DCR tenant-wise configurations : Get and Patch endpoint implementation

components/org.wso2.carbon.identity.api.server.configs/org.wso2.carbon.identity.api.server.configs.common/pom.xml

@@ -62,6 +62,11 @@
             <artifactId>org.wso2.carbon.identity.oauth2.token.handler.clientauth.jwt</artifactId>
             <scope>compile</scope>
         </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon.identity.inbound.auth.oauth2</groupId>
+            <artifactId>org.wso2.carbon.identity.oauth.dcr</artifactId>
+            <scope>compile</scope>
+        </dependency>
         <dependency>
             <groupId>org.wso2.carbon.commons</groupId>
             <artifactId>org.wso2.carbon.logging.service</artifactId>

components/org.wso2.carbon.identity.api.server.configs/org.wso2.carbon.identity.api.server.configs.common/src/main/java/org/wso2/carbon/identity/api/server/configs/common/ConfigsServiceHolder.java

@@ -18,6 +18,7 @@
 
 import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
 import org.wso2.carbon.identity.cors.mgt.core.CORSManagementService;
+import org.wso2.carbon.identity.oauth.dcr.DCRConfigurationMgtService;
 import org.wso2.carbon.idp.mgt.IdentityProviderManager;
 import org.wso2.carbon.logging.service.RemoteLoggingConfigService;
 
@@ -32,6 +33,7 @@ public class ConfigsServiceHolder {
     private IdentityProviderManager identityProviderManager;
     private CORSManagementService corsManagementService;
     private RemoteLoggingConfigService remoteLoggingConfigService;
+    private DCRConfigurationMgtService dcrConfigurationMgtService;
 
     private ConfigsServiceHolder() {}
 
@@ -118,4 +120,23 @@ public void setRemoteLoggingConfigService(RemoteLoggingConfigService remoteLoggi
 
         ConfigsServiceHolder.getInstance().remoteLoggingConfigService = remoteLoggingConfigService;
     }
+
+    /**
+     * Get DCRConfigurationMgtService osgi service.
+     *
+     * @return DCRConfigurationMgtService
+     */
+    public DCRConfigurationMgtService getDcrConfigurationMgtService() {
+
+        return ConfigsServiceHolder.getInstance().dcrConfigurationMgtService;
+    }
+    /**
+     * Set DCRConfigurationMgtService osgi service.
+     *
+     * @param dcrConfigurationMgtService DCRConfigurationMgtService.
+     */
+    public void setDcrConfigurationMgtService(DCRConfigurationMgtService dcrConfigurationMgtService) {
+
+        ConfigsServiceHolder.getInstance().dcrConfigurationMgtService = dcrConfigurationMgtService;
+    }
 }

components/org.wso2.carbon.identity.api.server.configs/org.wso2.carbon.identity.api.server.configs.common/src/main/java/org/wso2/carbon/identity/api/server/configs/common/Constants.java

@@ -56,6 +56,14 @@ private Constants() {
      */
     public static final String PRIVATE_KEY_JWT_VALIDATION_CONFIG_TOKEN_REUSE = "/enableTokenReuse";
 
+    /**
+     * PATCH operation paths for DCR configuration.
+     */
+    public static final String DCR_CONFIG_ENABLE_FAPI_ENFORCEMENT = "/enableFapiEnforcement";
+    public static final String DCR_CONFIG_SSA_JWKS = "/ssaJwks";
+    public static final String DCR_CONFIG_AUTHENTICATION_REQUIRED = "/authenticationRequired";
+    public static final String DCR_CONFIG_MANDATE_SSA = "/mandateSSA";
+
     /**
      * SAML2 metadata endpoint uri path.
      */
@@ -125,7 +133,7 @@ public enum ErrorMessage {
                 "Unable to update remote logging  configs.",
                 "Server encountered an " +
                         "error while updating the remote logging configs."),
-        ERROR_CODE_ERROR_GETTING_REMOTE_LOGGING_CONFIGS("65008",
+        ERROR_CODE_ERROR_GETTING_REMOTE_LOGGING_CONFIGS("65017",
                 "Unable to get remote logging  configs.",
                 "Server encountered an " +
                         "error while getting the remote logging configs."),
@@ -142,6 +150,19 @@ public enum ErrorMessage {
                 "Resource not found.",
                 "Unable to find a resource matching the provided log type %s."),
 
