From 99c404465b0cedeedb3d2ff87677d49ca14e8750 Mon Sep 17 00:00:00 2001
From: Chamila Adhikarinayake <cka.adhi@gmail.com>
Date: Thu, 29 Feb 2024 17:04:29 +0530
Subject: [PATCH] Set user store domain

---
 .../rest/api/dcr/web/dto/RegistrationProfile.java   |  9 +++++++++
 .../api/dcr/web/impl/RegistrationServiceImpl.java   | 13 ++++++++++---
 .../src/main/resources/dcr.yaml                     |  4 ++++
 3 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.dcr/src/main/java/org/wso2/carbon/apimgt/rest/api/dcr/web/dto/RegistrationProfile.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.dcr/src/main/java/org/wso2/carbon/apimgt/rest/api/dcr/web/dto/RegistrationProfile.java
index 2a25a8f43d37..14103ebcbddc 100644
--- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.dcr/src/main/java/org/wso2/carbon/apimgt/rest/api/dcr/web/dto/RegistrationProfile.java
+++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.dcr/src/main/java/org/wso2/carbon/apimgt/rest/api/dcr/web/dto/RegistrationProfile.java
@@ -43,6 +43,7 @@ public class RegistrationProfile {
     private boolean saasApp;
     private String audience;
     private String tokenType;
+    private boolean userstoreDomainInSubject;
 
     public String getRecepientValidationURL() {
         return recepientValidationURL;
@@ -215,4 +216,12 @@ public void setTokenType(String tokenType) {
         this.tokenType = tokenType;
     }
 
+    public boolean isUserStoreDomainInSubject() {
+        return userstoreDomainInSubject;
+    }
+
+    public void setUserStoreDomainInSubject(boolean setUserStoreDomainInSubject) {
+        this.userstoreDomainInSubject = setUserStoreDomainInSubject;
+    }
+
 }
diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.dcr/src/main/java/org/wso2/carbon/apimgt/rest/api/dcr/web/impl/RegistrationServiceImpl.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.dcr/src/main/java/org/wso2/carbon/apimgt/rest/api/dcr/web/impl/RegistrationServiceImpl.java
index 4eca476c20b5..678bbef84606 100644
--- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.dcr/src/main/java/org/wso2/carbon/apimgt/rest/api/dcr/web/impl/RegistrationServiceImpl.java
+++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.dcr/src/main/java/org/wso2/carbon/apimgt/rest/api/dcr/web/impl/RegistrationServiceImpl.java
@@ -189,7 +189,8 @@ public Response register(RegistrationProfile profile) {
                     returnedAPP = this.getExistingApp(applicationName, appServiceProvider.isSaasApp());
                 } else {
                     //create a new application if the application doesn't exists.
-                    returnedAPP = this.createApplication(applicationName, appRequest, grantTypes);
+                    returnedAPP = this.createApplication(applicationName, appRequest, grantTypes,
+                            profile.isUserStoreDomainInSubject());
                 }
                 //ReturnedAPP is null
                 if (returnedAPP == null) {
@@ -278,8 +279,8 @@ private OAuthApplicationInfo getExistingApp(String applicationName, boolean saas
      * @return created Application
      * @throws APIManagementException if failed to create the new application
      */
-    private OAuthApplicationInfo createApplication(String applicationName, OAuthAppRequest appRequest,
-                                                   String grantType) throws APIManagementException {
+    private OAuthApplicationInfo createApplication(String applicationName, OAuthAppRequest appRequest, String grantType,
+            boolean setUserStoreDomainInSubject) throws APIManagementException {
         String userName;
         OAuthApplicationInfo applicationInfo = appRequest.getOAuthApplicationInfo();
         String appName = applicationInfo.getClientName();
@@ -325,6 +326,12 @@ private OAuthApplicationInfo createApplication(String applicationName, OAuthAppR
             logoutConsentProperty.setName(APIConstants.APP_SKIP_LOGOUT_CONSENT_NAME);
             logoutConsentProperty.setValue(APIConstants.APP_SKIP_LOGOUT_CONSENT_VALUE);
             serviceProviderProperties.add(logoutConsentProperty);
+            
+            if (setUserStoreDomainInSubject) {
+                LocalAndOutboundAuthenticationConfig localAndOutboundConfig = new LocalAndOutboundAuthenticationConfig();
+                localAndOutboundConfig.setUseUserstoreDomainInLocalSubjectIdentifier(true);
+                serviceProvider.setLocalAndOutBoundAuthenticationConfig(localAndOutboundConfig);
+            }
 
             String orgId = null;
             try {
diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.dcr/src/main/resources/dcr.yaml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.dcr/src/main/resources/dcr.yaml
index fbffd55b4219..1c1b18ef95ff 100644
--- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.dcr/src/main/resources/dcr.yaml
+++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.dcr/src/main/resources/dcr.yaml
@@ -94,6 +94,10 @@ components:
           type: string
           readOnly: true
           example: JWT
+        userstoreDomainInSubject:
+          type: string
+          readOnly: true
+          example: true
     DCRResult:
       title: DCRResult
       type: object