Fixm/multi email separate

components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/handler/MobileNumberVerificationHandler.java

@@ -120,7 +120,7 @@ public void handleEvent(Event event) throws IdentityEventException {
         }
 
         boolean supportMultipleMobileNumbers =
-                Utils.isMultiEmailsAndMobileNumbersPerUserEnabled(user.getTenantDomain(), user.getUserStoreDomain());
+                Utils.isMultiMobileNumbersPerUserEnabled(user.getTenantDomain(), user.getUserStoreDomain());
 
         boolean enable = isMobileVerificationOnUpdateEnabled(user.getTenantDomain());
 
@@ -342,7 +342,7 @@ private void preSetUserClaimOnMobileNumberUpdate(Map<String, String> claims, Use
         }
 
         boolean supportMultipleMobileNumbers =
-                Utils.isMultiEmailsAndMobileNumbersPerUserEnabled(user.getTenantDomain(), user.getUserStoreDomain());
+                Utils.isMultiMobileNumbersPerUserEnabled(user.getTenantDomain(), user.getUserStoreDomain());
 
         // Update multiple mobile numbers only if they’re in the claims map.
         // This avoids issues with updating the primary mobile number due to user store limitations on multiple

components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/handler/UserEmailVerificationHandler.java

@@ -122,7 +122,7 @@ public void handleEvent(Event event) throws IdentityEventException {
         }
 
         boolean supportMultipleEmails =
-                Utils.isMultiEmailsAndMobileNumbersPerUserEnabled(user.getTenantDomain(), user.getUserStoreDomain());
+                Utils.isMultiEmailAddressesPerUserEnabled(user.getTenantDomain(), user.getUserStoreDomain());
 
         boolean enable = false;
 
@@ -552,7 +552,7 @@ private void preSetUserClaimsOnEmailUpdate(Map<String, String> claims, UserStore
         }
 
         boolean supportMultipleEmails =
-                Utils.isMultiEmailsAndMobileNumbersPerUserEnabled(user.getTenantDomain(), user.getUserStoreDomain());
+                Utils.isMultiEmailAddressesPerUserEnabled(user.getTenantDomain(), user.getUserStoreDomain());
         // Update multiple email address related claims only if they’re in the claims map.
         // This avoids issues with updating the primary email address due to user store limitations on multiple
         // email addresses.

components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/util/Utils.java

@@ -694,7 +694,10 @@ public static String getSignUpConfigs(String key, String tenantDomain) throws Id
             Property[] connectorConfigs;
             IdentityGovernanceService identityGovernanceService = IdentityRecoveryServiceDataHolder.getInstance()
                     .getIdentityGovernanceService();
-            connectorConfigs = identityGovernanceService.getConfiguration(new String[]{key,}, tenantDomain);
+            connectorConfigs = identityGovernanceService.getConfiguration(new String[]{key}, tenantDomain);
+            if (connectorConfigs == null || connectorConfigs.length == 0 || connectorConfigs[0] == null) {
+                return null;
+            }
             return connectorConfigs[0].getValue();
         } catch (IdentityGovernanceException e) {
             throw Utils.handleServerException(
@@ -708,7 +711,10 @@ public static String getConnectorConfig(String key, String tenantDomain) throws
             Property[] connectorConfigs;
             IdentityGovernanceService identityGovernanceService = IdentityRecoveryServiceDataHolder.getInstance()
                     .getIdentityGovernanceService();
-            connectorConfigs = identityGovernanceService.getConfiguration(new String[]{key,}, tenantDomain);
+            connectorConfigs = identityGovernanceService.getConfiguration(new String[]{key}, tenantDomain);
+            if (connectorConfigs == null || connectorConfigs.length == 0 || connectorConfigs[0] == null) {
+                return null;
+            }
             return connectorConfigs[0].getValue();
         } catch (IdentityGovernanceException e) {
             throw new IdentityEventException("Error while getting connector configurations", e);
@@ -1524,8 +1530,64 @@ public static boolean isUseVerifyClaimEnabled() {
      */
     public static boolean isMultiEmailsAndMobileNumbersPerUserEnabled(String tenantDomain, String userStoreDomain) {
 
