skip nonce check in local environment (#1148)

Signed-off-by: Sachin Rana <[email protected]>
mosip · Jan 30, 2025 · 2b23c05 · 2b23c05
1 parent 87372bd
commit 2b23c05
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 1 deletion.
diff --git a/oidc-service-impl/src/main/java/io/mosip/esignet/services/AuthorizationServiceImpl.java b/oidc-service-impl/src/main/java/io/mosip/esignet/services/AuthorizationServiceImpl.java
@@ -30,6 +30,7 @@
 import org.apache.commons.collections.CollectionUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.core.env.Environment;
 import org.springframework.data.util.Pair;
 import org.springframework.stereotype.Service;
 
@@ -103,6 +104,9 @@ public class AuthorizationServiceImpl implements AuthorizationService {
     @Value("${mosip.esignet.signup-id-token-audience}")
     private String signupIDTokenAudience;
 
+    @Autowired
+    private Environment environment;
+
 
     @Override
     public OAuthDetailResponseV1 getOauthDetails(OAuthDetailRequest oauthDetailReqDto) throws EsignetException {
@@ -507,11 +511,15 @@ private String getAuthTransactionId(String oidcTransactionId) {
     }
 
     private void validateNonce(String nonce) {
-        if(nonce == null || nonce.isBlank())
+        if(isLocalEnvironment() || nonce == null || nonce.isBlank())
             return;
 
         if(cacheUtilService.checkNonce(nonce.trim()) == 0L)
             throw new EsignetException(ErrorConstants.INVALID_REQUEST);
     }
 
+    private boolean isLocalEnvironment() {
+        return Arrays.stream(environment.getActiveProfiles()).anyMatch(env -> env.equalsIgnoreCase("local"));
+    }
+
 }
diff --git a/oidc-service-impl/src/test/java/io/mosip/esignet/services/AuthorizationServiceTest.java b/oidc-service-impl/src/test/java/io/mosip/esignet/services/AuthorizationServiceTest.java
@@ -39,6 +39,7 @@
 import org.mockito.Mockito;
 import org.mockito.MockitoAnnotations;
 import org.mockito.junit.MockitoJUnitRunner;
+import org.springframework.core.env.Environment;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.test.util.ReflectionTestUtils;
 
@@ -72,6 +73,9 @@ public class AuthorizationServiceTest {
     @Mock
     Authenticator authenticationWrapper;
 
+    @Mock
+    Environment environment;
+
     @InjectMocks
     AuthorizationServiceImpl authorizationServiceImpl;
 
@@ -124,6 +128,8 @@ public void setUp() {
         ReflectionTestUtils.setField(authorizationServiceImpl, "objectMapper", new ObjectMapper());
         ReflectionTestUtils.setField(authorizationServiceImpl, "authorizationHelperService", authorizationHelperService);
         ReflectionTestUtils.setField(authorizationServiceImpl,"captchaRequired",Arrays.asList("bio","pwd"));
+
+        when(environment.getActiveProfiles()).thenReturn(new String[]{"test"});
     }