diff --git a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java index de0b98ec908..990f8267ac5 100644 --- a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java +++ b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java @@ -187,6 +187,7 @@ public final class OAuthConstants { public static final String REQUEST_BINDING_TYPE = "request"; public static final String ORG_ID = "org_id"; public static final String IS_FAPI_CONFORMANT_APP = "isFAPIConformant"; + public static final String ENABLE_FAPI = "OAuth.OpenIDConnect.FAPI.EnableFAPIValidation"; private OAuthConstants() { diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java index ea28e73f7ce..24bd61e3b60 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java @@ -4907,11 +4907,15 @@ public static String resolveExternalConsentPageUrl(String tenantDomain) throws I */ public static boolean isFapiConformantApp(String clientId) throws IdentityOAuth2Exception { - ServiceProvider serviceProvider = getServiceProvider(clientId); - ServiceProviderProperty[] serviceProviderProperties = serviceProvider.getSpProperties(); - for (ServiceProviderProperty serviceProviderProperty : serviceProviderProperties) { - if (IS_FAPI_CONFORMANT_APP.equals(serviceProviderProperty.getName())) { - return Boolean.parseBoolean(serviceProviderProperty.getValue()); + boolean enableFAPIValidation = IdentityUtil.getProperty(OAuthConstants.ENABLE_FAPI) != null ? + Boolean.parseBoolean(IdentityUtil.getProperty(OAuthConstants.ENABLE_FAPI)) : false; + if (enableFAPIValidation) { + ServiceProvider serviceProvider = getServiceProvider(clientId); + ServiceProviderProperty[] serviceProviderProperties = serviceProvider.getSpProperties(); + for (ServiceProviderProperty serviceProviderProperty : serviceProviderProperties) { + if (IS_FAPI_CONFORMANT_APP.equals(serviceProviderProperty.getName())) { + return Boolean.parseBoolean(serviceProviderProperty.getValue()); + } } } return false; diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/util/OAuth2UtilTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/util/OAuth2UtilTest.java index b293b26a461..947c1aec053 100644 --- a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/util/OAuth2UtilTest.java +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/util/OAuth2UtilTest.java @@ -2520,6 +2520,8 @@ public void testIsFapiConformantApp(boolean isFapiConformant) throws Exception { serviceProvider.setSpProperties(new ServiceProviderProperty[]{fapiAppSpProperty}); ApplicationManagementService applicationManagementService = mock(ApplicationManagementService.class); OAuth2ServiceComponentHolder.setApplicationMgtService(applicationManagementService); + mockStatic(IdentityUtil.class); + when(IdentityUtil.getProperty(anyString())).thenReturn("true"); when(applicationManagementService.getServiceProviderByClientId(anyString(), anyString(), anyString())) .thenReturn(serviceProvider); Assert.assertEquals(OAuth2Util.isFapiConformantApp(clientId), isFapiConformant);