Unable to delete service providers via REST API if the SP has configured permissions

[AnuradhaSK]

Describe the issue: Unable to delete service providers via REST API if the SP has configured permissions. Refer: How to reproduce: section

{
    "code": "APP-65001",
    "message": "Error deleting application with id: 24d0948e-b47b-4427-a702-43baea4b2e19",
    "description": "Error while deleting permissions for application: SP",
    "traceId": "accdbb6c-9875-4ded-ab72-5b2ff4e4f578"
}

error in carbon log:

[2022-08-25 09:24:59,681] [accdbb6c-9875-4ded-ab72-5b2ff4e4f578] ERROR {org.wso2.carbon.identity.application.mgt.ApplicationManagementServiceImpl} - Application: 24d0948e-b47b-4427-a702-43baea4b2e19 in tenant: carbon.super might have partially deleted
[2022-08-25 09:24:59,708] [accdbb6c-9875-4ded-ab72-5b2ff4e4f578] ERROR {org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils} - errorCode: APP-65001 | message: Error while deleting permissions for application: SP org.wso2.carbon.identity.application.common.IdentityApplicationManagementException: Error while deleting permissions for application: SP
    at org.wso2.carbon.identity.application.mgt.ApplicationMgtUtil.deletePermissions(ApplicationMgtUtil.java:663)
    at org.wso2.carbon.identity.application.mgt.ApplicationManagementServiceImpl.deleteApplicationByResourceId(ApplicationManagementServiceImpl.java:2576)
    at org.wso2.carbon.identity.api.server.application.management.v1.core.ServerApplicationManagementService.deleteApplication(ServerApplicationManagementService.java:531)
    at org.wso2.carbon.identity.api.server.application.management.v1.impl.ApplicationsApiServiceImpl.deleteApplication(ApplicationsApiServiceImpl.java:104)
    at org.wso2.carbon.identity.api.server.application.management.v1.ApplicationsApi.deleteApplication(ApplicationsApi.java:161)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:179)
    at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)
    at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:201)
    at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:104)
    at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59)
    at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96)
    at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
    at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
    at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:265)
    at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)
    at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)
    at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)
    at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:225)
    at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:304)
    at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doDelete(AbstractHTTPServlet.java:228)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:687)
    at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:279)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
    at org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:119)
    at org.wso2.carbon.identity.context.rewrite.valve.OrganizationContextRewriteValve.invoke(OrganizationContextRewriteValve.java:116)
    at org.wso2.carbon.tomcat.ext.valves.SameSiteCookieValve.invoke(SameSiteCookieValve.java:38)
    at org.wso2.carbon.identity.cors.valve.CORSValve.invoke(CORSValve.java:89)
    at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:152)
    at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:135)
    at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:106)
    at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:49)
    at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:67)
    at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:152)
    at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:687)
    at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:63)
    at org.wso2.carbon.tomcat.ext.valves.RequestEncodingValve.invoke(RequestEncodingValve.java:49)
    at org.wso2.carbon.tomcat.ext.valves.RequestCorrelationIdValve.invoke(RequestCorrelationIdValve.java:137)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:359)
    at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399)
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:889)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1735)
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
    at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
    at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: org.wso2.carbon.registry.core.exceptions.RegistryException: Could not delete the remote resource. Could not check authorization. 
Caused by Error occurred while accessing Java Security Manager Privilege Block
    at org.wso2.carbon.registry.core.jdbc.handlers.builtin.MountHandler.delete(MountHandler.java:515)
    at org.wso2.carbon.registry.core.jdbc.handlers.HandlerManager.delete(HandlerManager.java:2629)
    at org.wso2.carbon.registry.core.jdbc.handlers.UserDefinedHandlerManager.delete(UserDefinedHandlerManager.java:214)
    at org.wso2.carbon.registry.core.jdbc.handlers.HandlerLifecycleManager.delete(HandlerLifecycleManager.java:443)
    at org.wso2.carbon.registry.core.jdbc.EmbeddedRegistry.delete(EmbeddedRegistry.java:851)
    at org.wso2.carbon.registry.core.caching.CacheBackedRegistry.delete(CacheBackedRegistry.java:601)
