From 17ebb980f6147f0e66f9887302b33cfb2e37bc29 Mon Sep 17 00:00:00 2001
From: pujavs <43700552+pujavs@users.noreply.github.com>
Date: Thu, 11 Apr 2024 22:19:13 +0530
Subject: [PATCH] fix(config-api): user mgt error for duplicate jansStatus
 issue (#8279)

* fix: user mgt error for jansStatus issue#8258

Signed-off-by: pujavs <pujas.works@gmail.com>

* fix: user mgt error for jansStatus issue#8258

Signed-off-by: pujavs <pujas.works@gmail.com>

* fix: user mgt error for jansStatus issue#8258

Signed-off-by: pujavs <pujas.works@gmail.com>

---------

Signed-off-by: pujavs <pujas.works@gmail.com>
---
 .../docs/jans-config-api-swagger.yaml         | 14 ++---
 .../plugins/docs/user-mgt-plugin-swagger.yaml |  6 +-
 .../plugin/mgt/model/user/CustomUser.java     | 15 +----
 .../plugin/mgt/rest/UserResource.java         | 63 ++++++++++---------
 .../plugin/mgt/service/UserMgmtService.java   | 17 ++---
 jans-config-api/pom.xml                       |  4 --
 jans-config-api/server/pom.xml                |  4 --
 .../rest/resource/auth/AssetResource.java     |  8 +--
 .../configapi/service/auth/AssetService.java  |  4 +-
 .../configapi/core/rest/BaseResource.java     |  7 +++
 10 files changed, 67 insertions(+), 75 deletions(-)

diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml
index 7acec400c85..186d9476cf0 100644
--- a/jans-config-api/docs/jans-config-api-swagger.yaml
+++ b/jans-config-api/docs/jans-config-api-swagger.yaml
@@ -8219,13 +8219,13 @@ components:
           type: string
         selected:
           type: boolean
-        userCanView:
+        adminCanView:
           type: boolean
         adminCanEdit:
           type: boolean
-        userCanEdit:
+        userCanView:
           type: boolean
-        adminCanView:
+        userCanEdit:
           type: boolean
         userCanAccess:
           type: boolean
@@ -9053,8 +9053,6 @@ components:
           type: boolean
         lockMessageConfig:
           $ref: '#/components/schemas/LockMessageConfig'
-        fapi:
-          type: boolean
         allResponseTypesSupported:
           uniqueItems: true
           type: array
@@ -9064,6 +9062,8 @@ components:
             - code
             - token
             - id_token
+        fapi:
+          type: boolean
     AuthenticationFilter:
       required:
       - baseDn
@@ -9830,10 +9830,10 @@ components:
           type: array
           items:
             type: object
-        displayValue:
-          type: string
         value:
           type: object
+        displayValue:
+          type: string
     LocalizedString:
       type: object
       properties:
diff --git a/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml b/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml
index f0dd68dc54d..a23d9c4e828 100644
--- a/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml
+++ b/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml
@@ -863,10 +863,10 @@ components:
           type: array
           items:
             type: object
-        displayValue:
-          type: string
         value:
           type: object
+        displayValue:
+          type: string
     CustomUser:
       type: object
       properties:
@@ -911,8 +911,6 @@ components:
           type: string
         displayName:
           type: string
-        jansStatus:
-          type: string
         givenName:
           type: string
         userPassword:
diff --git a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/model/user/CustomUser.java b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/model/user/CustomUser.java
index 88c6339950a..acd48c390d6 100644
--- a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/model/user/CustomUser.java
+++ b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/model/user/CustomUser.java
@@ -12,7 +12,6 @@ public class CustomUser extends User {
     private String inum;
     private String mail;
     private String displayName;
-    private String jansStatus;
     private String givenName;
     private String userPassword;
     
@@ -40,15 +39,7 @@ public String getDisplayName() {
     public void setDisplayName(String displayName) {
         this.displayName = displayName;
     }
-    
-    public String getJansStatus() {
-        return jansStatus;
-    }
-    
-    public void setJansStatus(String jansStatus) {
-        this.jansStatus = jansStatus;
-    }
-    
+       
     public String getGivenName() {
         return givenName;
     }
@@ -67,8 +58,8 @@ public void setUserPassword(String userPassword) {
     
