Fix the X509 Authentication failure for secondary user store users.

LakshiAthapaththu commented 2 years ago

Issue description X509 Authentication is not working for secondary user store users. This happens because for isAccountLock[1] method domain prepended username is not passed.

Purpose Fix for the issue reported in https://github.com/wso2/product-is/issues/14028. Resolved by passing the domain prepended user name always to the method[1].

Further, a separate issue related to the isAccountDisabled[2] is resolved by this PR. If X509 authentication is set as the first factor, the function always returns false for the account disable check. This happens because the method gets user name from the authentication context and in the first step of authentication, the authenticated user is set as null at the point. Resolved by creating and passing the authenticated user object separately.

[1]https://github.com/wso2-extensions/identity-outbound-auth-x509/blob/f15633d6c6aa62761fc02ba43c83d8cc1a69d1b9/component/authenticator/src/main/java/org/wso2/carbon/identity/authenticator/x509Certificate/X509CertificateAuthenticator.java#L290

[2]https://github.com/wso2-extensions/identity-outbound-auth-x509/blob/f15633d6c6aa62761fc02ba43c83d8cc1a69d1b9/component/authenticator/src/main/java/org/wso2/carbon/identity/authenticator/x509Certificate/X509CertificateAuthenticator.java#L297