From 8423c4b1695b783cf0a55e4ebbee2bea0a94550e Mon Sep 17 00:00:00 2001
From: AnuradhaSK <anuradha199528@gmail.com>
Date: Sun, 15 Oct 2023 19:40:53 +0530
Subject: [PATCH 1/4] add capability to associate v2 roles with applications

---
 .../management/v1/ApplicationModel.java       |  27 ++-
 .../management/v1/ApplicationPatchModel.java  |  24 ++-
 .../v1/ApplicationResponseModel.java          |  27 ++-
 .../management/v1/AssociatedRolesConfig.java  | 165 ++++++++++++++++++
 .../application/management/v1/Role.java       | 121 +++++++++++++
 .../ApiModelToServiceProvider.java            |  28 ++-
 .../ServiceProviderToApiModel.java            |  45 ++++-
 .../application/UpdateAssociatedRoles.java    |  48 +++++
 .../application/UpdateServiceProvider.java    |  27 ++-
 .../src/main/resources/applications.yaml      |  34 +++-
 10 files changed, 517 insertions(+), 29 deletions(-)
 create mode 100644 components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/AssociatedRolesConfig.java
 create mode 100644 components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/Role.java
 create mode 100644 components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateAssociatedRoles.java

diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationModel.java
index b63b5b2eb5..ae72d5f23e 100644
--- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationModel.java
+++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationModel.java
@@ -23,6 +23,7 @@
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
 import org.wso2.carbon.identity.api.server.application.management.v1.AdvancedApplicationConfiguration;
+import org.wso2.carbon.identity.api.server.application.management.v1.AssociatedRolesConfig;
 import org.wso2.carbon.identity.api.server.application.management.v1.AuthenticationSequence;
 import org.wso2.carbon.identity.api.server.application.management.v1.ClaimConfiguration;
 import org.wso2.carbon.identity.api.server.application.management.v1.InboundProtocols;
@@ -45,6 +46,7 @@ public class ApplicationModel  {
     private String templateId;
     private Boolean isManagementApp = false;
     private Boolean isB2BSelfServiceApp = false;
+    private AssociatedRolesConfig associatedRoles;
     private ClaimConfiguration claimConfiguration;
     private InboundProtocols inboundProtocolConfiguration;
     private AuthenticationSequence authenticationSequence;
@@ -196,6 +198,27 @@ public Boolean getIsB2BSelfServiceApp() {
 
         return isB2BSelfServiceApp;
     }
+    public void setIsB2BSelfServiceApp(Boolean isB2BSelfServiceApp) {
+        this.isB2BSelfServiceApp = isB2BSelfServiceApp;
+    }
+
+    /**
+    **/
+    public ApplicationModel associatedRoles(AssociatedRolesConfig associatedRoles) {
+
+        this.associatedRoles = associatedRoles;
+        return this;
+    }
+    
+    @ApiModelProperty(value = "")
+    @JsonProperty("associatedRoles")
+    @Valid
+    public AssociatedRolesConfig getAssociatedRoles() {
+        return associatedRoles;
+    }
+    public void setAssociatedRoles(AssociatedRolesConfig associatedRoles) {
+        this.associatedRoles = associatedRoles;
+    }
 
     /**
     **/
@@ -307,6 +330,7 @@ public boolean equals(java.lang.Object o) {
             Objects.equals(this.templateId, applicationModel.templateId) &&
             Objects.equals(this.isManagementApp, applicationModel.isManagementApp) &&
             Objects.equals(this.isB2BSelfServiceApp, applicationModel.isB2BSelfServiceApp) &&
+            Objects.equals(this.associatedRoles, applicationModel.associatedRoles) &&
             Objects.equals(this.claimConfiguration, applicationModel.claimConfiguration) &&
             Objects.equals(this.inboundProtocolConfiguration, applicationModel.inboundProtocolConfiguration) &&
             Objects.equals(this.authenticationSequence, applicationModel.authenticationSequence) &&
@@ -316,7 +340,7 @@ public boolean equals(java.lang.Object o) {
 
     @Override
     public int hashCode() {
-        return Objects.hash(id, name, description, imageUrl, accessUrl, templateId, isManagementApp, isB2BSelfServiceApp, claimConfiguration, inboundProtocolConfiguration, authenticationSequence, advancedConfigurations, provisioningConfigurations);
+        return Objects.hash(id, name, description, imageUrl, accessUrl, templateId, isManagementApp, isB2BSelfServiceApp, associatedRoles, claimConfiguration, inboundProtocolConfiguration, authenticationSequence, advancedConfigurations, provisioningConfigurations);
     }
 