     @Override
     public String toString() {
-        return "CustomUser [inum=" + inum + ", mail=" + mail + ", displayName=" + displayName + ", jansStatus="
-                + jansStatus + ", givenName=" + givenName + ", userPassword=" + userPassword + "]";
+        return "CustomUser [inum=" + inum + ", mail=" + mail + ", displayName=" + displayName 
+                + ", givenName=" + givenName + ", userPassword=" + userPassword + "]";
     }
     
     
diff --git a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java
index 5458c41d92b..4f2496a738b 100644
--- a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java
+++ b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java
@@ -53,7 +53,6 @@ public class UserResource extends BaseResource {
     private static final String USER = "user";
     private static final String MAIL = "mail";
     private static final String DISPLAY_NAME = "displayName";
-    private static final String JANS_STATUS = "jansStatus";
     private static final String GIVEN_NAME = "givenName";
     private static final String USER_PWD = "userPassword";
     private static final String INUM = "inum";
@@ -152,7 +151,6 @@ public Response createUser(@Valid CustomUser customUser,
                     removeNonLDAPAttributes);
         }
 
-        try {
         // get User object
         User user = setUserAttributes(customUser);
 
@@ -166,18 +164,20 @@ public Response createUser(@Valid CustomUser customUser,
         validateAttributes(user);
 
         logger.info("Service call to create user:{}", user);
-        user = userMgmtSrv.addUser(user, true);
-        logger.info("User created {}", user);
 
-        // excludedAttributes
-        user = excludeUserAttributes(user);
+        try {
+            user = userMgmtSrv.addUser(user, true);
+            logger.info("User created {}", user);
 
-        // get custom user
-        customUser = getCustomUser(user, removeNonLDAPAttributes);
-        logger.info("newly created customUser:{}", customUser);
+            // excludedAttributes
+            user = excludeUserAttributes(user);
+
+            // get custom user
+            customUser = getCustomUser(user, removeNonLDAPAttributes);
+            logger.info("newly created customUser:{}", customUser);
         }catch(WebApplicationException wex) {
             logger.error("ApplicationException while creating user is:{}, cause:{}", wex, wex.getCause());
-            throwInternalServerException("USER_CREATION_ERROR", wex.getMessage());
+            throwInternalServerException("USER_CREATION_ERROR", wex);
         }catch(Exception ex) {
             logger.error("Exception while creating user is:{}, cause:{}", ex, ex.getCause());
             throwInternalServerException(ex);
@@ -207,21 +207,22 @@ public Response updateUser(@Valid CustomUser customUser,
                     removeNonLDAPAttributes);
         }
 
-        try {
-            // get User object
-            User user = setUserAttributes(customUser);
+      
+        // get User object
+        User user = setUserAttributes(customUser);
 
-            // parse birthdate if present
-            userMgmtSrv.parseBirthDateAttribute(user);
-            logger.debug("Create  user:{}", user);
+        // parse birthdate if present
+        userMgmtSrv.parseBirthDateAttribute(user);
+        logger.debug("Create  user:{}", user);
 
-            // checking mandatory attributes
-            List<String> excludeAttributes = List.of(USER_PWD);
-            checkMissingAttributes(user, excludeAttributes);
-            ignoreCustomAttributes(user, removeNonLDAPAttributes);
-            validateAttributes(user);
+        // checking mandatory attributes
+        List<String> excludeAttributes = List.of(USER_PWD);
+        checkMissingAttributes(user, excludeAttributes);
+        ignoreCustomAttributes(user, removeNonLDAPAttributes);
+        validateAttributes(user);
 
-            logger.info("Call update user:{}", user);
+        logger.info("Call update user:{}", user);
+        try {
             user = userMgmtSrv.updateUser(user);
             logger.info("Updated user:{}", user);
 
@@ -400,7 +401,7 @@ public CustomUser setParentAttributes(CustomUser customUser, User user, boolean
         customUser.setOxAuthPersistentJwt(user.getOxAuthPersistentJwt());
         customUser.setUpdatedAt(user.getUpdatedAt());
         customUser.setUserId(user.getUserId());
-
+        customUser.setStatus(user.getStatus());
         ignoreCustomAttributes(customUser, removeNonLDAPAttributes);
         return setCustomUserAttributes(customUser, user);
     }
@@ -408,14 +409,13 @@ public CustomUser setParentAttributes(CustomUser customUser, User user, boolean
     public CustomUser setCustomUserAttributes(CustomUser customUser, User user) {
         customUser.setMail(user.getAttribute(MAIL));
         customUser.setDisplayName(user.getAttribute(DISPLAY_NAME));
-        customUser.setJansStatus(user.getAttribute(JANS_STATUS));
         customUser.setGivenName(user.getAttribute(GIVEN_NAME));
         customUser.setUserPassword(user.getAttribute(USER_PWD));
         customUser.setInum(user.getAttribute(INUM));
+        customUser.setStatus(user.getStatus());
 
