components/org.wso2.carbon.identity.user.onboard.core.service</module>
 
         <module>features/org.wso2.carbon.identity.recovery.server.feature</module>
         <module>features/org.wso2.carbon.identity.user.server.feature</module>
@@ -76,6 +77,7 @@
         <module>features/org.wso2.carbon.identity.multi.attribute.login.service.server.feature</module>
         <module>features/org.wso2.carbon.identity.auth.attribute.handler.server.feature</module>
         <module>features/org.wso2.carbon.identity.password.expiry.server.feature</module>
+        <module>features/org.wso2.carbon.identity.user.onboard.core.service.feature</module>
     </modules>
 
     <dependencyManagement>
@@ -526,6 +528,21 @@
                 <artifactId>pax-logging-api</artifactId>
                 <version>${pax.logging.api.version}</version>
             </dependency>
+            <dependency>
+                <groupId>org.wso2.carbon.identity.governance</groupId>
+                <artifactId>org.wso2.carbon.identity.user.onboard.core.service</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.wso2.carbon</groupId>
+                <artifactId>org.wso2.carbon.core.services</artifactId>
+                <version>${carbon.kernel.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.wso2.config.mapper</groupId>
+                <artifactId>config-mapper</artifactId>
+                <version>${config.mapper.version}</version>
+            </dependency>
         </dependencies>
     </dependencyManagement>
 
@@ -662,6 +679,7 @@
         <commons-io.wso2.version>2.4.0.wso2v1</commons-io.wso2.version>
         <commons.io.wso2.osgi.version.range>[2.4.0,3.0.0)</commons.io.wso2.osgi.version.range>
         <commons-logging.osgi.version.range>[1.2.0,2.0.0)</commons-logging.osgi.version.range>
+        <commons-lang.osgi.version.range>[2.6.0, 3.0.0)</commons-lang.osgi.version.range>
         <imp.pkg.version.javax.servlet>[2.6.0, 3.0.0)</imp.pkg.version.javax.servlet>
         <apache.felix.scr.ds.annotations.version>1.2.4</apache.felix.scr.ds.annotations.version>
         <equinox.osgi.services.version>3.5.100.v20160504-1419</equinox.osgi.services.version>
@@ -742,6 +760,8 @@
 
         <org.wso2.securevault.version>1.1.3</org.wso2.securevault.version>
         <org.wso2.securevault.import.version.range>[1.1.0, 2.0.0)</org.wso2.securevault.import.version.range>
+
+        <config.mapper.version>1.0.13</config.mapper.version>
     </properties>
 
 </project>

From 9fcec982b94d021691977c63076cb7fc63700d4c Mon Sep 17 00:00:00 2001
From: JeethJJ <jihanjeed49@gmail.com>
Date: Wed, 13 Dec 2023 10:21:41 +0530
Subject: [PATCH 2/5] Update version range.

---
 .../pom.xml                                              | 9 ++++-----
 .../pom.xml                                              | 2 +-
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/components/org.wso2.carbon.identity.user.onboard.core.service/pom.xml b/components/org.wso2.carbon.identity.user.onboard.core.service/pom.xml
index 4c8d85d25f..c09d0ca07c 100644
--- a/components/org.wso2.carbon.identity.user.onboard.core.service/pom.xml
+++ b/components/org.wso2.carbon.identity.user.onboard.core.service/pom.xml
@@ -107,9 +107,9 @@
 
                             org.wso2.carbon.user.api.*; version="${carbon.user.api.imp.pkg.version.range}",
 
-                            org.wso2.carbon.identity.core.*; version="${project.version}",
-                            org.wso2.carbon.identity.application.*; version="${project.version}",
-                            org.wso2.carbon.identity.event.*; version="${project.version}",
+                            org.wso2.carbon.identity.core.*; version="${carbon.identity.framework.imp.pkg.version.range}",
+                            org.wso2.carbon.identity.application.*; version="${carbon.identity.framework.imp.pkg.version.range}",
+                            org.wso2.carbon.identity.event.*; version="${carbon.identity.framework.imp.pkg.version.range}",
 
                             org.wso2.carbon.identity.recovery.*; version="${identity.governance.imp.pkg.version.range}",
                             org.wso2.carbon.identity.governance.*; version="${identity.governance.imp.pkg.version.range}"
@@ -122,5 +122,4 @@
         </plugins>
     </build>
 
