fix

coral/types/api.d.ts

@@ -7996,9 +7996,9 @@ export enum ApiPaths {
     approveRequest = "/request/approve",
     registerUser = "/registerUser",
     promoteSchema = "/promote/schema",
-    deleteOperationalRequest = "/operationalRequest/reqId/:reqId/delete",
-    declineOperationalRequest = "/operationalRequest/reqId/:reqId/decline",
-    approveOperationalRequest = "/operationalRequest/reqId/:reqId/approve",
+    deleteOperationalRequest = "/operationalRequest/reqId/{reqId}/delete",
+    declineOperationalRequest = "/operationalRequest/reqId/{reqId}/decline",
+    approveOperationalRequest = "/operationalRequest/reqId/{reqId}/approve",
     createConsumerOffsetsResetRequest = "/operationalRequest/consumerOffsetsReset/create",
     logout = "/logout",
     approveTopicRequests = "/execTopicRequests",
@@ -8031,24 +8031,24 @@ export enum ApiPaths {
     createAcl = "/createAcl",
     restartConnector = "/connector/restart",
     changePwd = "/chPwd",
-    addEnvToCache = "/cache/tenant/:tenantId/entityType/environment",
+    addEnvToCache = "/cache/tenant/{tenantId}/entityType/environment",
     addTenantId = "/addTenantId",
     addRoleId = "/addRoleId",
     addNewUser = "/addNewUser",
     addNewTeam = "/addNewTeam",
     addNewEnv = "/addNewEnv",
     addNewCluster = "/addNewCluster",
-    claimAcl = "/acl/claim/:aclId",
-    getSwitchTeams = "/user/:userId/switchTeamsList",
-    getTopicRequest = "/topic/request/:topicReqId",
+    claimAcl = "/acl/claim/{aclId}",
+    getSwitchTeams = "/user/{userId}/switchTeamsList",
+    getTopicRequest = "/topic/request/{topicReqId}",
     testClusterApiConnection = "/testClusterApiConnection",
     shutdownApp = "/shutdownContext",
     showUsers = "/showUserList",
-    getSchemaOfTopicFromSource = "/schemas/source/:source/kafkaEnv/:kafkaEnvId/topic/:topicName/schemaVersion/:schemaVersion",
-    getSchemaRequest = "/schema/request/:schemaReqId",
+    getSchemaOfTopicFromSource = "/schemas/source/{source}/kafkaEnv/{kafkaEnvId}/topic/{topicName}/schemaVersion/{schemaVersion}",
+    getSchemaRequest = "/schema/request/{schemaReqId}",
     resetCache = "/resetCache",
     getRequestStatistics = "/requests/statistics",
-    getOperationalRequests = "/operationalRequests/requestsFor/:requestsFor",
+    getOperationalRequests = "/operationalRequests/requestsFor/{requestsFor}",
     validateOffsetRequestDetails = "/operationalRequest/consumerOffsetsReset/validate",
     getRegistrationInfoFromId = "/getUserInfoFromRegistrationId",
     getUserDetails = "/getUserDetails",
@@ -8126,11 +8126,11 @@ export enum ApiPaths {
     getAclRequests = "/getAclRequests",
     getAclRequestsForApprover = "/getAclRequestsForApprover",
     getSchemaRegEnvsPaginated = "/environments/schemaRegistry",
-    getSchemaRegEnv = "/environments/schemaRegistry/:envId",
+    getSchemaRegEnv = "/environments/schemaRegistry/{envId}",
     getKafkaConnectEnvsPaginated = "/environments/kafkaconnect",
-    getKafkaConnectEnv = "/environments/kafkaconnect/:envId",
+    getKafkaConnectEnv = "/environments/kafkaconnect/{envId}",
     getKafkaEnvsPaginated = "/environments/kafka",
-    getKafkaEnv = "/environments/kafka/:envId",
-    getAclRequest = "/acl/request/:aclRequestId",
-    removeEnvFromCache = "/cache/tenant/:tenantId/entityType/environment/id/:id"
+    getKafkaEnv = "/environments/kafka/{envId}",
+    getAclRequest = "/acl/request/{aclRequestId}",
+    removeEnvFromCache = "/cache/tenant/{tenantId}/entityType/environment/id/{id}"
 }

core/src/main/java/io/aiven/klaw/auth/KwAuthenticationSuccessHandler.java

@@ -62,25 +62,30 @@ public String getRedirectPage(HttpServletRequest request, Authentication authent
     String providerRoute = "{{ provider }}";
     String coralTopicsUri = "/coral/";
 
