wso2 · Thisara-Welmilla · Dec 10, 2024 · Dec 4, 2024 · Dec 5, 2024 · Dec 5, 2024
diff --git a/...ackend/src/test/java/org/wso2/identity/integration/test/rest/api/common/RESTTestBase.java b/...ackend/src/test/java/org/wso2/identity/integration/test/rest/api/common/RESTTestBase.java
@@ -674,6 +674,27 @@ protected Response getResponseOfPut(String endpointUri, String body) {
                 .put(endpointUri);
     }
 
+    /**
+     * Invoke given endpointUri for PUT with given body and Basic authentication, authentication credential being the
+     * authenticatingUserName and authenticatingCredential
+     * This implementation does not incorporate any additional filters.
+     *
+     * @param endpointUri endpoint to be invoked
+     * @param body        payload
+     * @return response
+     */
+    protected Response getResponseOfPutWithNoFilter(String endpointUri, String body) {
+
+        return given().auth().preemptive().basic(authenticatingUserName, authenticatingCredential)
+                .contentType(ContentType.JSON)
+                .header(HttpHeaders.ACCEPT, ContentType.JSON)
+                .body(body)
+                .log().ifValidationFails()
+                .when()
+                .log().ifValidationFails()
+                .put(endpointUri);
+    }
+
     /**
      * Invoke given endpointUri for PUT with given body and Basic authentication, authentication credential being the
      * authenticatingUserName and authenticatingCredential

diff --git a/...c/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java b/...c/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java
@@ -17,6 +17,7 @@
 package org.wso2.identity.integration.test.rest.api.server.idp.v1;
 
 import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import io.restassured.RestAssured;
 import io.restassured.response.Response;
 import org.apache.commons.lang.StringUtils;
@@ -56,6 +57,10 @@ public class IdPFailureTest extends IdPTestBase {
     private static final String FEDERATED_AUTHENTICATOR_PLACEHOLDER_1 = "\"<FEDERATED_AUTHENTICATOR_1>\"";
     private static final String FEDERATED_AUTHENTICATOR_PLACEHOLDER_2 = "\"<FEDERATED_AUTHENTICATOR_2>\"";
     private static final String IDP_NAME_PLACEHOLDER = "<IDP_NAME>";
+    private static final String OIDC_IDP_NAME_PLACEHOLDER = "<OIDC_IDP_NAME>";
+    private static final String METADATA_SAML_PLACEHOLDER = "<METADATA_SAML>";
+    private static final String OIDC_SCOPES_PLACEHOLDER = "\"<OIDC_SCOPES>\"";
+    private static final String AUTHENTICATOR_PROPERTIES_PLACEHOLDER = "\"<AUTHENTICATOR_PROPERTIES>\"";
     private static final String CUSTOM_IDP_NAME = "CustomAuthIDP";
     private static final String USER_DEFINED_AUTHENTICATOR_ID_1 = "Y3VzdG9tQXV0aGVudGljYXRvcjE=";
     private static final String USER_DEFINED_AUTHENTICATOR_ID_2 = "Y3VzdG9tQXV0aGVudGljYXRvcg==";
@@ -140,6 +145,24 @@ public void addIdPWithDuplicateProperties() throws IOException {
         validateErrorResponse(response, HttpStatus.SC_BAD_REQUEST, "IDP-60025");
     }
 
+    @Test
+    public void testAddIdPWithDuplicatedPropertyKeys() throws IOException {
+
+        String addIdpPayload = readResource("add-idp.json");
+        String duplicatedProperties = convertDuplicatedPropertiesToJson(
+                createAuthenticatorProperties("username","admin"),
+                createAuthenticatorProperties("username", "adminTest"));
+        String body = addIdpPayload.replace(AUTHENTICATOR_PROPERTIES_PLACEHOLDER, duplicatedProperties);
+
+        Response response = getResponseOfPost(IDP_API_BASE_PATH, body);
+        response.then()
+                .log().ifValidationFails()
+                .assertThat()
+                .statusCode(HttpStatus.SC_BAD_REQUEST)
+                .body("message", equalTo("Invalid input."))
+                .body("description", equalTo("One of the given inputs is invalid. Duplicate properties are " +
+                        "found in the request."));
+    }
 
     @Test(dependsOnMethods = {"addIdPConflict"})
     public void testGetIdPFederatedAuthenticatorWithInvalidAuthId() {
@@ -547,8 +570,13 @@ private Response createUserDefAuthenticator(String idpName, UserDefinedAuthentic
     @Test
     public void testUpdateIdPWithDuplicateOIDCScopes() throws IOException {
 
-        String body = readResource("add-idp-oidc-standard-based.json");
-        Response response = getResponseOfPost(IDP_API_BASE_PATH, body);
+        String oidcIdpPayload = readResource("add-oidc-idp.json");
+        String oidcScopesProperties = convertDuplicatedPropertiesToJson(
+                createAuthenticatorProperties("Scopes","openid country profile"), null);
+        String body = oidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, oidcScopesProperties);
+        body = body.replace(OIDC_IDP_NAME_PLACEHOLDER, "OIDC-IdP-3");
+
+        Response response = getResponseOfPostNoFilter(IDP_API_BASE_PATH, body);
         response.then()
                 .log().ifValidationFails()
                 .assertThat()
@@ -561,8 +589,13 @@ public void testUpdateIdPWithDuplicateOIDCScopes() throws IOException {
         assertNotNull(oidcIdPId);
 
