[DSD-9789] Cherrypicked 5 commits

[KashiwalHarsh]

Summary by CodeRabbit

• New Features

  • Identity data now validated using JSON Schema for improved accuracy.
  • Master data service integration for dynamic field and document type handling in UI specifications.

• Refactor

  • Updated endpoint configuration approach with new identity-schema and ui-schema endpoints.
  • Domain-based configuration for improved environment flexibility.

• Bug Fixes

  • Corrected password handling alignment with updated identity repository version.

[coderabbitai]

Walkthrough

The PR refactors identity validation and UI specification handling across two plugins. Mock plugin replaces hardcoded field checks with JSON Schema validation, while the identity plugin switches from JSONPath-based parsing to JSON pointer-based fetching with master data integration, supported by domain-based configuration properties throughout.

Changes

Cohort / File(s)	Summary
Documentation README.md	Trailing whitespace formatting adjustment in License heading.
Mock Plugin Service mock-plugin/src/main/java/.../MockProfileRegistryPluginImpl.java	Replaces per-field required checks with cached JSON Schema validation. Adds identitySchemaEndpoint and uiSchemaEndpoint support; validates identity data against schema during validate() and adjusts createProfile to use identifierField instead of usernameField.
Mock Plugin Configuration mock-plugin/src/main/resources/application.properties	Replaces get-schema.endpoint, mandatory-attributes, and username.field properties with identity-schema.endpoint and ui-schema.endpoint references.
Mock Plugin Tests mock-plugin/src/test/java/.../MockProfileRegistryPluginImplTest.java	Introduces IDENTITY_SCHEMA test fixture; reworks mocks to simulate REST responses with ResponseWrapper structure; updates validation test cases to check error codes; adjusts identity field handling to use identifierField; expands test coverage for schema-based validation scenarios.
Identity Plugin Password Class mosip-identity-plugin/src/main/java/.../Password.java	Adds private field value for IDRepo 1.3.0 compatibility.
Identity Plugin Service mosip-identity-plugin/src/main/java/.../IdrepoProfileRegistryPluginImpl.java	Removes JsonPath-based schema parsing logic; introduces uiSpecUrl and uiSpecJsonPointer configuration for fetching UI spec via REST and locating spec via JSON pointer; adds fetchAllowedValuesFromMasterDataService() public method and supporting helpers for dynamic field/document category aggregation; updates Password constructor argument order; replaces legacy configuration fields.
Identity Plugin Configuration mosip-identity-plugin/src/main/resources/application.properties	Introduces domain-based properties (ida.auth.domain, ida.otp.domain, authmanager.domain, masterdata.domain, idrepo.domain, etc.) and refactors IDA, ID-repo, and signup endpoints to resolve via these domain properties instead of hardcoded URLs.
Identity Plugin Tests mosip-identity-plugin/src/test/java/.../IdrepoProfileRegistryPluginImplTest.java	Removes JsonPath field initializations; introduces uiSpecJsonPointer via reflection; renames and repurposes tests (generateAllowedValues → fetchAllowedValues_FromMasterDataService); reworks REST mocks to use exchange with ResponseWrapper; adds helper methods for endpoint response fabrication; updates UI spec validation expectations.

Sequence Diagrams

sequenceDiagram
    participant Client
    participant MockPlugin as Mock Plugin Service
    participant SchemaEndpoint as Identity Schema Endpoint
    participant Validator as JSON Schema Validator

    Client->>MockPlugin: validate(action, profileDto)
    MockPlugin->>MockPlugin: Check cached schema
    alt Schema not cached
        MockPlugin->>SchemaEndpoint: Fetch identity schema
        SchemaEndpoint-->>MockPlugin: Return schema
        MockPlugin->>MockPlugin: Cache schema
    end
    MockPlugin->>Validator: Load schema into validator
    MockPlugin->>Validator: Validate profileDto.identity
    Validator-->>MockPlugin: Return validation errors
    alt Has errors
        MockPlugin-->>Client: Throw InvalidProfileException
    else No errors
        MockPlugin-->>Client: Validation passed
    end

Loading

sequenceDiagram
    participant Client
    participant IdentityPlugin as Identity Plugin Service
    participant UISpecEndpoint as UI Spec Endpoint
    participant JSONPointer as JSON Pointer Parser
    participant MasterDataService as Master Data Service
    participant DynamicFields as Dynamic Fields Endpoint
    participant DocTypes as Doc Types Endpoint