    at org.wso2.carbon.registry.core.session.UserRegistry.deleteInternal(UserRegistry.java:879)
    at org.wso2.carbon.registry.core.session.UserRegistry.access$1100(UserRegistry.java:73)
    at org.wso2.carbon.registry.core.session.UserRegistry$12.run(UserRegistry.java:854)
    at org.wso2.carbon.registry.core.session.UserRegistry$12.run(UserRegistry.java:851)
    at java.base/java.security.AccessController.doPrivileged(Native Method)
    at org.wso2.carbon.registry.core.session.UserRegistry.delete(UserRegistry.java:851)
    at org.wso2.carbon.identity.application.mgt.ApplicationMgtUtil.deletePermissions(ApplicationMgtUtil.java:636)
    ... 60 more
Caused by: org.wso2.carbon.registry.core.exceptions.RegistryException: Could not check authorization. 
Caused by Error occurred while accessing Java Security Manager Privilege Block
    at org.wso2.carbon.registry.core.utils.AuthorizationUtils.authorize(AuthorizationUtils.java:58)
    at org.wso2.carbon.registry.core.jdbc.Repository.get(Repository.java:189)
    at org.wso2.carbon.registry.core.jdbc.handlers.filters.MediaTypeMatcher.handleGet(MediaTypeMatcher.java:131)
    at org.wso2.carbon.registry.core.jdbc.handlers.HandlerManager.get(HandlerManager.java:2441)
    at org.wso2.carbon.registry.core.jdbc.handlers.HandlerLifecycleManager.get(HandlerLifecycleManager.java:911)
    at org.wso2.carbon.registry.core.jdbc.EmbeddedRegistry.get(EmbeddedRegistry.java:512)
    at org.wso2.carbon.identity.entitlement.policy.finder.registry.RegistryPolicyMediaTypeMatcher.handleDelete(RegistryPolicyMediaTypeMatcher.java:49)
    at org.wso2.carbon.registry.core.jdbc.handlers.HandlerManager.delete(HandlerManager.java:2624)
    at org.wso2.carbon.registry.core.jdbc.handlers.HandlerLifecycleManager.delete(HandlerLifecycleManager.java:447)
    at org.wso2.carbon.registry.core.jdbc.EmbeddedRegistry.delete(EmbeddedRegistry.java:851)
    at org.wso2.carbon.registry.core.session.UserRegistry.deleteInternal(UserRegistry.java:879)
    at org.wso2.carbon.registry.core.session.UserRegistry.access$1100(UserRegistry.java:73)
    at org.wso2.carbon.registry.core.session.UserRegistry$12.run(UserRegistry.java:854)
    at org.wso2.carbon.registry.core.session.UserRegistry$12.run(UserRegistry.java:851)
    at java.base/java.security.AccessController.doPrivileged(Native Method)
    at org.wso2.carbon.registry.core.session.UserRegistry.delete(UserRegistry.java:851)
    at org.wso2.carbon.registry.core.jdbc.handlers.builtin.MountHandler.delete(MountHandler.java:508)
    ... 72 more
Caused by: org.wso2.carbon.user.core.UserStoreException: Error occurred while accessing Java Security Manager Privilege Block
    at org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager.callSecure(JDBCAuthorizationManager.java:1530)
    at org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager.isUserAuthorized(JDBCAuthorizationManager.java:222)
    at org.wso2.carbon.registry.core.jdbc.realm.RegistryAuthorizationManager.isUserAuthorized(RegistryAuthorizationManager.java:200)
    at org.wso2.carbon.registry.core.utils.AuthorizationUtils.authorize(AuthorizationUtils.java:52)
    ... 88 more
Caused by: java.security.PrivilegedActionException: java.lang.reflect.InvocationTargetException
    at java.base/java.security.AccessController.doPrivileged(Native Method)
    at org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager.callSecure(JDBCAuthorizationManager.java:1515)
    ... 91 more
Caused by: java.lang.reflect.InvocationTargetException
    at jdk.internal.reflect.GeneratedMethodAccessor152.invoke(Unknown Source)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    at org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager$2.run(JDBCAuthorizationManager.java:1518)
    ... 93 more
Caused by: java.lang.NullPointerException
    at org.wso2.carbon.user.core.util.UserCoreUtil.extractDomainFromName(UserCoreUtil.java:885)
    at org.wso2.carbon.user.core.authorization.AuthorizationCache.isCaseSensitiveUsername(AuthorizationCache.java:328)
    at org.wso2.carbon.user.core.authorization.AuthorizationCache.isUserAuthorized(AuthorizationCache.java:150)
    at org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager.isUserAuthorized(JDBCAuthorizationManager.java:253)
    ... 97 more

How to reproduce:

1. Login in to https://localhost:9443/carbon/

2. Navigate to Main->Identity->Service Providers -> Add

3. Give a name and register

4. Go inside the created SP

5. Click Role/Permission Configuration -> Permissions -> +Add permission

6. List out applications using REST API and identify the app id

   curl --location --request GET 'https://localhost:9443/api/server/v1/applications' \
   --header 'Authorization: Basic YWRtaW46YWRtaW4='

7. try to delete the app using REST API (replace the app id)

   curl --location --request DELETE 'https://localhost:9443/api/server/v1/applications/24d0948e-b47b-4427-a702-43baea4b2e19' \
   --header 'Authorization: Basic YWRtaW46YWRtaW4='

8. Applciation deletion failed with the above mentioned error. It fails to delete the permissions stored in the registry

Expected behavior: Delete the configured permissions and delete the service provider successfully

Environment information (Please complete the following information; remove any unnecessary fields) :

• Product Version: IS-6.0.0
• OS: Linux
• Database: H2
• Userstore:JDBC

[rksk]

Might be related to https://github.com/wso2/product-is/issues/14892