     @Override
@@ -333,6 +357,7 @@ public String toString() {
         sb.append("    templateId: ").append(toIndentedString(templateId)).append("\n");
         sb.append("    isManagementApp: ").append(toIndentedString(isManagementApp)).append("\n");
         sb.append("    isB2BSelfServiceApp: ").append(toIndentedString(isB2BSelfServiceApp)).append("\n");
+        sb.append("    associatedRoles: ").append(toIndentedString(associatedRoles)).append("\n");
         sb.append("    claimConfiguration: ").append(toIndentedString(claimConfiguration)).append("\n");
         sb.append("    inboundProtocolConfiguration: ").append(toIndentedString(inboundProtocolConfiguration)).append("\n");
         sb.append("    authenticationSequence: ").append(toIndentedString(authenticationSequence)).append("\n");
diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationPatchModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationPatchModel.java
index 7596bdbcba..1d91ea8ade 100644
--- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationPatchModel.java
+++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationPatchModel.java
@@ -23,6 +23,7 @@
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
 import org.wso2.carbon.identity.api.server.application.management.v1.AdvancedApplicationConfiguration;
+import org.wso2.carbon.identity.api.server.application.management.v1.AssociatedRolesConfig;
 import org.wso2.carbon.identity.api.server.application.management.v1.AuthenticationSequence;
 import org.wso2.carbon.identity.api.server.application.management.v1.ClaimConfiguration;
 import org.wso2.carbon.identity.api.server.application.management.v1.ProvisioningConfiguration;
@@ -41,6 +42,7 @@ public class ApplicationPatchModel  {
     private String imageUrl;
     private String accessUrl;
     private String templateId;
+    private AssociatedRolesConfig associatedRoles;
     private ClaimConfiguration claimConfiguration;
     private AuthenticationSequence authenticationSequence;
     private AdvancedApplicationConfiguration advancedConfigurations;
@@ -136,6 +138,24 @@ public void setTemplateId(String templateId) {
         this.templateId = templateId;
     }
 
+    /**
+    **/
+    public ApplicationPatchModel associatedRoles(AssociatedRolesConfig associatedRoles) {
+
+        this.associatedRoles = associatedRoles;
+        return this;
+    }
+    
+    @ApiModelProperty(value = "")
+    @JsonProperty("associatedRoles")
+    @Valid
+    public AssociatedRolesConfig getAssociatedRoles() {
+        return associatedRoles;
+    }
+    public void setAssociatedRoles(AssociatedRolesConfig associatedRoles) {
+        this.associatedRoles = associatedRoles;
+    }
+
     /**
     **/
     public ApplicationPatchModel claimConfiguration(ClaimConfiguration claimConfiguration) {
@@ -225,6 +245,7 @@ public boolean equals(java.lang.Object o) {
             Objects.equals(this.imageUrl, applicationPatchModel.imageUrl) &&
             Objects.equals(this.accessUrl, applicationPatchModel.accessUrl) &&
             Objects.equals(this.templateId, applicationPatchModel.templateId) &&
+            Objects.equals(this.associatedRoles, applicationPatchModel.associatedRoles) &&
             Objects.equals(this.claimConfiguration, applicationPatchModel.claimConfiguration) &&
             Objects.equals(this.authenticationSequence, applicationPatchModel.authenticationSequence) &&
             Objects.equals(this.advancedConfigurations, applicationPatchModel.advancedConfigurations) &&
@@ -233,7 +254,7 @@ public boolean equals(java.lang.Object o) {
 
     @Override
     public int hashCode() {
-        return Objects.hash(name, description, imageUrl, accessUrl, templateId, claimConfiguration, authenticationSequence, advancedConfigurations, provisioningConfigurations);
+        return Objects.hash(name, description, imageUrl, accessUrl, templateId, associatedRoles, claimConfiguration, authenticationSequence, advancedConfigurations, provisioningConfigurations);
     }
 
