From b671943faae3549e178e86b05445c223a60eb1b6 Mon Sep 17 00:00:00 2001 From: Yoshani Date: Tue, 22 Oct 2024 14:51:04 +0530 Subject: [PATCH] add showUsernameAvailability property to self-reg --- .../recovery/IdentityRecoveryConstants.java | 2 +- .../connector/SelfRegistrationConfigImpl.java | 26 +++++++++---------- .../SelfRegistrationConfigImplTest.java | 16 ++++++------ 3 files changed, 22 insertions(+), 22 deletions(-) diff --git a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java index 4900306ca..e5c6f6b28 100644 --- a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java +++ b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java @@ -598,7 +598,7 @@ public static class ConnectorConfig { "UseNumbersInOTP"; public static final String SELF_REGISTRATION_OTP_LENGTH = "SelfRegistration.OTP.OTPLength"; public static final String SEND_CONFIRMATION_NOTIFICATION = "SelfRegistration.SendConfirmationOnCreation"; - public static final String HANDLE_EXISTING_USERNAME = "SelfRegistration.HandleExistingUsername"; + public static final String SHOW_USERNAME_UNAVAILABILITY = "SelfRegistration.ShowUsernameUnavailability"; public static final String SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE = "SelfRegistration.Notification" + ".InternallyManage"; public static final String SELF_REGISTRATION_RE_CAPTCHA = "SelfRegistration.ReCaptcha"; diff --git a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/connector/SelfRegistrationConfigImpl.java b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/connector/SelfRegistrationConfigImpl.java index c1021243d..61c7d72d6 100644 --- a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/connector/SelfRegistrationConfigImpl.java +++ b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/connector/SelfRegistrationConfigImpl.java @@ -99,8 +99,8 @@ public Map getPropertyNameMapping() { "OTP length"); nameMapping.put(IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION, "Enable Account Confirmation On Creation"); - nameMapping.put(IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME, - "Handle existing user name"); + nameMapping.put(IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY, + "Show username unavailability"); nameMapping.put(IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE, "Manage notifications sending internally"); nameMapping.put(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_RE_CAPTCHA, "Prompt reCaptcha"); @@ -146,8 +146,8 @@ public Map getPropertyDescriptionMapping() { "Length of the OTP for SMS and e-mail verifications. OTP length must be 4-10."); descriptionMapping.put(IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION, "Enable user account confirmation when the user account is not locked on creation"); - descriptionMapping.put(IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME, - "Adopt the same behavior for both existing and non-existing users in the system."); + descriptionMapping.put(IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY, + "Show a descriptive error message to the user if the username is already taken. However, this leads to username enumeration"); descriptionMapping.put(IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE, "Disable if the client application handles notification sending"); descriptionMapping.put(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_RE_CAPTCHA, @@ -188,7 +188,7 @@ public String[] getPropertyNames() { properties.add(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_USE_NUMBERS_IN_OTP); properties.add(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_OTP_LENGTH); properties.add(IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION); - properties.add(IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME); + properties.add(IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY); properties.add(IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE); properties.add(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_RE_CAPTCHA); properties.add(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_VERIFICATION_CODE_EXPIRY_TIME); @@ -215,7 +215,7 @@ public Properties getDefaultPropertyValues(String tenantDomain) throws IdentityG String useNumbersInOTP = StringUtils.EMPTY; String otpLength = "6"; String enableSendNotificationOnCreation = "false"; - String handleExistingUsername = "false"; + String showUsernameUnavailability = "true"; String enableNotificationInternallyManage = "true"; String enableSelfRegistrationReCaptcha = "true"; String verificationCodeExpiryTime = "1440"; @@ -243,8 +243,8 @@ public Properties getDefaultPropertyValues(String tenantDomain) throws IdentityG IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_OTP_LENGTH); String sendNotificationOnCreationProperty = IdentityUtil.getProperty( IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION); - String handleExistingUsernameProperty = IdentityUtil.getProperty( - IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME); + String showUsernameUnavailabilityProperty = IdentityUtil.getProperty( + IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY); String notificationInternallyMangedProperty = IdentityUtil.getProperty( IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE); String reCaptchaProperty = IdentityUtil.getProperty( @@ -290,8 +290,8 @@ public Properties getDefaultPropertyValues(String tenantDomain) throws IdentityG if (StringUtils.isNotEmpty(sendNotificationOnCreationProperty)) { enableSendNotificationOnCreation = sendNotificationOnCreationProperty; } - if (StringUtils.isNotEmpty(handleExistingUsernameProperty)) { - handleExistingUsername = handleExistingUsernameProperty; + if (StringUtils.isNotEmpty(showUsernameUnavailabilityProperty)) { + showUsernameUnavailability = showUsernameUnavailabilityProperty; } if (StringUtils.isNotEmpty(notificationInternallyMangedProperty)) { enableNotificationInternallyManage = notificationInternallyMangedProperty; @@ -340,8 +340,8 @@ public Properties getDefaultPropertyValues(String tenantDomain) throws IdentityG otpLength); defaultProperties.put(IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION, enableSendNotificationOnCreation); - defaultProperties.put(IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME, - handleExistingUsername); + defaultProperties.put(IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY, + showUsernameUnavailability); defaultProperties.put(IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE, enableNotificationInternallyManage); defaultProperties.put(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_RE_CAPTCHA, @@ -412,7 +412,7 @@ public Map getMetaData() { meta.put(IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION, getPropertyObject(IdentityMgtConstants.DataTypes.BOOLEAN.getValue())); - meta.put(IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME, + meta.put(IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY, getPropertyObject(IdentityMgtConstants.DataTypes.BOOLEAN.getValue())); meta.put(IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE, diff --git a/components/org.wso2.carbon.identity.recovery/src/test/java/org/wso2/carbon/identity/recovery/connector/SelfRegistrationConfigImplTest.java b/components/org.wso2.carbon.identity.recovery/src/test/java/org/wso2/carbon/identity/recovery/connector/SelfRegistrationConfigImplTest.java index 2265901bf..50ab2ed37 100644 --- a/components/org.wso2.carbon.identity.recovery/src/test/java/org/wso2/carbon/identity/recovery/connector/SelfRegistrationConfigImplTest.java +++ b/components/org.wso2.carbon.identity.recovery/src/test/java/org/wso2/carbon/identity/recovery/connector/SelfRegistrationConfigImplTest.java @@ -108,8 +108,8 @@ public void testGetPropertyNameMapping() { "OTP length"); nameMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION, "Enable Account Confirmation On Creation"); - nameMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME, - "Handle existing user name"); + nameMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY, + "Show username unavailability"); nameMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE, "Manage notifications sending internally"); nameMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_RE_CAPTCHA, "Prompt reCaptcha"); @@ -157,8 +157,8 @@ public void testGetPropertyDescriptionMapping() { "Length of the OTP for SMS and e-mail verifications. OTP length must be 4-10."); descriptionMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION, "Enable user account confirmation when the user account is not locked on creation"); - descriptionMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME, - "Adopt the same behavior for both existing and non-existing users in the system."); + descriptionMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY, + "Show a descriptive error message to the user if the username is already taken. However, this leads to username enumeration"); descriptionMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE, "Disable if the client application handles notification sending"); descriptionMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_RE_CAPTCHA, @@ -202,7 +202,7 @@ public void testGetPropertyNames() { propertiesExpected.add(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_USE_NUMBERS_IN_OTP); propertiesExpected.add(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_OTP_LENGTH); propertiesExpected.add(IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION); - propertiesExpected.add(IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME); + propertiesExpected.add(IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY); propertiesExpected.add(IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE); propertiesExpected.add(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_RE_CAPTCHA); propertiesExpected @@ -236,7 +236,7 @@ public void testGetDefaultPropertyValues() throws IdentityGovernanceException { String testUseNumbersInOTP = StringUtils.EMPTY; String testOtpLength = "6"; String testEnableSendNotificationOnCreation = "false"; - String testHandleExistingUsername = "false"; + String testShowUsernameUnavailability = "true"; String testEnableNotificationInternallyManage = "true"; String testEnableSelfRegistrationReCaptcha = "true"; String testVerificationCodeExpiryTime = "1440"; @@ -264,8 +264,8 @@ public void testGetDefaultPropertyValues() throws IdentityGovernanceException { testOtpLength); propertiesExpected.put(IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION, testEnableSendNotificationOnCreation); - propertiesExpected.put(IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME, - testHandleExistingUsername); + propertiesExpected.put(IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY, + testShowUsernameUnavailability); propertiesExpected.put(IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE, testEnableNotificationInternallyManage); propertiesExpected.put(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_RE_CAPTCHA,