         customUser.removeAttribute(MAIL);
         customUser.removeAttribute(DISPLAY_NAME);
-        customUser.removeAttribute(JANS_STATUS);
         customUser.removeAttribute(GIVEN_NAME);
         customUser.removeAttribute(USER_PWD);
         customUser.removeAttribute(INUM);
@@ -433,6 +433,8 @@ private User setUserAttributes(CustomUser customUser) {
         user.setOxAuthPersistentJwt(customUser.getOxAuthPersistentJwt());
         user.setUpdatedAt(customUser.getUpdatedAt());
         user.setUserId(customUser.getUserId());
+        user.setStatus(customUser.getStatus());     
+        
         return setUserCustomAttributes(customUser, user);
     }
 
@@ -442,20 +444,19 @@ private User setUserCustomAttributes(CustomUser customUser, User user) {
         }
         
         user.setAttribute(DISPLAY_NAME, customUser.getDisplayName(), false);
-        user.setAttribute(JANS_STATUS, customUser.getJansStatus(), false);
         user.setAttribute(GIVEN_NAME, customUser.getGivenName(), false);
-        
         if(StringUtils.isNotBlank(customUser.getUserPassword())) {  
             user.setAttribute(USER_PWD, customUser.getUserPassword(), false);
         }
-        user.setAttribute(INUM, customUser.getInum(), false);
-
-        logger.debug("Custom User - user:{}", user);
+        if(StringUtils.isNotBlank(customUser.getInum())) {    
+            user.setAttribute(INUM, customUser.getInum(), false);
+        }
+        
         return user;
     }
 
     private User ignoreCustomAttributes(User user, boolean removeNonLDAPAttributes) {
-        logger.debug(
+        logger.info(
                 "** validate User CustomObjectClasses - User user:{}, removeNonLDAPAttributes:{}, user.getCustomObjectClasses():{}, userMgmtSrv.getPersistenceType():{}, userMgmtSrv.isLDAP():?{}",
                 user, removeNonLDAPAttributes, user.getCustomObjectClasses(), userMgmtSrv.getPersistenceType(),
                 userMgmtSrv.isLDAP());
diff --git a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java
index cb13ef39bbc..03de8339627 100644
--- a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java
+++ b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java
@@ -504,15 +504,18 @@ public void validateAttributes(List<CustomObjectAttribute> customAttributes) {
             logger.info("customObjectAttribute:{}, customObjectAttribute.getName():{}", customObjectAttribute, customObjectAttribute.getName());
             JansAttribute attribute = attributeService.getAttributeByName(customObjectAttribute.getName());
             AttributeValidation validation = null;
-            if(attribute!=null) {
+            if (attribute != null) {
                 validation = attribute.getAttributeValidation();
             }
-            logger.info("customObjectAttribute.getName():{}, validation:{}", customObjectAttribute.getName(), validation);
-
-            String errorMsg = validateCustomAttributes(customObjectAttribute, validation);
-            logger.info("customObjectAttribute.getName():{}, errorMsg:{}", customObjectAttribute.getName(), errorMsg);
-            if (StringUtils.isNotBlank(errorMsg)) {
-                sb.append(errorMsg);
+            logger.info("customObjectAttribute.getName():{}, validation:{}", customObjectAttribute.getName(),
+                    validation);
+            if (validation != null) {
+                String errorMsg = validateCustomAttributes(customObjectAttribute, validation);
+                logger.info("customObjectAttribute.getName():{}, errorMsg:{}", customObjectAttribute.getName(),
+                        errorMsg);
+                if (StringUtils.isNotBlank(errorMsg)) {
+                    sb.append(errorMsg);
+                }
             }
         }
 
diff --git a/jans-config-api/pom.xml b/jans-config-api/pom.xml
index 42da2ddd787..bc80f500806 100644
--- a/jans-config-api/pom.xml
+++ b/jans-config-api/pom.xml
@@ -244,10 +244,6 @@
 			</dependency>
 