-
-</project>
\ No newline at end of file
+</project>
diff --git a/features/org.wso2.carbon.identity.user.onboard.core.service.feature/pom.xml b/features/org.wso2.carbon.identity.user.onboard.core.service.feature/pom.xml
index a7c6c4e570..aed6c8c265 100644
--- a/features/org.wso2.carbon.identity.user.onboard.core.service.feature/pom.xml
+++ b/features/org.wso2.carbon.identity.user.onboard.core.service.feature/pom.xml
@@ -71,4 +71,4 @@
         </plugins>
     </build>
 
-</project>
\ No newline at end of file
+</project>

From c3fb9611fc6bf3e71a7db4f03c901b1f268bcec9 Mon Sep 17 00:00:00 2001
From: JeethJJ <jihanjeed49@gmail.com>
Date: Wed, 13 Dec 2023 10:44:26 +0530
Subject: [PATCH 3/5] Improve debug log.

---
 .../onboard/core/service/password/ResetLinkGenerator.java  | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/password/ResetLinkGenerator.java b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/password/ResetLinkGenerator.java
index c93ed6d5e9..88f8bc5f0e 100644
--- a/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/password/ResetLinkGenerator.java
+++ b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/password/ResetLinkGenerator.java
@@ -134,7 +134,12 @@ private boolean isExistingUser(User user) throws IdentityRecoveryException {
                     .addDomainToName(user.getUserName(), user.getUserStoreDomain());
             if (!userStoreManager.isExistingUser(domainQualifiedUsername)) {
                 if (LOG.isDebugEnabled()) {
-                    LOG.debug("No user found for recovery with username: " + user.toFullQualifiedUsername());
+                    String username = user.toFullQualifiedUsername();
+                    if (username != null) {
+                        LOG.debug("No user found for recovery with username: " + username);
+                    } else {
+                        LOG.debug("No user found for recovery.");
+                    }
                 }
                 return false;
             }

From 9c790f4f6fdd38be40c7a6f4e8964a71dd7e126e Mon Sep 17 00:00:00 2001
From: JeethJJ <jihanjeed49@gmail.com>
Date: Wed, 13 Dec 2023 10:52:16 +0530
Subject: [PATCH 4/5] Improve debug log.

---
 .../onboard/core/service/password/ResetLinkGenerator.java  | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/password/ResetLinkGenerator.java b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/password/ResetLinkGenerator.java
index 88f8bc5f0e..f07b02fb7c 100644
--- a/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/password/ResetLinkGenerator.java
+++ b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/password/ResetLinkGenerator.java
@@ -134,12 +134,7 @@ private boolean isExistingUser(User user) throws IdentityRecoveryException {
                     .addDomainToName(user.getUserName(), user.getUserStoreDomain());
             if (!userStoreManager.isExistingUser(domainQualifiedUsername)) {
                 if (LOG.isDebugEnabled()) {
-                    String username = user.toFullQualifiedUsername();
-                    if (username != null) {
-                        LOG.debug("No user found for recovery with username: " + username);
-                    } else {
-                        LOG.debug("No user found for recovery.");
-                    }
+                    LOG.debug("No user found for provided username");
                 }
                 return false;
             }

From dd586c3e93148af88d54be5e419ac06e5746bdeb Mon Sep 17 00:00:00 2001
From: JeethJJ <jihanjeed49@gmail.com>
Date: Wed, 13 Dec 2023 11:35:41 +0530
Subject: [PATCH 5/5] Remove unwanted new lines

---
 .../identity/user/onboard/core/service/model/Configuration.java  | 1 -
 .../user/onboard/core/service/password/ResetLinkGenerator.java   | 1 -
 2 files changed, 2 deletions(-)

diff --git a/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/model/Configuration.java b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/model/Configuration.java
index d9edef2368..c52481d522 100644
--- a/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/model/Configuration.java
+++ b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/model/Configuration.java
@@ -18,7 +18,6 @@
 
 package org.wso2.carbon.identity.user.onboard.core.service.model;
 
-
 /**
  * This class holds the configuration of the invite-link.
  */
diff --git a/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/password/ResetLinkGenerator.java b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/password/ResetLinkGenerator.java
index f07b02fb7c..4cbae3c2d8 100644
--- a/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/password/ResetLinkGenerator.java
+++ b/components/org.wso2.carbon.identity.user.onboard.core.service/src/main/java/org/wso2/carbon/identity/user/onboard/core/service/password/ResetLinkGenerator.java
@@ -18,7 +18,6 @@
 
 package org.wso2.carbon.identity.user.onboard.core.service.password;
 
-
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.context.CarbonContext;