Open rksk opened 1 year ago
Closing due to not being reproducible
This will be impacted for users who are using UserStoreBasedIdentityDataStore
as below.
toml
[event.default_listener.governance_identity_store]
data_store = "org.wso2.carbon.identity.governance.store.UserStoreBasedIdentityDataStore"
OR identity.xml
<EventListener id="governance_identity_store"
type="org.wso2.carbon.user.core.listener.UserOperationEventListener"
name="org.wso2.carbon.identity.governance.listener.IdentityStoreEventListener"
orderId="97"
enable="true">
<Property name="Data.Store">org.wso2.carbon.identity.governance.store.UserStoreBasedIdentityDataStore</Property>
Search for EncryptionUserFlowMigrator in migration-config.yaml and add migrateAll: true after the line schema: "identity" to solve it,
Also, if the mapped attribute for http://wso2.org/claims/identity/secretkey
claim is not totpSecretkey
in your previous version, make sure claim-config.xml in new version is updated with the mapped attribute you used in the previous version.
The migrateAll
configuration is now set by default, therefore fixes one of the mentioned issues. The changed mapped attribute should be added to the claim-config.xml file which should resolve the issue.
However the existing claim mapping configuration ideally should be migrated without further intervention being required. Therefore this should be improved. Will update the issue once the analysis on this is complete.
Describe the issue: When the UserStoreBasedIdentityDataStore is used, the TotpSecretKey migration does not work does not work due to two reasons.
migrateAll
property checked at [1] is not set by default and it is not documentedInMemoryClaimManager
is initialized and it contains the claim mappings in the claim-config.xml file. But the claim mappings in the DB could be different, but the mappings from the DB are not loaded until theDefaultClaimManager
is initialized.How to reproduce:
The TOTP secret key claim value will not be changed during the migration.
Expected behavior: It should not make any difference for UserStoreBasedIdentityDataStore.
[1] https://github.com/wso2-extensions/identity-migration-resources/blob/082c006d911742dae0c81f332c84e6dd87fe3392/components/org.wso2.is.migration/migration-service/src/main/java/org/wso2/carbon/is/migration/util/TotpSecretUtil.java#L115 [2] https://github.com/wso2-extensions/identity-migration-resources/blob/082c006d911742dae0c81f332c84e6dd87fe3392/components/org.wso2.is.migration/migration-service/src/main/java/org/wso2/carbon/is/migration/util/TotpSecretUtil.java#L172 [3] https://docs.wso2.com/display/ISCONNECTORS/Configuring+TOTP+Authenticator