diff --git a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java
index 4900306ca..e5c6f6b28 100644
--- a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java
+++ b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java
@@ -598,7 +598,7 @@ public static class ConnectorConfig {
"UseNumbersInOTP";
public static final String SELF_REGISTRATION_OTP_LENGTH = "SelfRegistration.OTP.OTPLength";
public static final String SEND_CONFIRMATION_NOTIFICATION = "SelfRegistration.SendConfirmationOnCreation";
- public static final String HANDLE_EXISTING_USERNAME = "SelfRegistration.HandleExistingUsername";
+ public static final String SHOW_USERNAME_UNAVAILABILITY = "SelfRegistration.ShowUsernameUnavailability";
public static final String SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE = "SelfRegistration.Notification" +
".InternallyManage";
public static final String SELF_REGISTRATION_RE_CAPTCHA = "SelfRegistration.ReCaptcha";
diff --git a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/connector/SelfRegistrationConfigImpl.java b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/connector/SelfRegistrationConfigImpl.java
index c1021243d..61c7d72d6 100644
--- a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/connector/SelfRegistrationConfigImpl.java
+++ b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/connector/SelfRegistrationConfigImpl.java
@@ -99,8 +99,8 @@ public Map<String, String> getPropertyNameMapping() {
"OTP length");
nameMapping.put(IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION,
"Enable Account Confirmation On Creation");
- nameMapping.put(IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME,
- "Handle existing user name");
+ nameMapping.put(IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY,
+ "Show username unavailability");
nameMapping.put(IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE,
"Manage notifications sending internally");
nameMapping.put(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_RE_CAPTCHA, "Prompt reCaptcha");
@@ -146,8 +146,8 @@ public Map<String, String> getPropertyDescriptionMapping() {
"Length of the OTP for SMS and e-mail verifications. OTP length must be 4-10.");
descriptionMapping.put(IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION,
"Enable user account confirmation when the user account is not locked on creation");
- descriptionMapping.put(IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME,
- "Adopt the same behavior for both existing and non-existing users in the system.");
+ descriptionMapping.put(IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY,
+ "Show a descriptive error message to the user if the username is already taken. However, this leads to username enumeration");
descriptionMapping.put(IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE,
"Disable if the client application handles notification sending");
descriptionMapping.put(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_RE_CAPTCHA,
@@ -188,7 +188,7 @@ public String[] getPropertyNames() {
properties.add(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_USE_NUMBERS_IN_OTP);
properties.add(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_OTP_LENGTH);
properties.add(IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION);
- properties.add(IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME);
+ properties.add(IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY);
properties.add(IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE);
properties.add(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_RE_CAPTCHA);
properties.add(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_VERIFICATION_CODE_EXPIRY_TIME);
@@ -215,7 +215,7 @@ public Properties getDefaultPropertyValues(String tenantDomain) throws IdentityG
String useNumbersInOTP = StringUtils.EMPTY;
String otpLength = "6";
String enableSendNotificationOnCreation = "false";
- String handleExistingUsername = "false";
+ String showUsernameUnavailability = "true";
String enableNotificationInternallyManage = "true";
String enableSelfRegistrationReCaptcha = "true";
String verificationCodeExpiryTime = "1440";
@@ -243,8 +243,8 @@ public Properties getDefaultPropertyValues(String tenantDomain) throws IdentityG
IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_OTP_LENGTH);
String sendNotificationOnCreationProperty = IdentityUtil.getProperty(
IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION);
- String handleExistingUsernameProperty = IdentityUtil.getProperty(
- IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME);
+ String showUsernameUnavailabilityProperty = IdentityUtil.getProperty(
+ IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY);
String notificationInternallyMangedProperty = IdentityUtil.getProperty(
IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE);
String reCaptchaProperty = IdentityUtil.getProperty(
@@ -290,8 +290,8 @@ public Properties getDefaultPropertyValues(String tenantDomain) throws IdentityG
if (StringUtils.isNotEmpty(sendNotificationOnCreationProperty)) {
enableSendNotificationOnCreation = sendNotificationOnCreationProperty;
}