    Client->>IdentityPlugin: getUISpecification()
    IdentityPlugin->>UISpecEndpoint: Fetch response via REST
    UISpecEndpoint-->>IdentityPlugin: Return full response
    IdentityPlugin->>JSONPointer: Extract spec using pointer
    JSONPointer-->>IdentityPlugin: Return located spec
    IdentityPlugin->>MasterDataService: fetchAllowedValuesFromMasterDataService()
    MasterDataService->>DynamicFields: Fetch paginated dynamic fields
    DynamicFields-->>MasterDataService: Return fields
    MasterDataService->>DocTypes: Fetch document types & categories
    DocTypes-->>MasterDataService: Return doc types
    MasterDataService-->>IdentityPlugin: Return aggregated values
    IdentityPlugin->>IdentityPlugin: Enrich spec with language, allowed values, maxUploadFileSize
    IdentityPlugin-->>Client: Return enriched UI spec

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~50 minutes

Possibly related PRs

• ES-2914 #190: Modifies IdrepoProfileRegistryPluginImpl with JSON pointer-based UI spec fetching and introduces fetchAllowedValuesFromMasterDataService method in the same class.

Suggested reviewers

• zesu22
• Prafulrakhade

---

🐰 Schemas dance where hardcoded fields once stood,
JSON pointers trace through mastery's wood,
Where REST calls fetch what domains provide,
Identity flows with validated pride! ✨

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 9.38% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check	❓ Inconclusive	The title 'Cherrypicked 5 commits' is vague and generic, providing no meaningful information about what changes were actually made or why.	Replace with a specific title that describes the main changes, such as 'Replace schema validation with JSON Schema and refactor UI specification handling'.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

mock-plugin/src/test/java/io/mosip/signup/plugin/mock/service/MockProfileRegistryPluginImplTest.java (1)

303-316: ⚠️ Potential issue | 🟠 Major

Make this negative-path test fail when no exception is thrown.

Without an Assert.fail(...) here, the test passes even if the identifier mismatch check regresses and createProfile() returns normally.

Suggested patch

-        try{
-            mockProfileRegistryPlugin.createProfile("requestId", profileDto);
-        }catch (ProfileException e){
-            Assert.assertEquals(ErrorConstants.IDENTIFIER_MISMATCH,e.getMessage());
-        }
+        try {
+            mockProfileRegistryPlugin.createProfile("requestId", profileDto);
+            Assert.fail("Expected InvalidProfileException");
+        } catch (InvalidProfileException e) {
+            Assert.assertEquals(ErrorConstants.IDENTIFIER_MISMATCH, e.getMessage());
+        }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@mock-plugin/src/test/java/io/mosip/signup/plugin/mock/service/MockProfileRegistryPluginImplTest.java`
around lines 303 - 316, The test
createProfile_withInValidRequestAndProfileDto_thenFail in
MockProfileRegistryPluginImplTest currently swallows the case where no exception
is thrown; after invoking mockProfileRegistryPlugin.createProfile("requestId",
profileDto) inside the try block, add an assertion to fail the test (e.g.,
Assert.fail("Expected ProfileException for identifier mismatch")) so the test
fails if createProfile(...) returns normally; keep the existing catch verifying
ErrorConstants.IDENTIFIER_MISMATCH in the ProfileException.

🧹 Nitpick comments (6)

mosip-identity-plugin/src/main/resources/application.properties (1)

58-63: Consider externalizing fixed schema/domain literals for masterdata URLs.

Line 58 and Line 63 still hardcode esignet-signup and languages=eng. Making them configurable would improve portability across deployments/tenants.

♻️ Proposed refactor

+# Masterdata UI/domain configuration
+mosip.signup.mosipid.ui-spec.domain-name=${MOSIP_SIGNUP_UI_SPEC_DOMAIN:esignet-signup}
+mosip.signup.mosipid.default-language=${MOSIP_SIGNUP_DEFAULT_LANGUAGE:eng}
+
-mosip.signup.mosipid.get-ui-spec.endpoint=${mosip.esignet.masterdata.domain}/v1/masterdata/uispec/esignet-signup/latest?type=schema
+mosip.signup.mosipid.get-ui-spec.endpoint=${mosip.esignet.masterdata.domain}/v1/masterdata/uispec/${mosip.signup.mosipid.ui-spec.domain-name}/latest?type=schema
...
-mosip.signup.mosipid.doc-types-category.endpoint=${mosip.esignet.masterdata.domain}/v1/masterdata/applicanttype/000/languages?languages=eng
+mosip.signup.mosipid.doc-types-category.endpoint=${mosip.esignet.masterdata.domain}/v1/masterdata/applicanttype/000/languages?languages=${mosip.signup.mosipid.default-language}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@mosip-identity-plugin/src/main/resources/application.properties` around lines
58 - 63, The properties mosip.signup.mosipid.get-ui-spec.endpoint and
mosip.signup.mosipid.doc-types-category.endpoint currently embed fixed literals
("esignet-signup" and "languages=eng"); make those parts configurable by
introducing new properties (e.g., mosip.esignet.uiSpec.path and
mosip.esignet.docTypes.languages or similar) and reference them via placeholders
in the endpoint values so deployments/tenants can override the UI spec path and
language list without changing the URL line; update any code/config consumers
that build these endpoints to use the new properties (keep the existing property
keys to minimize changes but replace hardcoded segments with the new
placeholders).

