From 2b23c052faec97d3390f06086eec058f08b473b3 Mon Sep 17 00:00:00 2001 From: Sachin Rana Date: Thu, 30 Jan 2025 12:28:44 +0530 Subject: [PATCH] skip nonce check in local environment (#1148) Signed-off-by: Sachin Rana --- .../esignet/services/AuthorizationServiceImpl.java | 10 +++++++++- .../esignet/services/AuthorizationServiceTest.java | 6 ++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/oidc-service-impl/src/main/java/io/mosip/esignet/services/AuthorizationServiceImpl.java b/oidc-service-impl/src/main/java/io/mosip/esignet/services/AuthorizationServiceImpl.java index e4e8d34fb..615c38083 100644 --- a/oidc-service-impl/src/main/java/io/mosip/esignet/services/AuthorizationServiceImpl.java +++ b/oidc-service-impl/src/main/java/io/mosip/esignet/services/AuthorizationServiceImpl.java @@ -30,6 +30,7 @@ import org.apache.commons.collections.CollectionUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; +import org.springframework.core.env.Environment; import org.springframework.data.util.Pair; import org.springframework.stereotype.Service; @@ -103,6 +104,9 @@ public class AuthorizationServiceImpl implements AuthorizationService { @Value("${mosip.esignet.signup-id-token-audience}") private String signupIDTokenAudience; + @Autowired + private Environment environment; + @Override public OAuthDetailResponseV1 getOauthDetails(OAuthDetailRequest oauthDetailReqDto) throws EsignetException { @@ -507,11 +511,15 @@ private String getAuthTransactionId(String oidcTransactionId) { } private void validateNonce(String nonce) { - if(nonce == null || nonce.isBlank()) + if(isLocalEnvironment() || nonce == null || nonce.isBlank()) return; if(cacheUtilService.checkNonce(nonce.trim()) == 0L) throw new EsignetException(ErrorConstants.INVALID_REQUEST); } + private boolean isLocalEnvironment() { + return Arrays.stream(environment.getActiveProfiles()).anyMatch(env -> env.equalsIgnoreCase("local")); + } + } diff --git a/oidc-service-impl/src/test/java/io/mosip/esignet/services/AuthorizationServiceTest.java b/oidc-service-impl/src/test/java/io/mosip/esignet/services/AuthorizationServiceTest.java index 5f4ee6125..b609c146e 100644 --- a/oidc-service-impl/src/test/java/io/mosip/esignet/services/AuthorizationServiceTest.java +++ b/oidc-service-impl/src/test/java/io/mosip/esignet/services/AuthorizationServiceTest.java @@ -39,6 +39,7 @@ import org.mockito.Mockito; import org.mockito.MockitoAnnotations; import org.mockito.junit.MockitoJUnitRunner; +import org.springframework.core.env.Environment; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.test.util.ReflectionTestUtils; @@ -72,6 +73,9 @@ public class AuthorizationServiceTest { @Mock Authenticator authenticationWrapper; + @Mock + Environment environment; + @InjectMocks AuthorizationServiceImpl authorizationServiceImpl; @@ -124,6 +128,8 @@ public void setUp() { ReflectionTestUtils.setField(authorizationServiceImpl, "objectMapper", new ObjectMapper()); ReflectionTestUtils.setField(authorizationServiceImpl, "authorizationHelperService", authorizationHelperService); ReflectionTestUtils.setField(authorizationServiceImpl,"captchaRequired",Arrays.asList("bio","pwd")); + + when(environment.getActiveProfiles()).thenReturn(new String[]{"test"}); }