- if (StringUtils.isNotEmpty(handleExistingUsernameProperty)) {
- handleExistingUsername = handleExistingUsernameProperty;
+ if (StringUtils.isNotEmpty(showUsernameUnavailabilityProperty)) {
+ showUsernameUnavailability = showUsernameUnavailabilityProperty;
}
if (StringUtils.isNotEmpty(notificationInternallyMangedProperty)) {
enableNotificationInternallyManage = notificationInternallyMangedProperty;
@@ -340,8 +340,8 @@ public Properties getDefaultPropertyValues(String tenantDomain) throws IdentityG
otpLength);
defaultProperties.put(IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION,
enableSendNotificationOnCreation);
- defaultProperties.put(IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME,
- handleExistingUsername);
+ defaultProperties.put(IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY,
+ showUsernameUnavailability);
defaultProperties.put(IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE,
enableNotificationInternallyManage);
defaultProperties.put(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_RE_CAPTCHA,
@@ -412,7 +412,7 @@ public Map<String, Property> getMetaData() {
meta.put(IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION,
getPropertyObject(IdentityMgtConstants.DataTypes.BOOLEAN.getValue()));
- meta.put(IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME,
+ meta.put(IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY,
getPropertyObject(IdentityMgtConstants.DataTypes.BOOLEAN.getValue()));
meta.put(IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE,
diff --git a/components/org.wso2.carbon.identity.recovery/src/test/java/org/wso2/carbon/identity/recovery/connector/SelfRegistrationConfigImplTest.java b/components/org.wso2.carbon.identity.recovery/src/test/java/org/wso2/carbon/identity/recovery/connector/SelfRegistrationConfigImplTest.java
index 2265901bf..cd757e624 100644
--- a/components/org.wso2.carbon.identity.recovery/src/test/java/org/wso2/carbon/identity/recovery/connector/SelfRegistrationConfigImplTest.java
+++ b/components/org.wso2.carbon.identity.recovery/src/test/java/org/wso2/carbon/identity/recovery/connector/SelfRegistrationConfigImplTest.java
@@ -108,7 +108,7 @@ public void testGetPropertyNameMapping() {
"OTP length");
nameMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION,
"Enable Account Confirmation On Creation");
- nameMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME,
+ nameMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY,
"Handle existing user name");
nameMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE,
"Manage notifications sending internally");
@@ -157,7 +157,7 @@ public void testGetPropertyDescriptionMapping() {
"Length of the OTP for SMS and e-mail verifications. OTP length must be 4-10.");
descriptionMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION,
"Enable user account confirmation when the user account is not locked on creation");
- descriptionMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME,
+ descriptionMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY,
"Adopt the same behavior for both existing and non-existing users in the system.");
descriptionMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE,
"Disable if the client application handles notification sending");
@@ -202,7 +202,7 @@ public void testGetPropertyNames() {
propertiesExpected.add(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_USE_NUMBERS_IN_OTP);
propertiesExpected.add(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_OTP_LENGTH);
propertiesExpected.add(IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION);
- propertiesExpected.add(IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME);
+ propertiesExpected.add(IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY);
propertiesExpected.add(IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE);
propertiesExpected.add(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_RE_CAPTCHA);
propertiesExpected
@@ -236,7 +236,7 @@ public void testGetDefaultPropertyValues() throws IdentityGovernanceException {
String testUseNumbersInOTP = StringUtils.EMPTY;
String testOtpLength = "6";
String testEnableSendNotificationOnCreation = "false";
- String testHandleExistingUsername = "false";
+ String testShowUsernameUnavailability = "true";
String testEnableNotificationInternallyManage = "true";
String testEnableSelfRegistrationReCaptcha = "true";
String testVerificationCodeExpiryTime = "1440";
@@ -264,8 +264,8 @@ public void testGetDefaultPropertyValues() throws IdentityGovernanceException {
testOtpLength);
propertiesExpected.put(IdentityRecoveryConstants.ConnectorConfig.SEND_CONFIRMATION_NOTIFICATION,
testEnableSendNotificationOnCreation);
- propertiesExpected.put(IdentityRecoveryConstants.ConnectorConfig.HANDLE_EXISTING_USERNAME,
- testHandleExistingUsername);
+ propertiesExpected.put(IdentityRecoveryConstants.ConnectorConfig.SHOW_USERNAME_UNAVAILABILITY,
+ testShowUsernameUnavailability);
propertiesExpected.put(IdentityRecoveryConstants.ConnectorConfig.SIGN_UP_NOTIFICATION_INTERNALLY_MANAGE,
testEnableNotificationInternallyManage);
propertiesExpected.put(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_RE_CAPTCHA,