mosip-identity-plugin/src/main/java/io/mosip/signup/plugin/mosipid/service/IdrepoProfileRegistryPluginImpl.java (1)

689-737: Remove unused variable totalItems.

The variable totalItems is declared on line 693 but never used in the method, making it dead code.

🧹 Proposed fix

     private void fetchAndProcessDynamicFields(ObjectNode result) {
         int pageNumber = 0;
         int pageSize = 10;
         int totalPages = 1;
-        int totalItems = 0;
 
         while (pageNumber < totalPages) {

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@mosip-identity-plugin/src/main/java/io/mosip/signup/plugin/mosipid/service/IdrepoProfileRegistryPluginImpl.java`
around lines 689 - 737, Remove the dead local variable totalItems from the
method fetchAndProcessDynamicFields: delete the declaration "int totalItems =
0;" since it is never read or used; ensure no other references to totalItems
exist in fetchAndProcessDynamicFields so the method compiles cleanly (no other
behavioral changes required).

mosip-identity-plugin/src/test/java/io/mosip/signup/plugin/mosipid/service/IdrepoProfileRegistryPluginImplTest.java (3)

74-74: dynamicFieldsBaseUrl test value lacks pagination placeholders.

The production code in buildDynamicFieldsUrl() uses String.format(dynamicFieldsBaseUrl, pageNumber, pageSize), which expects the URL to contain %d placeholders. The test sets dynamicFieldsBaseUrl to "http://mock/api/dynamicFields" without placeholders, which will cause String.format to return the URL unchanged (no parameters interpolated). While this happens to work because Mockito.contains("dynamic") is used for matching, it doesn't accurately test the production behavior.

🔧 Proposed fix

-        ReflectionTestUtils.setField(idrepoProfileRegistryPlugin, "dynamicFieldsBaseUrl","http://mock/api/dynamicFields");
+        ReflectionTestUtils.setField(idrepoProfileRegistryPlugin, "dynamicFieldsBaseUrl","http://mock/api/dynamicFields?pageNumber=%d&pageSize=%d");

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@mosip-identity-plugin/src/test/java/io/mosip/signup/plugin/mosipid/service/IdrepoProfileRegistryPluginImplTest.java`
at line 74, The test sets dynamicFieldsBaseUrl without pagination placeholders
so buildDynamicFieldsUrl (which calls String.format(dynamicFieldsBaseUrl,
pageNumber, pageSize)) isn't exercised correctly; update the test to set
dynamicFieldsBaseUrl to a format string containing two %d placeholders (e.g.,
"http://mock/api/dynamicFields?page=%d&size=%d") via
ReflectionTestUtils.setField on idrepoProfileRegistryPlugin, then assert or
match the final URL produced by buildDynamicFieldsUrl (or interactions that use
it) to include the interpolated pageNumber and pageSize values instead of
relying on a generic Mockito.contains("dynamic") match.

---

590-619: Test name is misleading.

The test fetchAllowedValues_FromMasterDataService_withInactiveDynamicField_thenFail doesn't test a failure scenario—it verifies that inactive dynamic fields are correctly filtered out, resulting in an empty result. Consider renaming to better reflect the actual behavior being tested.

📝 Suggested name

-    public void fetchAllowedValues_FromMasterDataService_withInactiveDynamicField_thenFail() {
+    public void fetchAllowedValues_FromMasterDataService_withInactiveDynamicField_thenExcluded() {

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@mosip-identity-plugin/src/test/java/io/mosip/signup/plugin/mosipid/service/IdrepoProfileRegistryPluginImplTest.java`
around lines 590 - 619, Rename the test method
fetchAllowedValues_FromMasterDataService_withInactiveDynamicField_thenFail in
IdrepoProfileRegistryPluginImplTest to a name that reflects the expected
behavior (for example
fetchAllowedValues_FromMasterDataService_withInactiveDynamicField_returnsEmptyResult
or fetchAllowedValues_filtersOutInactiveDynamicFields_andReturnsEmpty), and
update any references or test annotations accordingly so the test name
accurately describes that inactive dynamic fields are filtered out and an empty
JsonNode is returned.