+        /**
+         * DCR Configuration errors.
+         */
+
+        ERROR_CODE_DCR_CONFIG_RETRIEVE("60516",
+                "Unable to retrieve DCR configuration.",
+                "Server encountered an error while retrieving the " +
+                        "DCR configuration."),
+
+        ERROR_CODE_DCR_CONFIG_UPDATE("60517",
+                "Unable to update DCR configuration.",
+                "Server encountered an error while updating the DCR configuration."),
+
         /**
          * Inbound auth config error messages.
          */

components/org.wso2.carbon.identity.api.server.configs/org.wso2.carbon.identity.api.server.configs.common/src/main/java/org/wso2/carbon/identity/api/server/configs/common/factory/DCRMgtOGSiServiceFactory.java

@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.api.server.configs.common.factory;
+
+import org.springframework.beans.factory.config.AbstractFactoryBean;
+import org.wso2.carbon.context.PrivilegedCarbonContext;
+import org.wso2.carbon.identity.oauth.dcr.DCRConfigurationMgtService;
+
+/**
+ * Factory Beans serves as a factory for creating other beans within the IOC container. This factory bean is used to
+ * instantiate the DCRConfigurationMgtService type of object inside the container.
+ */
+public class DCRMgtOGSiServiceFactory extends AbstractFactoryBean<DCRConfigurationMgtService>  {
+
+    private DCRConfigurationMgtService dcrConfigurationMgtService;
+
+    @Override
+    public Class<?> getObjectType() {
+
+        return Object.class;
+    }
+
+    @Override
+    protected DCRConfigurationMgtService createInstance() throws Exception {
+
+        if (this.dcrConfigurationMgtService == null) {
+            DCRConfigurationMgtService taskOperationService = (DCRConfigurationMgtService) PrivilegedCarbonContext.
+                    getThreadLocalCarbonContext().getOSGiService(DCRConfigurationMgtService.class, null);
+            if (taskOperationService != null) {
+                this.dcrConfigurationMgtService = taskOperationService;
+            } else {
+                throw new Exception("Unable to retrieve DCRConfigurationMgtService service.");
+            }
+        }
+        return this.dcrConfigurationMgtService;
+    }
+}

components/org.wso2.carbon.identity.api.server.configs/org.wso2.carbon.identity.api.server.configs.v1/pom.xml

@@ -175,6 +175,11 @@
             <artifactId>org.wso2.carbon.identity.oauth2.token.handler.clientauth.jwt</artifactId>
             <scope>provided</scope>
         </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon.identity.inbound.auth.oauth2</groupId>
+            <artifactId>org.wso2.carbon.identity.oauth.dcr</artifactId>
+            <scope>provided</scope>
+        </dependency>
         <dependency>
             <groupId>org.wso2.carbon.commons</groupId>
             <artifactId>org.wso2.carbon.logging.service</artifactId>

components/org.wso2.carbon.identity.api.server.configs/org.wso2.carbon.identity.api.server.configs.v1/src/gen/java/org/wso2/carbon/identity/api/server/configs/v1/ConfigsApi.java

@@ -28,6 +28,8 @@
 import org.wso2.carbon.identity.api.server.configs.v1.model.AuthenticatorListItem;
 import org.wso2.carbon.identity.api.server.configs.v1.model.CORSConfig;
 import org.wso2.carbon.identity.api.server.configs.v1.model.CORSPatch;
+import org.wso2.carbon.identity.api.server.configs.v1.model.DCRConfig;
+import org.wso2.carbon.identity.api.server.configs.v1.model.DCRPatch;
 import org.wso2.carbon.identity.api.server.configs.v1.model.Error;
 import org.wso2.carbon.identity.api.server.configs.v1.model.InboundAuthPassiveSTSConfig;
 import org.wso2.carbon.identity.api.server.configs.v1.model.InboundAuthSAML2Config;
@@ -226,6 +228,30 @@ public Response getPrivatKeyJWTValidationConfiguration() {
         return delegate.getPrivatKeyJWTValidationConfiguration();
     }
 