     @Override
@@ -247,6 +268,7 @@ public String toString() {
         sb.append("    imageUrl: ").append(toIndentedString(imageUrl)).append("\n");
         sb.append("    accessUrl: ").append(toIndentedString(accessUrl)).append("\n");
         sb.append("    templateId: ").append(toIndentedString(templateId)).append("\n");
+        sb.append("    associatedRoles: ").append(toIndentedString(associatedRoles)).append("\n");
         sb.append("    claimConfiguration: ").append(toIndentedString(claimConfiguration)).append("\n");
         sb.append("    authenticationSequence: ").append(toIndentedString(authenticationSequence)).append("\n");
         sb.append("    advancedConfigurations: ").append(toIndentedString(advancedConfigurations)).append("\n");
diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationResponseModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationResponseModel.java
index 18b7f2c497..acff3f557e 100644
--- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationResponseModel.java
+++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationResponseModel.java
@@ -25,6 +25,7 @@
 import java.util.ArrayList;
 import java.util.List;
 import org.wso2.carbon.identity.api.server.application.management.v1.AdvancedApplicationConfiguration;
+import org.wso2.carbon.identity.api.server.application.management.v1.AssociatedRolesConfig;
 import org.wso2.carbon.identity.api.server.application.management.v1.AuthenticationSequence;
 import org.wso2.carbon.identity.api.server.application.management.v1.ClaimConfiguration;
 import org.wso2.carbon.identity.api.server.application.management.v1.InboundProtocolListItem;
@@ -49,6 +50,7 @@ public class ApplicationResponseModel  {
     private String templateId;
     private Boolean isManagementApp;
     private Boolean isB2BSelfServiceApp;
+    private AssociatedRolesConfig associatedRoles;
     private ClaimConfiguration claimConfiguration;
     private List<InboundProtocolListItem> inboundProtocols = null;
 
@@ -271,6 +273,27 @@ public Boolean getIsB2BSelfServiceApp() {
 
         return isB2BSelfServiceApp;
     }
+    public void setIsB2BSelfServiceApp(Boolean isB2BSelfServiceApp) {
+        this.isB2BSelfServiceApp = isB2BSelfServiceApp;
+    }
+
+    /**
+    **/
+    public ApplicationResponseModel associatedRoles(AssociatedRolesConfig associatedRoles) {
+
+        this.associatedRoles = associatedRoles;
+        return this;
+    }
+    
+    @ApiModelProperty(value = "")
+    @JsonProperty("associatedRoles")
+    @Valid
+    public AssociatedRolesConfig getAssociatedRoles() {
+        return associatedRoles;
+    }
+    public void setAssociatedRoles(AssociatedRolesConfig associatedRoles) {
+        this.associatedRoles = associatedRoles;
+    }
 
     /**
     **/
@@ -410,6 +433,7 @@ public boolean equals(java.lang.Object o) {
             Objects.equals(this.templateId, applicationResponseModel.templateId) &&
             Objects.equals(this.isManagementApp, applicationResponseModel.isManagementApp) &&
             Objects.equals(this.isB2BSelfServiceApp, applicationResponseModel.isB2BSelfServiceApp) &&
+            Objects.equals(this.associatedRoles, applicationResponseModel.associatedRoles) &&
             Objects.equals(this.claimConfiguration, applicationResponseModel.claimConfiguration) &&
             Objects.equals(this.inboundProtocols, applicationResponseModel.inboundProtocols) &&
             Objects.equals(this.authenticationSequence, applicationResponseModel.authenticationSequence) &&
@@ -420,7 +444,7 @@ public boolean equals(java.lang.Object o) {
 
     @Override
     public int hashCode() {
-        return Objects.hash(id, name, description, imageUrl, accessUrl, clientId, issuer, templateId, isManagementApp, isB2BSelfServiceApp, claimConfiguration, inboundProtocols, authenticationSequence, advancedConfigurations, provisioningConfigurations, access);
+        return Objects.hash(id, name, description, imageUrl, accessUrl, clientId, issuer, templateId, isManagementApp, isB2BSelfServiceApp, associatedRoles, claimConfiguration, inboundProtocols, authenticationSequence, advancedConfigurations, provisioningConfigurations, access);
     }
 
