Fix issue in DCR Additional attribute filter not working as OSGI

components/org.wso2.carbon.identity.oauth.dcr/pom.xml

@@ -180,8 +180,10 @@
                         </Import-Package>
                         <Export-Package>
                             !org.wso2.carbon.identity.oauth.dcr.internal,
-                            org.wso2.carbon.identity.oauth.dcr.*;version="${identity.inbound.auth.oauth.exp.pkg.version}"
+                            org.wso2.carbon.identity.oauth.dcr.*;version="${identity.inbound.auth.oauth.exp.pkg.version}",
+                            org.wso2.carbon.identity.oauth.dcr.handler.*;version="${identity.inbound.auth.oauth.exp.pkg.version}"
                         </Export-Package>
+                        <DynamicImport-Package>*</DynamicImport-Package>
                     </instructions>
                 </configuration>
             </plugin>

components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/internal/DCRDataHolder.java

@@ -20,6 +20,7 @@
 
 import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
 import org.wso2.carbon.identity.configuration.mgt.core.ConfigurationManager;
+import org.wso2.carbon.identity.oauth.dcr.handler.AdditionalAttributeFilter;
 import org.wso2.carbon.identity.oauth.dcr.handler.RegistrationHandler;
 import org.wso2.carbon.identity.oauth.dcr.handler.UnRegistrationHandler;
 import org.wso2.carbon.identity.oauth2.token.bindings.TokenBinder;
@@ -41,6 +42,7 @@ public class DCRDataHolder {
     private List<RegistrationHandler> registrationHandlerList = new ArrayList<>();
     private List<UnRegistrationHandler> unRegistrationHandlerList = new ArrayList<>();
     private List<TokenBinder> tokenBinders = new ArrayList<>();
+    private AdditionalAttributeFilter additionalAttributeFilter = null;
     private ConfigurationManager configurationManager;
     private OrganizationManager organizationManager;
 
@@ -122,4 +124,14 @@ public void setOrganizationManager(OrganizationManager organizationManager) {
 
         this.organizationManager = organizationManager;
     }
+
+    public AdditionalAttributeFilter getAdditionalAttributeFilter() {
+
+        return additionalAttributeFilter;
+    }
+
+    public void setAdditionalAttributeFilter(AdditionalAttributeFilter additionalAttributeFilter) {
+
+        this.additionalAttributeFilter = additionalAttributeFilter;
+    }
 }

components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/internal/DCRServiceComponent.java

@@ -30,13 +30,16 @@
 import org.wso2.carbon.identity.application.authentication.framework.inbound.IdentityProcessor;
 import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
 import org.wso2.carbon.identity.configuration.mgt.core.ConfigurationManager;
+import org.wso2.carbon.identity.core.util.IdentityUtil;
+import org.wso2.carbon.identity.oauth.common.OAuthConstants;
 import org.wso2.carbon.identity.oauth.common.token.bindings.TokenBinderInfo;
 import org.wso2.carbon.identity.oauth.dcr.DCRConfigurationMgtService;
 import org.wso2.carbon.identity.oauth.dcr.DCRConfigurationMgtServiceImpl;
 import org.wso2.carbon.identity.oauth.dcr.factory.HttpRegistrationResponseFactory;
 import org.wso2.carbon.identity.oauth.dcr.factory.HttpUnregistrationResponseFactory;
 import org.wso2.carbon.identity.oauth.dcr.factory.RegistrationRequestFactory;
 import org.wso2.carbon.identity.oauth.dcr.factory.UnregistrationRequestFactory;
+import org.wso2.carbon.identity.oauth.dcr.handler.AdditionalAttributeFilter;
 import org.wso2.carbon.identity.oauth.dcr.handler.RegistrationHandler;
 import org.wso2.carbon.identity.oauth.dcr.handler.UnRegistrationHandler;
 import org.wso2.carbon.identity.oauth.dcr.processor.DCRProcessor;
@@ -85,6 +88,17 @@ protected void activate(ComponentContext componentContext) {
                     new DCRMService(), null);
             componentContext.getBundleContext().registerService(DCRConfigurationMgtService.class.getName(),
                     new DCRConfigurationMgtServiceImpl(), null);
+
+            String attributeFilterName = IdentityUtil.getProperty(OAuthConstants.ADDITIONAL_ATTRIBUTE_FILTER);
+            if (attributeFilterName != null) {
+                Class<?> clazz = Thread.currentThread().getContextClassLoader()
+                        .loadClass(attributeFilterName);
+                Object attributeFilter = clazz.newInstance();
+                if (attributeFilter instanceof AdditionalAttributeFilter) {
+                    DCRDataHolder.getInstance()
+                            .setAdditionalAttributeFilter((AdditionalAttributeFilter) attributeFilter);
+                }
+            }
         } catch (Throwable e) {
             log.error("Error occurred while activating DCRServiceComponent", e);
         }

components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java

@@ -27,7 +27,6 @@
 import org.wso2.carbon.context.CarbonContext;
 import org.wso2.carbon.context.PrivilegedCarbonContext;
 import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
-import org.wso2.carbon.identity.application.common.IdentityApplicationManagementValidationException;
 import org.wso2.carbon.identity.application.common.model.AssociatedRolesConfig;
 import org.wso2.carbon.identity.application.common.model.InboundAuthenticationConfig;
 import org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig;
@@ -41,7 +40,6 @@
 import org.wso2.carbon.identity.oauth.IdentityOAuthAdminException;
 import org.wso2.carbon.identity.oauth.IdentityOAuthClientException;
 import org.wso2.carbon.identity.oauth.OAuthAdminService;
-import org.wso2.carbon.identity.oauth.common.OAuth2ErrorCodes;
 import org.wso2.carbon.identity.oauth.common.OAuthConstants;
 import org.wso2.carbon.identity.oauth.common.exception.InvalidOAuthClientException;
 import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration;
@@ -67,7 +65,6 @@
 import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementException;
 import org.wso2.carbon.user.api.UserStoreException;
 
