apim-apps icon indicating copy to clipboard operation
apim-apps copied to clipboard
verified publisher icon wso2

Fix: Make userinfo and scope management endpoints optional in Okta Key Manager

Open ranuka-laksika opened this issue 2 months ago • 2 comments

Fixes wso2/api-manager#4159

Issue URL: https://github.com/wso2/api-manager/issues/4159

Problem

The Admin Portal UI required "userinfo" and "scope management endpoints" fields when configuring Okta as a Key Manager, but according to the documentation these fields should be optional. This prevented users from proceeding without providing values for these optional fields.

Solution

Made the userinfo and scope management endpoints truly optional by:

  1. Removed userInfoEndpoint and scopeManagementEndpoint from the required fields validation in the hasErrors function
  2. Removed validation checks for these fields in the formHasErrors function
  3. Removed the red asterisk (*) indicator from the TextField labels for both endpoints in the UI

Changes Made

  • Modified: portals/admin/src/main/webapp/source/src/app/components/KeyManagers/AddEditKeyManager.jsx
    • Lines 384-397: Removed userInfoEndpoint and scopeManagementEndpoint from the switch case in hasErrors function
    • Lines 481-491: Removed validation calls for these two endpoints in formHasErrors function
    • Lines 1250-1268: Removed required indicator (asterisk) and error validation from userInfoEndpoint TextField
    • Lines 1288-1308: Removed required indicator (asterisk) and error validation from scopeManagementEndpoint TextField

Build Information

  • Java 11 (Temurin-Hotspot)
  • Maven 3.6.3
  • Built component: portals/admin
  • Generated artifact: admin.war (22MB)

Artifacts Replaced

  • Frontend: Replaced admin folder in wso2am-4.6.0/repository/deployment/server/webapps/

Testing

No testing required for frontend changes (as per workflow guidelines for frontend-only changes)

Modified wso2am Pack Download

The complete modified wso2am-4.6.0 pack is available as a GitHub Actions artifact.

🔗 Download from GitHub Actions

Artifact Details:

  • Name: wso2am-4.6.0-issue-72.zip
  • How to Download:
    1. Click the link above
    2. Scroll to "Artifacts" section
    3. Download the zip file
    4. Extract and use directly

Contents: Complete wso2am pack with all updated artifacts ready to use.

Summary by CodeRabbit

Release Notes

  • Refactor
    • Simplified endpoint field handling in Key Manager configuration.
    • Removed required field validation for UserInfo Endpoint and Scope Management Endpoint fields.
    • Updated form label rendering for improved clarity.

ranuka-laksika avatar Nov 12 '25 06:11 ranuka-laksika

Walkthrough

Removed validation and reducer update logic for userInfoEndpoint and scopeManagementEndpoint fields in the Okta Key Manager configuration form, making these fields optional per documentation. UI labels simplified by removing wrapper spans.

Changes

Cohort / File(s) Summary
Form Validation & State Management
portals/admin/src/main/webapp/source/src/app/components/KeyManagers/AddEditKeyManager.jsx		 Removed userInfoEndpoint and scopeManagementEndpoint from reducer switch statement, eliminating automatic state updates for these fields via onChange dispatch. Removed both fields from form validation checks (formHasErrors and hasErrors), disabling required-field validation and error display.
UI Rendering
portals/admin/src/main/webapp/source/src/app/components/KeyManagers/AddEditKeyManager.jsx		 Simplified label rendering by replacing <span> wrapper elements with direct FormattedMessage components for UserInfo Endpoint and Scope Management Endpoint fields.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

  • Attention areas:
    • Verify that removing reducer handling doesn't break existing state initialization or form submission flow
    • Confirm that fields remain accessible in UI for data entry but are genuinely optional (no hidden validation)
    • Ensure this change aligns with backend API expectations for these fields
    • Check if removal of validation causes orphaned field values during form submission

Poem

🐰 Endpoints once strict, now softly loose,
The UI sheds its chains of required use.
Optional at last, as docs decreed,
Validation cleared—let freedom proceed! ✨

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly summarizes the main change: making userinfo and scope management endpoints optional in the Okta Key Manager, which directly addresses the PR's primary objective.
Linked Issues check ✅ Passed The PR successfully addresses all coding requirements from issue #4159: removes validation for userInfoEndpoint and scopeManagementEndpoint from hasErrors and formHasErrors, and removes required indicators from UI labels.
Out of Scope Changes check ✅ Passed All changes are directly scoped to the objective of making those two endpoints optional; no unrelated modifications are present in the changeset.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
✨ Finishing touches
  • [ ] 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • [ ] Create PR with unit tests
  • [ ] Post copyable unit tests in a comment
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9eea9b0a891463e5d625b2ae02413869ef0a71aa and afda39f14c5bc42c67981e1e1f1867f7445e6e66.

📒 Files selected for processing (1)
  • portals/admin/src/main/webapp/source/src/app/components/KeyManagers/AddEditKeyManager.jsx (2 hunks)
🧰 Additional context used
🧠 Learnings (1)
📚 Learning: 2025-11-10T11:56:35.556Z 
Learnt from: O-sura
Repo: wso2/apim-apps PR: 1220
File: portals/publisher/src/main/webapp/source/src/app/data/Utils.js:780-795
Timestamp: 2025-11-10T11:56:35.556Z
Learning: In portals/publisher/src/main/webapp/source/src/app/data/Utils.js, the formatAndGetRoleByDomain function does not need null/undefined checks or trimming because it's only called in four controlled locations (CreateScope.jsx and EditScope.jsx in Apis/Details/Scopes and Scopes paths) after successful role validation through APIValidation.role.validate(base64url.encode(role)), and adding trimming could break compatibility with existing scopes that contain spaces.

Applied to files:

  • portals/admin/src/main/webapp/source/src/app/components/KeyManagers/AddEditKeyManager.jsx
🔇 Additional comments (1)
portals/admin/src/main/webapp/source/src/app/components/KeyManagers/AddEditKeyManager.jsx (1)

1255-1268: Optional endpoints now align with docs

Nice cleanup—dropping the asterisk/error wiring plus removing these fields from hasErrors/formHasErrors lets the form submit without values, which matches the Okta Key Manager docs that list both endpoints as optional.(apim.docs.wso2.com)

Also applies to: 1293-1308

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot] avatar Nov 12 '25 06:11 coderabbitai[bot]

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

sonarqubecloud[bot] avatar Nov 12 '25 06:11 sonarqubecloud[bot]