     @Override
@@ -439,6 +463,7 @@ public String toString() {
         sb.append("    templateId: ").append(toIndentedString(templateId)).append("\n");
         sb.append("    isManagementApp: ").append(toIndentedString(isManagementApp)).append("\n");
         sb.append("    isB2BSelfServiceApp: ").append(toIndentedString(isB2BSelfServiceApp)).append("\n");
+        sb.append("    associatedRoles: ").append(toIndentedString(associatedRoles)).append("\n");
         sb.append("    claimConfiguration: ").append(toIndentedString(claimConfiguration)).append("\n");
         sb.append("    inboundProtocols: ").append(toIndentedString(inboundProtocols)).append("\n");
         sb.append("    authenticationSequence: ").append(toIndentedString(authenticationSequence)).append("\n");
diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/AssociatedRolesConfig.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/AssociatedRolesConfig.java
new file mode 100644
index 0000000000..65aac77d32
--- /dev/null
+++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/AssociatedRolesConfig.java
@@ -0,0 +1,165 @@
+/*
+ * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.api.server.application.management.v1;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonCreator;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import java.util.ArrayList;
+import java.util.List;
+import org.wso2.carbon.identity.api.server.application.management.v1.Role;
+import javax.validation.constraints.*;
+
+
+import io.swagger.annotations.*;
+import java.util.Objects;
+import javax.validation.Valid;
+import javax.xml.bind.annotation.*;
+
+public class AssociatedRolesConfig  {
+  
+
+@XmlType(name="AllowedAudienceEnum")
+@XmlEnum(String.class)
+public enum AllowedAudienceEnum {
+    @XmlEnumValue("organization") ORGANIZATION(String.valueOf("organization")), @XmlEnumValue("application") APPLICATION(String.valueOf("application"));
+
+
+    private String value;
+
+    AllowedAudienceEnum(String v) {
+        value = v;
+    }
+
+    public String value() {
+        return value;
+    }
+
+    @Override
+    public String toString() {
+        return String.valueOf(value);
+    }
+
+    public static AllowedAudienceEnum fromValue(String value) {
+        for (AllowedAudienceEnum b : AllowedAudienceEnum.values()) {
+            if (b.value.equals(value)) {
+                return b;
+            }
+        }
+        throw new IllegalArgumentException("Unexpected value '" + value + "'");
+    }
+}
+
+    private AllowedAudienceEnum allowedAudience = AllowedAudienceEnum.ORGANIZATION;
+    private List<Role> roles = null;
+
+
+    /**
+    **/
+    public AssociatedRolesConfig allowedAudience(AllowedAudienceEnum allowedAudience) {
+
+        this.allowedAudience = allowedAudience;
+        return this;
+    }
+    
+    @ApiModelProperty(example = "organization", required = true, value = "")
+    @JsonProperty("allowedAudience")
+    @Valid
+    @NotNull(message = "Property allowedAudience cannot be null.")
+
+    public AllowedAudienceEnum getAllowedAudience() {
+        return allowedAudience;
+    }
+    public void setAllowedAudience(AllowedAudienceEnum allowedAudience) {
+        this.allowedAudience = allowedAudience;
+    }
+
+    /**
+    **/
+    public AssociatedRolesConfig roles(List<Role> roles) {
+
+        this.roles = roles;
+        return this;
+    }
+    
+    @ApiModelProperty(value = "")
+    @JsonProperty("roles")
+    @Valid
+    public List<Role> getRoles() {
+        return roles;
+    }
+    public void setRoles(List<Role> roles) {
+        this.roles = roles;
+    }
+
+    public AssociatedRolesConfig addRolesItem(Role rolesItem) {
+        if (this.roles == null) {
+            this.roles = new ArrayList<>();
+        }
+        this.roles.add(rolesItem);
+        return this;
+    }
+
+    
+
+    @Override
+    public boolean equals(java.lang.Object o) {
+
+        if (this == o) {
+            return true;
+        }
+        if (o == null || getClass() != o.getClass()) {
+            return false;
+        }
+        AssociatedRolesConfig associatedRolesConfig = (AssociatedRolesConfig) o;
+        return Objects.equals(this.allowedAudience, associatedRolesConfig.allowedAudience) &&
+            Objects.equals(this.roles, associatedRolesConfig.roles);
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(allowedAudience, roles);
+    }
+
+    @Override
+    public String toString() {
+
+        StringBuilder sb = new StringBuilder();
+        sb.append("class AssociatedRolesConfig {\n");
+        
+        sb.append("    allowedAudience: ").append(toIndentedString(allowedAudience)).append("\n");
+        sb.append("    roles: ").append(toIndentedString(roles)).append("\n");
+        sb.append("}");
+        return sb.toString();
+    }
+
+    /**
+    * Convert the given object to string with each line indented by 4 spaces
+    * (except the first line).
+    */
+    private String toIndentedString(java.lang.Object o) {
+
+        if (o == null) {
+            return "null";
+        }
+        return o.toString().replace("\n", "\n");
+    }
+}
+
diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/Role.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/Role.java
new file mode 100644
index 0000000000..018455718b
--- /dev/null
+++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/Role.java
@@ -0,0 +1,121 @@
+/*
+ * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.api.server.application.management.v1;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonCreator;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import javax.validation.constraints.*;
+
+
+import io.swagger.annotations.*;
+import java.util.Objects;
+import javax.validation.Valid;
+import javax.xml.bind.annotation.*;
+
+public class Role  {
+  
+    private String id;
+    private String name;
+
+    /**
+    **/
+    public Role id(String id) {
+
+        this.id = id;
+        return this;
+    }
+    
+    @ApiModelProperty(example = "bf5abd05-3667-4a2a-a6c2-2fb9f4d26e47", required = true, value = "")
+    @JsonProperty("id")
+    @Valid
+    @NotNull(message = "Property id cannot be null.")
+
+    public String getId() {
+        return id;
+    }
+    public void setId(String id) {
+        this.id = id;
+    }
+
+    /**
+    **/
+    public Role name(String name) {
+
+        this.name = name;
+        return this;
+    }
+    
+    @ApiModelProperty(example = "RoleA", value = "")
+    @JsonProperty("name")
+    @Valid
+    public String getName() {
+        return name;
+    }
+    public void setName(String name) {
+        this.name = name;
+    }
+
+
+
+    @Override
+    public boolean equals(java.lang.Object o) {
+
+        if (this == o) {
+            return true;
+        }
+        if (o == null || getClass() != o.getClass()) {
+            return false;
+        }
+        Role role = (Role) o;
+        return Objects.equals(this.id, role.id) &&
+            Objects.equals(this.name, role.name);
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(id, name);
+    }
+
+    @Override
+    public String toString() {
+
+        StringBuilder sb = new StringBuilder();
+        sb.append("class Role {\n");
+        
+        sb.append("    id: ").append(toIndentedString(id)).append("\n");
+        sb.append("    name: ").append(toIndentedString(name)).append("\n");
+        sb.append("}");
+        return sb.toString();
+    }
+
+    /**
+    * Convert the given object to string with each line indented by 4 spaces
+    * (except the first line).
+    */
+    private String toIndentedString(java.lang.Object o) {
+
+        if (o == null) {
+            return "null";
+        }
+        return o.toString().replace("\n", "\n");
+    }
+}
+
diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApiModelToServiceProvider.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApiModelToServiceProvider.java
index 12d4739a8d..3022158e75 100644
--- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApiModelToServiceProvider.java
+++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApiModelToServiceProvider.java
@@ -1,22 +1,25 @@
 /*
- * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ * Copyright (c) 2019-2023, WSO2 LLC. (http://www.wso2.com).
  *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
  * You may obtain a copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
  */
 package org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application;
 