-        if (!Boolean.parseBoolean(IdentityUtil.getProperty(
-                IdentityRecoveryConstants.ConnectorConfig.SUPPORT_MULTI_EMAILS_AND_MOBILE_NUMBERS_PER_USER))) {
+        return isMultiEmailAddressesPerUserEnabled(tenantDomain, userStoreDomain)
+                && isMultiMobileNumbersPerUserEnabled(tenantDomain, userStoreDomain);
+    }
+
+    /**
+     * Check if multiple email addresses are supported for the given tenant and user store.
+     *
+     * @param tenantDomain    Tenant domain.
+     * @param userStoreDomain User store domain.
+     * @return True if multiple email addresses are supported.
+     */
+    public static boolean isMultiEmailAddressesPerUserEnabled(String tenantDomain, String userStoreDomain) {
+
+        if (!isMultiEmailOrMobileConfigEnabled()) {
+            return false;
+        }
+
+        if (StringUtils.isBlank(tenantDomain) || StringUtils.isBlank(userStoreDomain)) {
+            return false;
+        }
+
+        try {
+            List<LocalClaim> localClaims =
+                    IdentityRecoveryServiceDataHolder.getInstance().getClaimMetadataManagementService()
+                            .getLocalClaims(tenantDomain);
+
+            List<String> requiredEmailClaims = new ArrayList<>();
+            requiredEmailClaims.add(IdentityRecoveryConstants.EMAIL_ADDRESSES_CLAIM);
+
+            boolean isEmailVerificationOnUpdateEnabled;
+            try {
+                isEmailVerificationOnUpdateEnabled = isEmailVerificationOnUpdateEnabled(tenantDomain);
+            } catch (IdentityEventException e) {
+                log.error("Error while retrieving email verification on update config.", e);
+                return false;
+            }
+
+            if (isEmailVerificationOnUpdateEnabled) {
+                requiredEmailClaims.add(IdentityRecoveryConstants.VERIFIED_EMAIL_ADDRESSES_CLAIM);
+            }
+
+            return areClaimsSupportedForUserStore(localClaims, requiredEmailClaims, userStoreDomain);
+        } catch (ClaimMetadataException e) {
+            log.error("Error while retrieving multiple emails config.", e);
+            return false;
+        }
+    }
+
+    /**
+     * Check if multiple mobile numbers are supported for the given tenant and user store.
+     *
+     * @param tenantDomain    Tenant domain.
+     * @param userStoreDomain User store domain.
+     * @return True if multiple mobile numbers are supported.
+     */
+    public static boolean isMultiMobileNumbersPerUserEnabled(String tenantDomain, String userStoreDomain) {
+
+        if (!isMultiEmailOrMobileConfigEnabled()) {
             return false;
         }
 
@@ -1538,21 +1600,55 @@ public static boolean isMultiEmailsAndMobileNumbersPerUserEnabled(String tenantD
                     IdentityRecoveryServiceDataHolder.getInstance().getClaimMetadataManagementService()
                             .getLocalClaims(tenantDomain);
 
-            List<String> requiredClaims = Arrays.asList(
-                    IdentityRecoveryConstants.VERIFIED_MOBILE_NUMBERS_CLAIM,
-                    IdentityRecoveryConstants.MOBILE_NUMBERS_CLAIM,
-                    IdentityRecoveryConstants.EMAIL_ADDRESSES_CLAIM,
-                    IdentityRecoveryConstants.VERIFIED_EMAIL_ADDRESSES_CLAIM);
+            List<String> requiredMobileClaims = new ArrayList<>();
+            requiredMobileClaims.add(IdentityRecoveryConstants.MOBILE_NUMBERS_CLAIM);
+
+            boolean isMobileVerificationOnUpdateEnabled;
+            try {
+                isMobileVerificationOnUpdateEnabled = isMobileVerificationOnUpdateEnabled(tenantDomain);
+            } catch (IdentityEventException e) {
+                log.error("Error while retrieving mobile verification on update config.", e);
+                return false;
+            }
 
-            // Check if all required claims are valid for the user store.
-            return requiredClaims.stream().allMatch(claimUri ->
-                            isClaimSupportedForUserStore(localClaims, claimUri, userStoreDomain));
+            if (isMobileVerificationOnUpdateEnabled) {
+                requiredMobileClaims.add(IdentityRecoveryConstants.VERIFIED_MOBILE_NUMBERS_CLAIM);
+            }
+
+            return areClaimsSupportedForUserStore(localClaims, requiredMobileClaims, userStoreDomain);
         } catch (ClaimMetadataException e) {
-            log.error("Error while retrieving multiple emails and mobiles config.", e);
+            log.error("Error while retrieving multiple mobile numbers config.", e);
             return false;
         }
     }
 