---

622-672: Test name is misleading (same issue).

Similar to the previous test, this test verifies filtering behavior rather than a failure. Consider renaming for clarity.

📝 Suggested name

-    public void fetchAllowedValues_FromMasterDataService_withInactiveDocumentTypesAndCategories_thenFail() {
+    public void fetchAllowedValues_FromMasterDataService_withInactiveDocumentTypesAndCategories_thenExcluded() {

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@mosip-identity-plugin/src/test/java/io/mosip/signup/plugin/mosipid/service/IdrepoProfileRegistryPluginImplTest.java`
around lines 622 - 672, The test method
fetchAllowedValues_FromMasterDataService_withInactiveDocumentTypesAndCategories_thenFail
is misnamed because it asserts filtering behavior (returns empty result) rather
than a failure; rename the test to something like
fetchAllowedValues_FromMasterDataService_withOnlyInactiveDocumentTypesAndCategories_returnsEmpty
or fetchAllowedValues_FromMasterDataService_filtersOutInactiveAndReturnsEmpty,
update the test method name accordingly and any references (e.g., in IDE/run
configurations) so it clearly describes that
idrepoProfileRegistryPlugin.fetchAllowedValuesFromMasterDataService is expected
to filter out inactive entries and produce an empty JsonNode in this scenario.

mock-plugin/src/main/java/io/mosip/signup/plugin/mock/service/MockProfileRegistryPluginImpl.java (1)

16-19: Add an explicit com.networknt dependency to avoid transitive dependency fragility.

This class directly uses JsonSchema, JsonSchemaFactory, SpecVersion, and ValidationMessage from com.networknt.schema (lines 16–19, 92–103), but the pom.xml does not declare an explicit dependency. These types are arriving transitively from one of the provided dependencies (signup-integration-api or esignet-integration-api). Adding an explicit json-schema-validator dependency makes the module more maintainable and resilient to upstream dependency-graph changes.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@mock-plugin/src/main/java/io/mosip/signup/plugin/mock/service/MockProfileRegistryPluginImpl.java`
around lines 16 - 19, The module is relying on com.networknt.schema types
transitively—add an explicit dependency to the module's pom.xml for
com.networknt:json-schema-validator (pin to a compatible version used by the
project) so JsonSchema, JsonSchemaFactory, SpecVersion and ValidationMessage
used in MockProfileRegistryPluginImpl are provided directly; update the module
pom to include that dependency (or a managed version in the parent) and run mvn
-U dependency:tree to verify the artifact is present and no longer coming only
transitively.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In
`@mock-plugin/src/main/java/io/mosip/signup/plugin/mock/service/MockProfileRegistryPluginImpl.java`:
- Around line 97-109: Validate the incoming action against ACTIONS before any
schema lazy-loading to avoid hitting identitySchemaEndpoint on invalid requests:
move the ACTIONS.contains(action) check (currently logging error and throwing
InvalidProfileException with ErrorConstants.INVALID_ACTION) to occur before the
synchronized block that initializes schema (which calls
request(identitySchemaEndpoint, HttpMethod.GET, ...) and
JsonSchemaFactory.getSchema). Keep the existing error log and throw behavior but
perform it prior to any calls to request(...) or schema initialization.

---

Outside diff comments:
In
`@mock-plugin/src/test/java/io/mosip/signup/plugin/mock/service/MockProfileRegistryPluginImplTest.java`:
- Around line 303-316: The test
createProfile_withInValidRequestAndProfileDto_thenFail in
MockProfileRegistryPluginImplTest currently swallows the case where no exception
is thrown; after invoking mockProfileRegistryPlugin.createProfile("requestId",
profileDto) inside the try block, add an assertion to fail the test (e.g.,
Assert.fail("Expected ProfileException for identifier mismatch")) so the test
fails if createProfile(...) returns normally; keep the existing catch verifying
ErrorConstants.IDENTIFIER_MISMATCH in the ProfileException.

---

Nitpick comments:
In
`@mock-plugin/src/main/java/io/mosip/signup/plugin/mock/service/MockProfileRegistryPluginImpl.java`:
- Around line 16-19: The module is relying on com.networknt.schema types
transitively—add an explicit dependency to the module's pom.xml for
com.networknt:json-schema-validator (pin to a compatible version used by the
project) so JsonSchema, JsonSchemaFactory, SpecVersion and ValidationMessage
used in MockProfileRegistryPluginImpl are provided directly; update the module
pom to include that dependency (or a managed version in the parent) and run mvn
-U dependency:tree to verify the artifact is present and no longer coming only
transitively.