+    @Valid
+    @GET
+    @Path("/dcr")
+
+    @Produces({ "application/json" })
+    @ApiOperation(value = "Retrieve the tenant dcr configuration.", notes = "Retrieve the tenant dcr configuration.", response = DCRConfig.class, authorizations = {
+            @Authorization(value = "BasicAuth"),
+            @Authorization(value = "OAuth2", scopes = {
+
+            })
+    }, tags={ "DCR Configurations", })
+    @ApiResponses(value = {
+            @ApiResponse(code = 200, message = "Successful Response", response = DCRConfig.class),
+            @ApiResponse(code = 400, message = "Bad Request", response = Error.class),
+            @ApiResponse(code = 401, message = "Unauthorized", response = Void.class),
+            @ApiResponse(code = 403, message = "Forbidden", response = Void.class),
+            @ApiResponse(code = 404, message = "Not Found", response = Error.class),
+            @ApiResponse(code = 500, message = "Server Error", response = Error.class)
+    })
+    public Response getDCRConfiguration() {
+
+        return delegate.getDCRConfiguration();
+    }
+
     @Valid
     @GET
     @Path("/remote-logging/{log-type}")
@@ -443,6 +469,30 @@ public Response patchPrivatKeyJWTValidationConfiguration(@ApiParam(value = "" ,r
         return delegate.patchPrivatKeyJWTValidationConfiguration(jwTKeyValidatorPatch );
     }
 
+    @Valid
+    @PATCH
+    @Path("/dcr")
+    @Consumes({ "application/json" })
+    @Produces({ "application/json" })
+    @ApiOperation(value = "Patch the tenant dcr configuration.", notes = "Patch the tenant dcr authentication configuration.  A JSONPatch as defined by RFC 6902.", response = Void.class, authorizations = {
+            @Authorization(value = "BasicAuth"),
+            @Authorization(value = "OAuth2", scopes = {
+
+            })
+    }, tags={ "DCR Configurations", })
+    @ApiResponses(value = {
+            @ApiResponse(code = 200, message = "Successful Response", response = Void.class),
+            @ApiResponse(code = 400, message = "Bad Request", response = Error.class),
+            @ApiResponse(code = 401, message = "Unauthorized", response = Void.class),
+            @ApiResponse(code = 403, message = "Forbidden", response = Void.class),
+            @ApiResponse(code = 404, message = "Not Found", response = Error.class),
+            @ApiResponse(code = 500, message = "Server Error", response = Error.class)
+    })
+    public Response patchDCRConfiguration(@ApiParam(value = "" ,required=true) @Valid List<DCRPatch> dcrPatch) {
+
+        return delegate.patchDCRConfiguration(dcrPatch );
+    }
+
     @Valid
     @DELETE
     @Path("/remote-logging/{log-type}")
@@ -526,7 +576,7 @@ public Response updateInboundScimConfigs(@ApiParam(value = "" ,required=true) @V
 
         })
     }, tags={ "Inbound Authentication Configurations", })
-    @ApiResponses(value = { 
+    @ApiResponses(value = {
         @ApiResponse(code = 200, message = "Successful response", response = Void.class),
         @ApiResponse(code = 400, message = "Bad request", response = Error.class),
         @ApiResponse(code = 401, message = "Unauthorized", response = Void.class),

components/org.wso2.carbon.identity.api.server.configs/org.wso2.carbon.identity.api.server.configs.v1/src/gen/java/org/wso2/carbon/identity/api/server/configs/v1/ConfigsApiService.java

@@ -59,6 +59,7 @@ public interface ConfigsApiService {
       public Response getPassiveSTSInboundAuthConfig();
 
       public Response getPrivatKeyJWTValidationConfiguration();
+      public Response getDCRConfiguration();
 
       public Response getRemoteLoggingConfig(String logType);
 
@@ -78,6 +79,8 @@ public interface ConfigsApiService {
 
       public Response patchPrivatKeyJWTValidationConfiguration(List<JWTKeyValidatorPatch> jwTKeyValidatorPatch);
 
+      public Response patchDCRConfiguration(List<DCRPatch> patch);
+
       public Response restoreServerRemoteLoggingConfiguration(String logType);
 
       public Response restoreServerRemoteLoggingConfigurations();