+    private static boolean isMultiEmailOrMobileConfigEnabled() {
+
+        return Boolean.parseBoolean(IdentityUtil.getProperty(
+                IdentityRecoveryConstants.ConnectorConfig.SUPPORT_MULTI_EMAILS_AND_MOBILE_NUMBERS_PER_USER));
+    }
+
+    private static boolean isEmailVerificationOnUpdateEnabled(String tenantDomain) throws IdentityEventException {
+
+        String configValue = Utils.getConnectorConfig(
+                IdentityRecoveryConstants.ConnectorConfig.ENABLE_EMAIL_VERIFICATION_ON_UPDATE, tenantDomain);
+        return Boolean.parseBoolean(configValue);
+    }
+
+    private static boolean isMobileVerificationOnUpdateEnabled(String tenantDomain) throws IdentityEventException {
+
+        String configValue = Utils.getConnectorConfig(
+                IdentityRecoveryConstants.ConnectorConfig.ENABLE_MOBILE_NUM_VERIFICATION_ON_UPDATE, tenantDomain);
+        return Boolean.parseBoolean(configValue);
+    }
+
+    private static boolean areClaimsSupportedForUserStore(List<LocalClaim> localClaims, List<String> claimUris,
+                                                          String userStoreDomain) {
+
+        return claimUris.stream().allMatch(claimUri ->
+                isClaimSupportedForUserStore(localClaims, claimUri, userStoreDomain));
+    }
+
     /**
      * Check if a claim is supported and not excluded for a specific user store.
      *

components/org.wso2.carbon.identity.recovery/src/test/java/org/wso2/carbon/identity/recovery/handler/MobileNumberVerificationHandlerTest.java

@@ -684,7 +684,7 @@ private static Map<String, String> getUserClaimsFromEvent(Event event2) {
     private void mockUtilMethods(boolean mobileVerificationEnabled, boolean multiAttributeEnabled,
                                  boolean useVerifyClaimEnabled) {
 
-        mockedUtils.when(() -> Utils.isMultiEmailsAndMobileNumbersPerUserEnabled(anyString(), anyString()))
+        mockedUtils.when(() -> Utils.isMultiMobileNumbersPerUserEnabled(anyString(), anyString()))
                 .thenReturn(multiAttributeEnabled);
         mockedUtils.when(Utils::isUseVerifyClaimEnabled).thenReturn(useVerifyClaimEnabled);
         mockedUtils.when(() -> Utils.getConnectorConfig(

components/org.wso2.carbon.identity.recovery/src/test/java/org/wso2/carbon/identity/recovery/handler/UserEmailVerificationHandlerTest.java

@@ -810,7 +810,7 @@ private void mockPrimaryEmailVerificationStatus(boolean isVerified) {
     private void mockUtilMethods(boolean emailVerificationEnabled, boolean multiAttributeEnabled,
                                  boolean userVerifyClaimEnabled, boolean notificationOnEmailUpdate) {
 
-        mockedUtils.when(() -> Utils.isMultiEmailsAndMobileNumbersPerUserEnabled(anyString(), anyString()))
+        mockedUtils.when(() -> Utils.isMultiEmailAddressesPerUserEnabled(anyString(), anyString()))
                 .thenReturn(multiAttributeEnabled);
         mockedUtils.when(Utils::isUseVerifyClaimEnabled).thenReturn(userVerifyClaimEnabled);
         mockGetConnectorConfig(IdentityRecoveryConstants.ConnectorConfig.ENABLE_EMAIL_VERIFICATION_ON_UPDATE,

components/org.wso2.carbon.identity.recovery/src/test/java/org/wso2/carbon/identity/recovery/signup/UserSelfRegistrationManagerTest.java