In
`@mosip-identity-plugin/src/main/java/io/mosip/signup/plugin/mosipid/service/IdrepoProfileRegistryPluginImpl.java`:
- Around line 689-737: Remove the dead local variable totalItems from the method
fetchAndProcessDynamicFields: delete the declaration "int totalItems = 0;" since
it is never read or used; ensure no other references to totalItems exist in
fetchAndProcessDynamicFields so the method compiles cleanly (no other behavioral
changes required).

In `@mosip-identity-plugin/src/main/resources/application.properties`:
- Around line 58-63: The properties mosip.signup.mosipid.get-ui-spec.endpoint
and mosip.signup.mosipid.doc-types-category.endpoint currently embed fixed
literals ("esignet-signup" and "languages=eng"); make those parts configurable
by introducing new properties (e.g., mosip.esignet.uiSpec.path and
mosip.esignet.docTypes.languages or similar) and reference them via placeholders
in the endpoint values so deployments/tenants can override the UI spec path and
language list without changing the URL line; update any code/config consumers
that build these endpoints to use the new properties (keep the existing property
keys to minimize changes but replace hardcoded segments with the new
placeholders).

In
`@mosip-identity-plugin/src/test/java/io/mosip/signup/plugin/mosipid/service/IdrepoProfileRegistryPluginImplTest.java`:
- Line 74: The test sets dynamicFieldsBaseUrl without pagination placeholders so
buildDynamicFieldsUrl (which calls String.format(dynamicFieldsBaseUrl,
pageNumber, pageSize)) isn't exercised correctly; update the test to set
dynamicFieldsBaseUrl to a format string containing two %d placeholders (e.g.,
"http://mock/api/dynamicFields?page=%d&size=%d") via
ReflectionTestUtils.setField on idrepoProfileRegistryPlugin, then assert or
match the final URL produced by buildDynamicFieldsUrl (or interactions that use
it) to include the interpolated pageNumber and pageSize values instead of
relying on a generic Mockito.contains("dynamic") match.
- Around line 590-619: Rename the test method
fetchAllowedValues_FromMasterDataService_withInactiveDynamicField_thenFail in
IdrepoProfileRegistryPluginImplTest to a name that reflects the expected
behavior (for example
fetchAllowedValues_FromMasterDataService_withInactiveDynamicField_returnsEmptyResult
or fetchAllowedValues_filtersOutInactiveDynamicFields_andReturnsEmpty), and
update any references or test annotations accordingly so the test name
accurately describes that inactive dynamic fields are filtered out and an empty
JsonNode is returned.
- Around line 622-672: The test method
fetchAllowedValues_FromMasterDataService_withInactiveDocumentTypesAndCategories_thenFail
is misnamed because it asserts filtering behavior (returns empty result) rather
than a failure; rename the test to something like
fetchAllowedValues_FromMasterDataService_withOnlyInactiveDocumentTypesAndCategories_returnsEmpty
or fetchAllowedValues_FromMasterDataService_filtersOutInactiveAndReturnsEmpty,
update the test method name accordingly and any references (e.g., in IDE/run
configurations) so it clearly describes that
idrepoProfileRegistryPlugin.fetchAllowedValuesFromMasterDataService is expected
to filter out inactive entries and produce an empty JsonNode in this scenario.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: d1d421f3-7304-4e97-9b5a-ce3ad056e20f

📥 Commits

Reviewing files that changed from the base of the PR and between f698d66 and ce4af1f.

📒 Files selected for processing (8)

• README.md
• mock-plugin/src/main/java/io/mosip/signup/plugin/mock/service/MockProfileRegistryPluginImpl.java
• mock-plugin/src/main/resources/application.properties
• mock-plugin/src/test/java/io/mosip/signup/plugin/mock/service/MockProfileRegistryPluginImplTest.java
• mosip-identity-plugin/src/main/java/io/mosip/signup/plugin/mosipid/dto/Password.java
• mosip-identity-plugin/src/main/java/io/mosip/signup/plugin/mosipid/service/IdrepoProfileRegistryPluginImpl.java
• mosip-identity-plugin/src/main/resources/application.properties
• mosip-identity-plugin/src/test/java/io/mosip/signup/plugin/mosipid/service/IdrepoProfileRegistryPluginImplTest.java