-    if (quickStartEnabled
-        && handleDbRequests
-            .getUsersInfo(
-                UtilMethods.getUserName(
-                    authentication.getPrincipal(), preferredUsernameAttribute, emailAttribute))
-            .getRole()
-            .equals(KwConstants.USER_ROLE)) {
-      return coralTopicsUri;
-    }
-
-    if (coralEnabled
-        && UtilControllerService.isCoralBuilt
-        && !handleDbRequests
-            .getUsersInfo(
-                UtilMethods.getUserName(
-                    authentication.getPrincipal(), preferredUsernameAttribute, emailAttribute))
-            .getRole()
-            .equals(KwConstants.SUPERADMIN_ROLE)) {
-      return coralTopicsUri;
+    try {
+      if (quickStartEnabled
+          && handleDbRequests
+              .getUsersInfo(
+                  UtilMethods.getUserName(
+                      authentication.getPrincipal(), preferredUsernameAttribute, emailAttribute))
+              .getRole()
+              .equals(KwConstants.USER_ROLE)) {
+        return coralTopicsUri;
+      }
+
+      if (coralEnabled
+          && UtilControllerService.isCoralBuilt
+          && !handleDbRequests
+              .getUsersInfo(
+                  UtilMethods.getUserName(
+                      authentication.getPrincipal(), preferredUsernameAttribute, emailAttribute))
+              .getRole()
+              .equals(KwConstants.SUPERADMIN_ROLE)) {
+        return coralTopicsUri;
+      }
+    } catch (Exception e) {
+      log.info("Could not retrieve user info");
+      return rootPath + indexPage;
     }
 
     if (defaultSavedRequest == null) {

core/src/main/java/io/aiven/klaw/model/requests/ProfileModel.java

@@ -18,7 +18,7 @@ public class ProfileModel implements Serializable {
   @Size(min = 5, max = 50, message = "Name must be atleast 5 characters")
   @Pattern(
       message = "Invalid Full name",
-      regexp = "^[A-Za-zÀ-ÖØ-öø-ÿ' ]*$") // Pattern a-zA-z accents and umlaut and/or spaces.
+      regexp = "^[A-Za-zÀ-ÖØ-öø-ÿ' ()]*$") // Pattern a-zA-z accents and umlaut and/or spaces.
   private String fullname;
 
   @Email(message = "Email should be valid")

core/src/main/java/io/aiven/klaw/model/requests/RegisterUserInfoModel.java

@@ -33,7 +33,7 @@ public class RegisterUserInfoModel implements Serializable {
   @NotNull(message = "Name cannot be null")
   @Pattern(
       message = "Invalid Full name.",
-      regexp = "^[a-zA-z ]*$") //  Pattern a-zA-z and/or spaces.
+      regexp = "^[a-zA-Z ()]*$") //  Pattern a-zA-z and/or spaces.
   private String fullname;
 
   @Email(message = "Email should be valid")

core/src/main/java/io/aiven/klaw/service/UiControllerLoginService.java

@@ -44,6 +44,9 @@ public class UiControllerLoginService {
   @Value("${klaw.login.authentication.type}")
   private String authenticationType;
 
+  @Value("${spring.ad.domain:#{null}}")
+  private String adDomain;
+
   @Value("${klaw.enable.authorization.ad:false}")
   private boolean enableUserAuthorizationFromAD;
 
@@ -114,14 +117,19 @@ public String checkAnonymousLogin(
       String userName) {
     DefaultOAuth2User defaultOAuth2User = null;
     String nameAttribute = "name";
+    String emailAttribute = "email";
+    String emailAttributeVal = null;
     Collection<? extends GrantedAuthority> authorities = null;
 
+    Object principal = abstractAuthenticationToken.getPrincipal();
     // Extract attributes for user verification/registration
     if (abstractAuthenticationToken instanceof OAuth2AuthenticationToken) {
-      defaultOAuth2User =
-          (DefaultOAuth2User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
-      nameAttribute = (String) defaultOAuth2User.getAttributes().get(nameAttribute);
-      authorities = defaultOAuth2User.getAuthorities();
+      if (principal instanceof DefaultOAuth2User) {
+        defaultOAuth2User = (DefaultOAuth2User) principal;
+        nameAttribute = (String) defaultOAuth2User.getAttributes().get(nameAttribute);
+        emailAttributeVal = (String) defaultOAuth2User.getAttributes().get(emailAttribute);
+        authorities = defaultOAuth2User.getAuthorities();
+      }
     } else if (abstractAuthenticationToken instanceof UsernamePasswordAuthenticationToken) {
       nameAttribute = abstractAuthenticationToken.getName();
       authorities = abstractAuthenticationToken.getAuthorities();
@@ -146,7 +154,8 @@ public String checkAnonymousLogin(
           }
         }
       }
-      return registerStagingUser(userName, nameAttribute, roleValidationPair.getRight());
+      return registerStagingUser(
+          userName, nameAttribute, roleValidationPair.getRight(), emailAttributeVal);
     }
 
     if (abstractAuthenticationToken.isAuthenticated()) {
@@ -272,7 +281,8 @@ public String checkAuth(
   }
 