@@ -1034,6 +1034,10 @@ public void testGetConfirmedSelfRegisteredUserMobileVerificationOnUpdate()
         try (MockedStatic<Utils> mockedUtils = mockStatic(Utils.class)) {
             mockedUtils.when(() -> Utils.isMultiEmailsAndMobileNumbersPerUserEnabled(anyString(), anyString()))
                     .thenReturn(true);
+            mockedUtils.when(() -> Utils.isMultiEmailAddressesPerUserEnabled(anyString(), anyString()))
+                    .thenReturn(true);
+            mockedUtils.when(() -> Utils.isMultiMobileNumbersPerUserEnabled(anyString(), anyString()))
+                    .thenReturn(true);
             mockedUtils.when(() -> Utils.getConnectorConfig(
                             eq(IdentityRecoveryConstants.ConnectorConfig.ENABLE_MOBILE_VERIFICATION_BY_PRIVILEGED_USER),
                             anyString()))
@@ -1064,6 +1068,10 @@ public void testGetConfirmedSelfRegisteredUserMobileVerificationOnUpdate()
         try (MockedStatic<Utils> mockedUtils = mockStatic(Utils.class)) {
             mockedUtils.when(() -> Utils.isMultiEmailsAndMobileNumbersPerUserEnabled(anyString(), anyString()))
                     .thenReturn(true);
+            mockedUtils.when(() -> Utils.isMultiEmailAddressesPerUserEnabled(anyString(), anyString()))
+                    .thenReturn(true);
+            mockedUtils.when(() -> Utils.isMultiMobileNumbersPerUserEnabled(anyString(), anyString()))
+                    .thenReturn(true);
             mockedUtils.when(() -> Utils.getConnectorConfig(
                             eq(IdentityRecoveryConstants.ConnectorConfig.ENABLE_MOBILE_VERIFICATION_BY_PRIVILEGED_USER),
                             anyString()))
@@ -1087,6 +1095,10 @@ public void testGetConfirmedSelfRegisteredUserMobileVerificationOnUpdate()
         try (MockedStatic<Utils> mockedUtils = mockStatic(Utils.class)) {
             mockedUtils.when(() -> Utils.isMultiEmailsAndMobileNumbersPerUserEnabled(anyString(), anyString()))
                     .thenReturn(true);
+            mockedUtils.when(() -> Utils.isMultiEmailAddressesPerUserEnabled(anyString(), anyString()))
+                    .thenReturn(true);
+            mockedUtils.when(() -> Utils.isMultiMobileNumbersPerUserEnabled(anyString(), anyString()))
+                    .thenReturn(true);
             mockedUtils.when(() -> Utils.getConnectorConfig(
                             eq(IdentityRecoveryConstants.ConnectorConfig.ENABLE_MOBILE_VERIFICATION_BY_PRIVILEGED_USER),
                             anyString()))
@@ -2034,7 +2046,24 @@ private void mockMultiAttributeEnabled(Boolean isEnabled) throws ClaimMetadataEx
         mockedIdentityUtil.when(() -> IdentityUtil.getProperty(
                 eq(IdentityRecoveryConstants.ConnectorConfig.SUPPORT_MULTI_EMAILS_AND_MOBILE_NUMBERS_PER_USER)))
                 .thenReturn(isEnabled.toString());
-        if (!isEnabled) return;
+
+        org.wso2.carbon.identity.application.common.model.Property emailVerificationOnUpdate =
+                new org.wso2.carbon.identity.application.common.model.Property();
+        emailVerificationOnUpdate.setName(IdentityRecoveryConstants.ConnectorConfig.ENABLE_EMAIL_VERIFICATION_ON_UPDATE);
+        emailVerificationOnUpdate.setValue(Boolean.toString(isEnabled));
+        try {
+            when(identityGovernanceService.getConfiguration(
+                    eq(new String[]{IdentityRecoveryConstants.ConnectorConfig.ENABLE_EMAIL_VERIFICATION_ON_UPDATE}),
+                    eq(TEST_TENANT_DOMAIN_NAME))).thenReturn(
+                            new org.wso2.carbon.identity.application.common.model.Property[]{emailVerificationOnUpdate});
+        } catch (IdentityGovernanceException e) {
+            throw new RuntimeException(e);
+        }
+
+        if (!isEnabled) {
+            return;
+        }
+
         // Mock ClaimMetadataManagementService.
         ClaimMetadataManagementService claimMetadataManagementService = mock(ClaimMetadataManagementService.class);
         when(identityRecoveryServiceDataHolder.getClaimMetadataManagementService())