 			<!-- Security -->
-			<dependency>
-				<groupId>com.nimbusds</groupId>
-				<artifactId>nimbus-jose-jwt</artifactId>
-			</dependency>
 			<dependency>
 				<groupId>org.bitbucket.b_c</groupId>
 				<artifactId>jose4j</artifactId>
diff --git a/jans-config-api/server/pom.xml b/jans-config-api/server/pom.xml
index af213a189a2..a781a1bf8c5 100644
--- a/jans-config-api/server/pom.xml
+++ b/jans-config-api/server/pom.xml
@@ -565,10 +565,6 @@
 					<artifactId>jetty-plus</artifactId>
 					<scope>test</scope>
 				</dependency>
-				<dependency>
-					<groupId>com.nimbusds</groupId>
-					<artifactId>nimbus-jose-jwt</artifactId>
-				</dependency>
 				<dependency>
 					<groupId>org.bitbucket.b_c</groupId>
 					<artifactId>jose4j</artifactId>
diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AssetResource.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AssetResource.java
index 79c9c17d7a4..49390e0f913 100644
--- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AssetResource.java
+++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AssetResource.java
@@ -177,7 +177,7 @@ public Response getAssetStreamByName(
             log.debug(" Fetched  assetStream:{} ", assetStream);
         } catch (Exception ex) {
             log.error("Application Error while reading asset stream is - status:{}", ex.getMessage());
-            throwInternalServerException(APPLICATION_ERROR, ex.getMessage());
+            throwInternalServerException(APPLICATION_ERROR, ex);
         }
         return Response.status(Response.Status.OK).entity(assetStream).build();
     }
@@ -229,7 +229,7 @@ public Response uploadAsset(@MultipartForm AssetForm assetForm) throws Exception
             log.debug("Saved asset:{} ", asset);
         } catch (Exception ex) {
             log.error("Application Error while creating asset is - status:{}", ex.getMessage());
-            throwInternalServerException(APPLICATION_ERROR, ex.getMessage());
+            throwInternalServerException(APPLICATION_ERROR, ex);
         }
 
         log.info("Create IdentityProvider - asset:{}", asset);
@@ -289,7 +289,7 @@ public Response updateAsset(@MultipartForm AssetForm assetForm) throws Exception
             log.debug(" Updated asset:{} ", asset);
         } catch (Exception ex) {
             log.error("Application Error while updated asset is:{}", ex.getMessage());
-            throwInternalServerException(APPLICATION_ERROR, ex.getMessage());
+            throwInternalServerException(APPLICATION_ERROR, ex);
         }
 
         log.info("Updated asset:{}", asset);
@@ -320,7 +320,7 @@ public Response deleteAsset(
             if (ex instanceof NotFoundException) {
                 throwNotFoundException(NOT_FOUND_ERROR, ex.getMessage());
             }
-            throwInternalServerException(APPLICATION_ERROR, ex.getMessage());
+            throwInternalServerException(APPLICATION_ERROR, ex);
         }
         return Response.noContent().build();
 
diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AssetService.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AssetService.java
index 047671916e1..85ade12bf52 100644
--- a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AssetService.java
+++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AssetService.java
@@ -172,7 +172,7 @@ public Document saveAsset(Document asset, InputStream documentStream) throws Exc
         // Get final asset
         List<Document >assets = this.getAssetByName(asset.getDisplayName());
         if(assets==null) {
-            throw new WebApplicationException(" Error while saving asset");
+            throw new WebApplicationException(" Could not  save asset");
         }
         asset = assets.get(0);
         log.info("\n * Asset saved :{}", asset);
@@ -233,7 +233,7 @@ public InputStream readAssetStream(String assetName) throws Exception {
     }
 
     private Document updateAsset(Document asset, InputStream documentStream) throws Exception {
-        log.info("Update new asset - asset:{}, documentStream:{}", asset, documentStream);
+        log.info("Update an asset - asset:{}, documentStream:{}", asset, documentStream);
         if (asset == null) {
             throw new InvalidAttributeException(" Asset object is null!!!");
         }
diff --git a/jans-config-api/shared/src/main/java/io/jans/configapi/core/rest/BaseResource.java b/jans-config-api/shared/src/main/java/io/jans/configapi/core/rest/BaseResource.java
index a81f99fe99c..0555622108b 100644
--- a/jans-config-api/shared/src/main/java/io/jans/configapi/core/rest/BaseResource.java
+++ b/jans-config-api/shared/src/main/java/io/jans/configapi/core/rest/BaseResource.java
@@ -139,6 +139,13 @@ public static void throwInternalServerException(String msg) {
     public static void throwInternalServerException(String msg, String description) {
         throw new InternalServerErrorException(getInternalServerException(msg, description));
     }
+    
+    public static void throwInternalServerException(String msg, Throwable throwable) {
+        throwable = findRootError(throwable);
+        if (throwable != null) {
+            throw new InternalServerErrorException(getInternalServerException(msg, throwable.getMessage()));
+        }
+    }
 
     public static void throwInternalServerException(Throwable throwable) {
         throwable = findRootError(throwable);