check server level FAPI config for fetching FAPI property

wso2-extensions · Oct 11, 2023 · 770e61a · 770e61a
1 parent 611e017
commit 770e61a
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 5 deletions.
diff --git a/...tity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java b/...tity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java
@@ -187,6 +187,7 @@ public final class OAuthConstants {
     public static final String REQUEST_BINDING_TYPE = "request";
     public static final String ORG_ID = "org_id";
     public static final String IS_FAPI_CONFORMANT_APP = "isFAPIConformant";
+    public static final String ENABLE_FAPI = "OAuth.OpenIDConnect.FAPI.EnableFAPIValidation";
 
     private OAuthConstants() {
 

diff --git a/....carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java b/....carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java
@@ -4907,11 +4907,15 @@ public static String resolveExternalConsentPageUrl(String tenantDomain) throws I
      */
     public static boolean isFapiConformantApp(String clientId) throws IdentityOAuth2Exception {
 
-        ServiceProvider serviceProvider = getServiceProvider(clientId);
-        ServiceProviderProperty[] serviceProviderProperties = serviceProvider.getSpProperties();
-        for (ServiceProviderProperty serviceProviderProperty : serviceProviderProperties) {
-            if (IS_FAPI_CONFORMANT_APP.equals(serviceProviderProperty.getName())) {
-                return Boolean.parseBoolean(serviceProviderProperty.getValue());
+        boolean enableFAPIValidation = IdentityUtil.getProperty(OAuthConstants.ENABLE_FAPI) != null ?
+                Boolean.parseBoolean(IdentityUtil.getProperty(OAuthConstants.ENABLE_FAPI)) : false;
+        if (enableFAPIValidation) {
+            ServiceProvider serviceProvider = getServiceProvider(clientId);
+            ServiceProviderProperty[] serviceProviderProperties = serviceProvider.getSpProperties();
+            for (ServiceProviderProperty serviceProviderProperty : serviceProviderProperties) {
+                if (IS_FAPI_CONFORMANT_APP.equals(serviceProviderProperty.getName())) {
+                    return Boolean.parseBoolean(serviceProviderProperty.getValue());
+                }
             }
         }
         return false;

diff --git a/...bon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/util/OAuth2UtilTest.java b/...bon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/util/OAuth2UtilTest.java
@@ -2520,6 +2520,8 @@ public void testIsFapiConformantApp(boolean isFapiConformant) throws Exception {
         serviceProvider.setSpProperties(new ServiceProviderProperty[]{fapiAppSpProperty});
         ApplicationManagementService applicationManagementService = mock(ApplicationManagementService.class);
         OAuth2ServiceComponentHolder.setApplicationMgtService(applicationManagementService);
+        mockStatic(IdentityUtil.class);
+        when(IdentityUtil.getProperty(anyString())).thenReturn("true");
         when(applicationManagementService.getServiceProviderByClientId(anyString(), anyString(), anyString()))
                 .thenReturn(serviceProvider);
         Assert.assertEquals(OAuth2Util.isFapiConformantApp(clientId), isFapiConformant);