 import org.wso2.carbon.identity.api.server.application.management.v1.AdvancedApplicationConfiguration;
 import org.wso2.carbon.identity.api.server.application.management.v1.ApplicationModel;
+import org.wso2.carbon.identity.api.server.application.management.v1.AssociatedRolesConfig;
 import org.wso2.carbon.identity.api.server.application.management.v1.AuthenticationSequence;
 import org.wso2.carbon.identity.api.server.application.management.v1.ClaimConfiguration;
 import org.wso2.carbon.identity.api.server.application.management.v1.InboundProtocols;
@@ -53,10 +56,17 @@ public ServiceProvider apply(ApplicationModel applicationModel) {
         addAuthenticationSequence(application, applicationModel.getAuthenticationSequence());
         addProvisioningConfiguration(application, applicationModel.getProvisioningConfigurations());
         addInboundAuthenticationProtocolsToApplication(application, applicationModel.getInboundProtocolConfiguration());
-
+        addAssociatedRolesConfigurations(application, applicationModel.getAssociatedRoles());
         return application;
     }
 
+    private void addAssociatedRolesConfigurations(ServiceProvider application, AssociatedRolesConfig associatedRoles) {
+
+        if (associatedRoles != null) {
+            new UpdateAssociatedRoles().apply(application, associatedRoles);
+        }
+    }
+
     private void addInboundAuthenticationProtocolsToApplication(ServiceProvider application,
                                                                 InboundProtocols inboundProtocolsModel) {
 
diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ServiceProviderToApiModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ServiceProviderToApiModel.java
index d23707a319..e49db2f1fd 100644
--- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ServiceProviderToApiModel.java
+++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ServiceProviderToApiModel.java
@@ -1,17 +1,19 @@
 /*
- * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ * Copyright (c) 2019-2023, WSO2 LLC. (http://www.wso2.com).
  *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
  * You may obtain a copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
  */
 package org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application;
 