-import java.lang.reflect.InvocationTargetException;
 import java.text.ParseException;
 import java.util.ArrayList;
 import java.util.Arrays;
@@ -120,18 +117,8 @@ public Application getApplication(String clientId) throws DCRMException {
         Application application = buildResponse(consumerAppDTO, tenantDomain);
         application.setExtAllowedAudience(serviceProvider.getAssociatedRolesConfig().getAllowedAudience());
 
-        String attributeFilterName = IdentityUtil.getProperty(OAuthConstants.ADDITIONAL_ATTRIBUTE_FILTER);
-        if (StringUtils.isNotBlank(attributeFilterName)) {
-            AdditionalAttributeFilter attributeHandler;
-            try {
-                attributeHandler = (AdditionalAttributeFilter)
-                        Class.forName(attributeFilterName).getDeclaredConstructor().newInstance();
-            } catch (ClassNotFoundException | NoSuchMethodException | InstantiationException |
-                     IllegalAccessException | InvocationTargetException e) {
-                log.error("Configured DCR additional attribute handler cannot be loaded");
-                throw new DCRMServerException(OAuth2ErrorCodes.SERVER_ERROR,
-                        DCRMConstants.ErrorMessages.ADDITIONAL_ATTRIBUTE_ERROR.getMessage(), e);
-            }
+        AdditionalAttributeFilter attributeHandler = DCRDataHolder.getInstance().getAdditionalAttributeFilter();
+        if (attributeHandler != null) {
             List<String> responseAttributes = attributeHandler.getResponseAttributeKeys();
             Map<String, String> storedAttributes = Arrays.stream(serviceProvider.getSpProperties())
                     .filter(entry -> responseAttributes.contains(entry.getName()))
@@ -285,17 +272,8 @@ public Application updateApplication(ApplicationUpdateRequest updateRequest, Str
             }
 
             //Validating and filtering additional attributes via extension
-            String attributeFilterName = IdentityUtil.getProperty(OAuthConstants.ADDITIONAL_ATTRIBUTE_FILTER);
-            if (StringUtils.isNotBlank(attributeFilterName)) {
-                try {
-                    attributeHandler = (AdditionalAttributeFilter)
-                            Class.forName(attributeFilterName).getDeclaredConstructor().newInstance();
-                } catch (ClassNotFoundException | NoSuchMethodException | InstantiationException |
-                         IllegalAccessException | InvocationTargetException e) {
-                    log.error("Configured DCR additional attribute handler cannot be loaded");
-                    throw new DCRMServerException(OAuth2ErrorCodes.SERVER_ERROR,
-                            DCRMConstants.ErrorMessages.ADDITIONAL_ATTRIBUTE_ERROR.getMessage(), e);
-                }
+            attributeHandler = DCRDataHolder.getInstance().getAdditionalAttributeFilter();
+            if (attributeHandler != null) {
                 if (ssaClaims != null || !updateRequest.getAdditionalAttributes().isEmpty()) {
                     processedAttributes = attributeHandler.filterDCRUpdateAttributes(updateRequest, ssaClaims,
                             sp.getSpProperties());
@@ -595,20 +573,11 @@ private Application createOAuthApplication(ApplicationRegistrationRequest regist
 
         ServiceProvider serviceProvider;
         Map<String, Object> processedAttributes = null;
-        AdditionalAttributeFilter attributeHandler = null;
 
         //Validating and filtering additional attributes via extension
-        String attributeFilterName = IdentityUtil.getProperty(OAuthConstants.ADDITIONAL_ATTRIBUTE_FILTER);
-        if (StringUtils.isNotBlank(attributeFilterName)) {
-            try {
-                attributeHandler = (AdditionalAttributeFilter)
-                        Class.forName(attributeFilterName).getDeclaredConstructor().newInstance();
-            } catch (ClassNotFoundException | NoSuchMethodException | InstantiationException | IllegalAccessException |
-                     InvocationTargetException e) {
-                log.error("Configured DCR additional attribute handler cannot be loaded");
-                throw new DCRMServerException(OAuth2ErrorCodes.SERVER_ERROR,
-                                        DCRMConstants.ErrorMessages.ADDITIONAL_ATTRIBUTE_ERROR.getMessage(), e);
-            }
+        AdditionalAttributeFilter attributeHandler = DCRDataHolder.getInstance().getAdditionalAttributeFilter();
+        if (attributeHandler != null) {
+
             if (ssaClaims != null || !registrationRequest.getAdditionalAttributes().isEmpty()) {
                 processedAttributes = attributeHandler.filterDCRRegisterAttributes(registrationRequest, ssaClaims);
             }
@@ -978,9 +947,6 @@ private void updateServiceProvider(ServiceProvider serviceProvider, String tenan
         try {
             DCRDataHolder.getInstance().getApplicationManagementService()
                     .updateApplication(serviceProvider, tenantDomain, userName);
-        } catch (IdentityApplicationManagementValidationException e) {
-            throw DCRMUtils.generateClientException(DCRMConstants.ErrorMessages.BAD_REQUEST_INVALID_SP_INPUT,
-                    serviceProvider.getApplicationName());
         } catch (IdentityApplicationManagementException e) {
             throw DCRMUtils.generateServerException(
                     DCRMConstants.ErrorMessages.FAILED_TO_UPDATE_SP, serviceProvider.getApplicationName(), e);