         // update the OIDC IDP with duplicated scopes
-        String updateBody = readResource("update-idp-oidc-standard-based-duplicated-scopes.json");
-        Response updateResponse = getResponseOfPut(IDP_API_BASE_PATH + PATH_SEPARATOR + oidcIdPId +
+        String updateOidcIdpPayload = readResource("update-oidc-idp.json");
+        String updateOidcScopesProperties = convertDuplicatedPropertiesToJson(
+                createAuthenticatorProperties("Scopes","openid country profile"),
+                createAuthenticatorProperties("commonAuthQueryParams","scope=openid country profile"));
+        String updateBody = updateOidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, updateOidcScopesProperties);
+
+        Response updateResponse = getResponseOfPutWithNoFilter(IDP_API_BASE_PATH + PATH_SEPARATOR + oidcIdPId +
                 PATH_SEPARATOR + IDP_FEDERATED_AUTHENTICATORS_PATH + PATH_SEPARATOR + OIDC_IDP_ID, updateBody);
         updateResponse.then()
                 .log().ifValidationFails()
@@ -575,6 +608,60 @@ public void testUpdateIdPWithDuplicateOIDCScopes() throws IOException {
         deleteCreatedIdP(oidcIdPId);
     }
 
+    @Test(dependsOnMethods = "testUpdateIdPWithDuplicateOIDCScopes")
+    public void testUpdateOIDCIdPWithoutOpenidScope() throws IOException {
+
+        String oidcIdpPayload = readResource("add-oidc-idp.json");
+        String oidcScopesProperties = convertDuplicatedPropertiesToJson(
+                createAuthenticatorProperties("Scopes","openid country profile"), null);
+        String body = oidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, oidcScopesProperties);
+        body = body.replace(OIDC_IDP_NAME_PLACEHOLDER, "OIDC-IdP-4");
+
+        Response response = getResponseOfPostNoFilter(IDP_API_BASE_PATH, body);
+        response.then()
+                .log().ifValidationFails()
+                .assertThat()
+                .statusCode(HttpStatus.SC_CREATED)
+                .header(HttpHeaders.LOCATION, notNullValue());
+
+        String location = response.getHeader(HttpHeaders.LOCATION);
+        assertNotNull(location);
+        String oidcIdPId = location.substring(location.lastIndexOf("/") + 1);
+        assertNotNull(oidcIdPId);
+
+        // update the OIDC IdP without openid scope
+        String updateOidcIdpPayload = readResource("update-oidc-idp.json");
+        String updateOidcScopesProperties = convertDuplicatedPropertiesToJson(
+                createAuthenticatorProperties("Scopes","country profile"), null);
+        String updateBody = updateOidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, updateOidcScopesProperties);
+
+        Response updateResponse = getResponseOfPutWithNoFilter(IDP_API_BASE_PATH + PATH_SEPARATOR + oidcIdPId +
+                PATH_SEPARATOR + IDP_FEDERATED_AUTHENTICATORS_PATH + PATH_SEPARATOR + OIDC_IDP_ID, updateBody);
+        updateResponse.then()
+                .log().ifValidationFails()
+                .assertThat()
+                .statusCode(HttpStatus.SC_BAD_REQUEST)
+                .body("message", equalTo("Invalid OIDC Scopes."))
+                .body("description", equalTo("Scopes must contain 'openid'."));
+
+        deleteCreatedIdP(oidcIdPId);
+    }
+
+    @Test
+    public void addSamlIdPWithoutMetadata() throws IOException {
+
+        String samlIdpPayload = readResource("add-saml-idp.json");
+        String body = samlIdpPayload.replace(METADATA_SAML_PLACEHOLDER, "");
+
+        Response response = getResponseOfPostNoFilter(IDP_API_BASE_PATH, body);
+        response.then()
+                .log().ifValidationFails()
+                .assertThat()
+                .statusCode(HttpStatus.SC_BAD_REQUEST)
+                .body("message", equalTo("Invalid SAML metadata."))
+                .body("description", equalTo("SAML metadata is invalid/empty."));
+    }
+
     /**
      * Deletes an Identity Provider by its ID and verifies the deletion.
      *
@@ -597,4 +684,39 @@ private void deleteCreatedIdP(String idPId) {
                 .body("description", equalTo("Unable to find a resource matching the provided identity " +
                         "provider identifier " + idPId + "."));
     }
+
+    /**
+     * Creates a map of authenticator properties with a provided key and value.
+     *
+     * @param key   Authenticator key.
+     * @param value Authenticator value.
+     * @return a map containing the authenticator properties.
+     */
+    private Map<String, String> createAuthenticatorProperties(String key, String value) {
+
+        Map<String, String> authenticatorProps = new HashMap<>();
+        authenticatorProps.put("key", key);
+        authenticatorProps.put("value", value);
+        return authenticatorProps;
+    }
+
+    /**
+     * Converts a map of properties and an optional map of duplicated properties into a JSON string.
+     * If duplicated properties are provided, they are appended to the JSON string of the original properties.
+     *
+     * @param properties           Main map of properties.
+     * @param duplicatedProperties Map of duplicated properties.
+     * @return a JSON string representation of the properties and duplicated properties.
+     * @throws JsonProcessingException if there is an error during JSON conversion.
+     */
+    private String convertDuplicatedPropertiesToJson(Map<String, String> properties,
+                                                     Map<String, String> duplicatedProperties)
+            throws JsonProcessingException {
+
+        ObjectMapper objectMapper = new ObjectMapper();
+        if (duplicatedProperties != null) {
+            return objectMapper.writeValueAsString(properties) + "," + objectMapper.writeValueAsString(duplicatedProperties);
+        }
+        return objectMapper.writeValueAsString(properties);
+    }
 }