@@ -22,6 +24,7 @@
 import org.wso2.carbon.identity.api.server.application.management.v1.AdditionalSpProperty;
 import org.wso2.carbon.identity.api.server.application.management.v1.AdvancedApplicationConfiguration;
 import org.wso2.carbon.identity.api.server.application.management.v1.ApplicationResponseModel;
+import org.wso2.carbon.identity.api.server.application.management.v1.AssociatedRolesConfig;
 import org.wso2.carbon.identity.api.server.application.management.v1.AuthenticationSequence;
 import org.wso2.carbon.identity.api.server.application.management.v1.AuthenticationStepModel;
 import org.wso2.carbon.identity.api.server.application.management.v1.Authenticator;
@@ -32,6 +35,7 @@
 import org.wso2.carbon.identity.api.server.application.management.v1.InboundProtocolListItem;
 import org.wso2.carbon.identity.api.server.application.management.v1.ProvisioningConfiguration;
 import org.wso2.carbon.identity.api.server.application.management.v1.RequestedClaimConfiguration;
+import org.wso2.carbon.identity.api.server.application.management.v1.Role;
 import org.wso2.carbon.identity.api.server.application.management.v1.RoleConfig;
 import org.wso2.carbon.identity.api.server.application.management.v1.SubjectConfig;
 import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils;
@@ -106,6 +110,7 @@ public ApplicationResponseModel apply(ServiceProvider application) {
                     .issuer(getInboundKey(application, "samlsso"))
                     .templateId(application.getTemplateId())
                     .isManagementApp(application.isManagementApp())
+                    .associatedRoles(buildAssociatedRoles(application))
                     .claimConfiguration(buildClaimConfiguration(application))
                     .inboundProtocols(buildInboundProtocols(application))
                     .advancedConfigurations(buildAdvancedAppConfiguration(application))
@@ -115,6 +120,30 @@ public ApplicationResponseModel apply(ServiceProvider application) {
         }
     }
 
+    private AssociatedRolesConfig buildAssociatedRoles(ServiceProvider application) {
+
+        AssociatedRolesConfig associatedRolesConfig = new AssociatedRolesConfig();
+        if (application.getAssociatedRolesConfig() == null) {
+            associatedRolesConfig.setAllowedAudience(AssociatedRolesConfig.AllowedAudienceEnum.ORGANIZATION);
+            return associatedRolesConfig;
+        }
+
+        String allowedAudience = application.getAssociatedRolesConfig().getAllowedAudience();
+        AssociatedRolesConfig.AllowedAudienceEnum allowedAudienceEnum;
+        switch (allowedAudience) {
+            case "application":
+                allowedAudienceEnum = AssociatedRolesConfig.AllowedAudienceEnum.APPLICATION;
+                break;
+            default:
+                allowedAudienceEnum = AssociatedRolesConfig.AllowedAudienceEnum.ORGANIZATION;
+                break;
+        }
+        associatedRolesConfig.setAllowedAudience(allowedAudienceEnum);
+        application.getAssociatedRolesConfig().getRoles().forEach(role -> associatedRolesConfig.addRolesItem(
+                new Role().id(role.getId()).name(role.getName())));
+        return associatedRolesConfig;
+    }
+
     private List<InboundProtocolListItem> buildInboundProtocols(ServiceProvider application) {
 
         return new InboundAuthConfigToApiModel().apply(application);
diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateAssociatedRoles.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateAssociatedRoles.java
new file mode 100644
index 0000000000..ac0f7bc4e7
--- /dev/null
+++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateAssociatedRoles.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application;
+
+import org.wso2.carbon.identity.api.server.application.management.v1.AssociatedRolesConfig;
+import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.UpdateFunction;
+import org.wso2.carbon.identity.application.common.model.ServiceProvider;
+
+import java.util.List;
+import java.util.stream.Collectors;
+
+/**
+ * Updates the associated roles configurations defined by the API model in the Service Provider model.
+ */
+public class UpdateAssociatedRoles implements UpdateFunction<ServiceProvider, AssociatedRolesConfig> {
+
+    @Override
+    public void apply(ServiceProvider serviceProvider, AssociatedRolesConfig associatedRolesConfig) {
+
+        org.wso2.carbon.identity.application.common.model.AssociatedRolesConfig rolesConfig =
+                new org.wso2.carbon.identity.application.common.model.AssociatedRolesConfig();
+        if (associatedRolesConfig != null) {
+            rolesConfig.setAllowedAudience(associatedRolesConfig.getAllowedAudience().toString());
+            List<org.wso2.carbon.identity.application.common.model.RoleV2> listOfRoles =
+                    associatedRolesConfig.getRoles().stream()
+                            .map(role -> new org.wso2.carbon.identity.application.common.model.RoleV2(role.getId()))
+                            .collect(Collectors.toList());
+            rolesConfig.setRoles(listOfRoles);
+        }
+        serviceProvider.setAssociatedRolesConfig(rolesConfig);
+    }
+}
diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateServiceProvider.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateServiceProvider.java
index d88f056b5f..3cea6fd84a 100644
--- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateServiceProvider.java
+++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateServiceProvider.java
@@ -1,22 +1,25 @@
 /*
- * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ * Copyright (c) 2019-2023, WSO2 LLC. (http://www.wso2.com).
  *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
  * You may obtain a copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
  */
 package org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application;
 
