[ES-529] changed the acr value of password to pwd.

Signed-off-by: Mahammed Taheer <[email protected]>
mosip · Dec 7, 2023 · 75b863e · 75b863e
1 parent 1bc2027
commit 75b863e
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 12 deletions.
diff --git a/...tion-common/src/main/java/io/mosip/authentication/common/service/filter/IdAuthFilter.java b/...tion-common/src/main/java/io/mosip/authentication/common/service/filter/IdAuthFilter.java
@@ -869,11 +869,11 @@ protected void checkAllowedAuthTypeForPassword(Map<String, Object> requestBody,
 		KycAuthRequestDTO authRequestDTO = mapper.readValue(mapper.writeValueAsBytes(requestBody),
 					KycAuthRequestDTO.class);
 
-			if (AuthTypeUtil.isPassword(authRequestDTO) && !isAllowedAuthType(MatchType.Category.PASSWORD.getType(), authPolicies)) {
-				throw new IdAuthenticationAppException(
-						IdAuthenticationErrorConstants.AUTHTYPE_NOT_ALLOWED.getErrorCode(),
-						String.format(IdAuthenticationErrorConstants.AUTHTYPE_NOT_ALLOWED.getErrorMessage(),
-								MatchType.Category.PASSWORD.name()));
+		if (AuthTypeUtil.isPassword(authRequestDTO) && !isAllowedAuthType(MatchType.Category.PWD.getType(), authPolicies)) {
+			throw new IdAuthenticationAppException(
+			IdAuthenticationErrorConstants.AUTHTYPE_NOT_ALLOWED.getErrorCode(),
+			String.format(IdAuthenticationErrorConstants.AUTHTYPE_NOT_ALLOWED.getErrorMessage(),
+					MatchType.Category.PWD.name()));
 		}
 	}
 
@@ -1058,16 +1058,25 @@ private void checkAllowedAMRBasedOnClientConfig(Map<String, Object> requestBody,
 
 				if (AuthTypeUtil.isPin(authRequestDTO)  && !allowedAMRs.contains(MatchType.Category.SPIN.getType())) {
 					throw new IdAuthenticationAppException(
-							IdAuthenticationErrorConstants.AUTHTYPE_NOT_ALLOWED.getErrorCode(),
-							String.format(IdAuthenticationErrorConstants.AUTHTYPE_NOT_ALLOWED.getErrorMessage(),
+							IdAuthenticationErrorConstants.OIDC_CLIENT_AUTHTYPE_NOT_ALLOWED.getErrorCode(),
+							String.format(IdAuthenticationErrorConstants.OIDC_CLIENT_AUTHTYPE_NOT_ALLOWED.getErrorMessage(),
 									MatchType.Category.SPIN.name()));
 				}
 				if (AuthTypeUtil.isOtp(authRequestDTO)  && !allowedAMRs.contains(MatchType.Category.OTP.getType())) {
 					throw new IdAuthenticationAppException(
-							IdAuthenticationErrorConstants.AUTHTYPE_NOT_ALLOWED.getErrorCode(),
-							String.format(IdAuthenticationErrorConstants.AUTHTYPE_NOT_ALLOWED.getErrorMessage(),
+							IdAuthenticationErrorConstants.OIDC_CLIENT_AUTHTYPE_NOT_ALLOWED.getErrorCode(),
+							String.format(IdAuthenticationErrorConstants.OIDC_CLIENT_AUTHTYPE_NOT_ALLOWED.getErrorMessage(),
 									MatchType.Category.OTP.name()));
 				}
+
+				KycAuthRequestDTO kycAuthRequestDTO = mapper.readValue(mapper.writeValueAsBytes(requestBody),
+										KycAuthRequestDTO.class);
+				if (AuthTypeUtil.isPassword(kycAuthRequestDTO)  && !allowedAMRs.contains(MatchType.Category.PWD.getType())) {
+					throw new IdAuthenticationAppException(
+							IdAuthenticationErrorConstants.OIDC_CLIENT_AUTHTYPE_NOT_ALLOWED.getErrorCode(),
+							String.format(IdAuthenticationErrorConstants.OIDC_CLIENT_AUTHTYPE_NOT_ALLOWED.getErrorMessage(),
+									MatchType.Category.PWD.name()));
+				}
 				checkAllowedAMRForKBT(requestBody, allowedAMRs);
 			}
 		} catch (IOException e) {

diff --git a/...tion-common/src/main/java/io/mosip/authentication/common/service/helper/IdInfoHelper.java b/...tion-common/src/main/java/io/mosip/authentication/common/service/helper/IdInfoHelper.java
@@ -536,7 +536,7 @@ private Map<String, String> getEntityInfo(Map<String, List<IdentityInfoDTO>> idE
 							String.format(IdAuthenticationErrorConstants.KEY_BINDING_MISSING.getErrorMessage(),
 									input.getAuthType().getType()));
 
-				case PASSWORD: 
+				case PWD: 
 					throw new IdAuthenticationBusinessException(
 							IdAuthenticationErrorConstants.PASSWORD_MISSING.getErrorCode(),
 							String.format(IdAuthenticationErrorConstants.PASSWORD_MISSING.getErrorMessage(),

diff --git a/...on/src/main/java/io/mosip/authentication/common/service/impl/match/PasswordMatchType.java b/...on/src/main/java/io/mosip/authentication/common/service/impl/match/PasswordMatchType.java
@@ -24,7 +24,7 @@
 public enum PasswordMatchType implements MatchType {
 
 	/** Primary password Match Type. */
-	PASSWORD(IdaIdMapping.PASSWORD, Category.PASSWORD, setOf(PasswordMatchingStrategy.EXACT), authReq -> {
+	PASSWORD(IdaIdMapping.PASSWORD, Category.PWD, setOf(PasswordMatchingStrategy.EXACT), authReq -> {
         KycAuthRequestDTO kycAuthRequestDTO =  (KycAuthRequestDTO)authReq;
 		return (Objects.nonNull(kycAuthRequestDTO.getRequest())  && 
 				Objects.nonNull(kycAuthRequestDTO.getRequest().getPassword()))? kycAuthRequestDTO.getRequest().getPassword() : "";

diff --git a/...tication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/MatchType.java b/...tication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/MatchType.java
@@ -44,7 +44,7 @@ public enum Category {
 		/** Token category */
 		KBT("kbt"),
 		/** Password category */
-		PASSWORD("password");
+		PWD("pwd");
 
 		/** The type. */
 		String type;