   // register user with staging status, and forward to signup
-  public String registerStagingUser(String userName, Object fullName, String roleFromAD) {
+  public String registerStagingUser(
+      String userName, Object fullName, String roleFromAD, String emailClaim) {
     try {
       log.info("User found in SSO/AD and not in Klaw db :{}", userName);
       String existingRegistrationId =
@@ -296,6 +306,11 @@ public String registerStagingUser(String userName, Object fullName, String roleF
         registerUserInfoModel.setRole(
             Objects.requireNonNullElse(roleFromAD, KwConstants.USER_ROLE));
         registerUserInfoModel.setRegisteredTime(new Timestamp(System.currentTimeMillis()));
+
+        if (emailClaim != null) {
+          registerUserInfoModel.setMailid(emailClaim);
+        }
+
         registerUserInfoModel.setUsername(userName);
         registerUserInfoModel.setPwd("");
         if (fullName != null) {

core/src/main/java/io/aiven/klaw/service/UsersTeamsControllerService.java

@@ -508,7 +508,10 @@ public ApiResponse deleteUser(String userIdToDelete, boolean isExternal) throws
     }
 
     try {
-      inMemoryUserDetailsManager.deleteUser(userIdToDelete);
+      if (inMemoryUserDetailsManager != null
+          && inMemoryUserDetailsManager.userExists(userIdToDelete)) {
+        inMemoryUserDetailsManager.deleteUser(userIdToDelete);
+      }
       String result = manageDatabase.getHandleDbRequests().deleteUserRequest(userIdToDelete);
       if (result.equals(ApiResultStatus.SUCCESS.value)) {
         commonUtilsService.updateMetadata(
@@ -628,8 +631,10 @@ public ApiResponse addNewUser(UserInfoModel newUser, boolean isExternal) throws
           : ApiResponse.notOk(result);
     } catch (Exception e) {
       try {
-        if (inMemoryUserDetailsManager != null)
+        if (inMemoryUserDetailsManager != null
+            && inMemoryUserDetailsManager.userExists(newUser.getUsername())) {
           inMemoryUserDetailsManager.deleteUser(newUser.getUsername());
+        }
       } catch (Exception e1) {
         log.error("Try deleting user");
       }

core/src/main/resources/static/js/registerUsers.js

@@ -493,19 +493,19 @@ app.controller("registerUsersCtrl", function($scope, $http, $location, $window)
                   return;
               }
 
-                if(!$scope.registerUser.emailid)
+                if(!$scope.registerUser.mailid)
                 {
                     $scope.alertnote = "Email id is mandatory.";
                     $scope.showAlertToast();
                     return;
                 }
-                else if($scope.registerUser.emailid.length < 7)
+                else if($scope.registerUser.mailid.length < 7)
                 {
                     $scope.alertnote = "Please enter a valid email id.";
                     $scope.showAlertToast();
                     return;
                 }
-                else if(!$scope.registerUser.emailid.includes("@"))
+                else if(!$scope.registerUser.mailid.includes("@"))
                 {
                     $scope.alertnote = "Please enter a valid email id.";
                      $scope.showAlertToast();
@@ -518,7 +518,7 @@ app.controller("registerUsersCtrl", function($scope, $http, $location, $window)
 
                     serviceInput['username'] = $scope.registerUser.username;
                     serviceInput['fullname'] = $scope.registerUser.fullname;
-                    serviceInput['mailid'] = $scope.registerUser.emailid;
+                    serviceInput['mailid'] = $scope.registerUser.mailid;
                     serviceInput['tenantName'] = tenantName.trim();
                     serviceInput['pwd'] = '';
 

core/src/main/resources/templates/registerLdap.html

@@ -354,7 +354,7 @@ <h3 class="p-2 rounded-title mb-3">Sign Up</h3>
                             class="form-control"
                             type="email"
                             required
-                            ng-model="registerUser.emailid"
+                            ng-model="registerUser.mailid"
                           />
                         </div>
                       </div>

openapi.json

@@ -5886,7 +5886,7 @@
             "type" : "string",
             "maxLength" : 50,
             "minLength" : 5,
-            "pattern" : "^[A-Za-zÀ-ÖØ-öø-ÿ' ]*$"
+            "pattern" : "^[A-Za-zÀ-ÖØ-öø-ÿ' ()]*$"
           },
           "mailid" : {
             "type" : "string"
@@ -5937,7 +5937,7 @@
             "type" : "string",
             "maxLength" : 50,
             "minLength" : 5,
-            "pattern" : "^[A-Za-zÀ-ÖØ-öø-ÿ' ]*$"
+            "pattern" : "^[A-Za-zÀ-ÖØ-öø-ÿ' ()]*$"
           },
           "mailid" : {
             "type" : "string"
@@ -6282,7 +6282,7 @@
             "type" : "string",
             "maxLength" : 50,
             "minLength" : 5,
-            "pattern" : "^[A-Za-zÀ-ÖØ-öø-ÿ' ]*$"
+            "pattern" : "^[A-Za-zÀ-ÖØ-öø-ÿ' ()]*$"
           },
           "mailid" : {
             "type" : "string"
@@ -6544,7 +6544,7 @@
             "type" : "string",
             "maxLength" : 50,
             "minLength" : 5,
-            "pattern" : "^[a-zA-z ]*$"
+            "pattern" : "^[a-zA-Z ()]*$"
           },
           "mailid" : {
             "type" : "string"