 import org.wso2.carbon.identity.api.server.application.management.v1.AdvancedApplicationConfiguration;
 import org.wso2.carbon.identity.api.server.application.management.v1.ApplicationPatchModel;
+import org.wso2.carbon.identity.api.server.application.management.v1.AssociatedRolesConfig;
 import org.wso2.carbon.identity.api.server.application.management.v1.AuthenticationSequence;
 import org.wso2.carbon.identity.api.server.application.management.v1.ClaimConfiguration;
 import org.wso2.carbon.identity.api.server.application.management.v1.ProvisioningConfiguration;
@@ -40,12 +43,20 @@ public void apply(ServiceProvider serviceProvider, ApplicationPatchModel applica
         setIfNotNull(applicationPatchModel.getAccessUrl(), serviceProvider::setAccessUrl);
         setIfNotNull(applicationPatchModel.getTemplateId(), serviceProvider::setTemplateId);
 
+        patchAssociatedRolesConfigurations(serviceProvider, applicationPatchModel.getAssociatedRoles());
         patchClaimConfiguration(serviceProvider, applicationPatchModel.getClaimConfiguration());
         patchAuthenticationSequence(applicationPatchModel.getAuthenticationSequence(), serviceProvider);
         patchAdvancedConfiguration(serviceProvider, applicationPatchModel.getAdvancedConfigurations());
         patchProvisioningConfiguration(applicationPatchModel.getProvisioningConfigurations(), serviceProvider);
     }
 
+    private void patchAssociatedRolesConfigurations(ServiceProvider serviceProvider, AssociatedRolesConfig associatedRoles) {
+
+        if (associatedRoles != null) {
+            new UpdateAssociatedRoles().apply(serviceProvider, associatedRoles);
+        }
+    }
+
     private void patchClaimConfiguration(ServiceProvider serviceProvider, ClaimConfiguration claimConfiguration) {
 
         if (claimConfiguration != null) {
diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml
index 5dfca4f485..2933119123 100644
--- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml
+++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml
@@ -2622,6 +2622,8 @@ components:
           type: boolean
           example: false
           description: Decides whether the application used to for B2B self service
+        associatedRoles:
+          $ref: '#/components/schemas/AssociatedRolesConfig'
         claimConfiguration:
           $ref: '#/components/schemas/ClaimConfiguration'
         inboundProtocolConfiguration:
@@ -2632,7 +2634,6 @@ components:
           $ref: '#/components/schemas/AdvancedApplicationConfiguration'
         provisioningConfigurations:
           $ref: '#/components/schemas/ProvisioningConfiguration'
-
     ApplicationResponseModel:
       type: object
       required:
@@ -2671,6 +2672,8 @@ components:
           type: boolean
           example: false
           description: Decides whether the application used to for B2B self service
+        associatedRoles:
+          $ref: '#/components/schemas/AssociatedRolesConfig'
         claimConfiguration:
           $ref: '#/components/schemas/ClaimConfiguration'
         inboundProtocols:
@@ -2706,6 +2709,8 @@ components:
         templateId:
           type: string
           example: "adwefi2429asdfdf94444rraf44"
+        associatedRoles:
+          $ref: '#/components/schemas/AssociatedRolesConfig'
         claimConfiguration:
           $ref: '#/components/schemas/ClaimConfiguration'
         authenticationSequence:
@@ -2951,6 +2956,33 @@ components:
         applicationRole:
           type: string
           example: Administrator
+    AssociatedRolesConfig:
+      type: object
+      required:
+        - allowedAudience
+      properties:
+        allowedAudience:
+          type: string
+          example: "organization"
+          enum:
+            - organization
+            - application
+          default: organization
+        roles:
+          type: array
+          items:
+            $ref: '#/components/schemas/Role'
+    Role:
+      type: object
+      required:
+        - id
+      properties:
+        id:
+          type: string
+          example: "bf5abd05-3667-4a2a-a6c2-2fb9f4d26e47"
+        name:
+          type: string
+          example: "RoleA"
     RequestedClaimConfiguration:
       type: object
       required:

From a997988b43adbff1d06e165cb9b6aba03566fb1c Mon Sep 17 00:00:00 2001
From: AnuradhaSK <anuradha199528@gmail.com>
Date: Mon, 23 Oct 2023 12:01:17 +0530
Subject: [PATCH 2/4] fix possible NPEs

---
 .../core/functions/application/ServiceProviderToApiModel.java | 4 +++-
 .../v1/core/functions/application/UpdateAssociatedRoles.java  | 3 ++-
 .../v1/core/functions/application/UpdateServiceProvider.java  | 3 ++-
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ServiceProviderToApiModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ServiceProviderToApiModel.java
index e49db2f1fd..8be7aa8af3 100644
--- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ServiceProviderToApiModel.java
+++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ServiceProviderToApiModel.java
@@ -51,6 +51,7 @@
 import org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig;
 import org.wso2.carbon.identity.application.common.model.RequestPathAuthenticatorConfig;
 import org.wso2.carbon.identity.application.common.model.RoleMapping;
+import org.wso2.carbon.identity.application.common.model.RoleV2;
 import org.wso2.carbon.identity.application.common.model.ServiceProvider;
 import org.wso2.carbon.identity.application.common.model.ServiceProviderProperty;
 import org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants;
@@ -139,7 +140,8 @@ private AssociatedRolesConfig buildAssociatedRoles(ServiceProvider application)
                 break;
         }
         associatedRolesConfig.setAllowedAudience(allowedAudienceEnum);
-        application.getAssociatedRolesConfig().getRoles().forEach(role -> associatedRolesConfig.addRolesItem(
+        RoleV2[] roles = application.getAssociatedRolesConfig().getRoles();
+        Arrays.asList(roles).forEach(role -> associatedRolesConfig.addRolesItem(
                 new Role().id(role.getId()).name(role.getName())));
         return associatedRolesConfig;
     }
diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateAssociatedRoles.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateAssociatedRoles.java
index ac0f7bc4e7..0ee876eacf 100644
--- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateAssociatedRoles.java
+++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateAssociatedRoles.java
@@ -20,6 +20,7 @@
 
 import org.wso2.carbon.identity.api.server.application.management.v1.AssociatedRolesConfig;
 import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.UpdateFunction;
+import org.wso2.carbon.identity.application.common.model.RoleV2;
 import org.wso2.carbon.identity.application.common.model.ServiceProvider;
 
 import java.util.List;
@@ -41,7 +42,7 @@ public void apply(ServiceProvider serviceProvider, AssociatedRolesConfig associa
                     associatedRolesConfig.getRoles().stream()
                             .map(role -> new org.wso2.carbon.identity.application.common.model.RoleV2(role.getId()))
                             .collect(Collectors.toList());
-            rolesConfig.setRoles(listOfRoles);
+            rolesConfig.setRoles(listOfRoles.toArray(new RoleV2[0]));
         }
         serviceProvider.setAssociatedRolesConfig(rolesConfig);
     }
diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateServiceProvider.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateServiceProvider.java
index 3cea6fd84a..1e35189e54 100644
--- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateServiceProvider.java
+++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateServiceProvider.java
@@ -50,7 +50,8 @@ public void apply(ServiceProvider serviceProvider, ApplicationPatchModel applica
         patchProvisioningConfiguration(applicationPatchModel.getProvisioningConfigurations(), serviceProvider);
     }
 
-    private void patchAssociatedRolesConfigurations(ServiceProvider serviceProvider, AssociatedRolesConfig associatedRoles) {
+    private void patchAssociatedRolesConfigurations(ServiceProvider serviceProvider,
+                                                    AssociatedRolesConfig associatedRoles) {
 
         if (associatedRoles != null) {
             new UpdateAssociatedRoles().apply(serviceProvider, associatedRoles);

From 1f7117b4ec04e20368e83316553a6c58498d7836 Mon Sep 17 00:00:00 2001
From: AnuradhaSK <anuradha199528@gmail.com>
Date: Mon, 23 Oct 2023 15:45:03 +0530
Subject: [PATCH 3/4] bump framework

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index c64717b926..dea8bc7396 100644
--- a/pom.xml
+++ b/pom.xml
@@ -760,7 +760,7 @@
         <maven.buildnumber.plugin.version>1.4</maven.buildnumber.plugin.version>
         <org.apache.felix.annotations.version>1.2.4</org.apache.felix.annotations.version>
         <identity.governance.version>1.8.62</identity.governance.version>
-        <carbon.identity.framework.version>5.25.424</carbon.identity.framework.version>
+        <carbon.identity.framework.version>5.25.426</carbon.identity.framework.version>
         <maven.findbugsplugin.version>3.0.5</maven.findbugsplugin.version>
         <identity.workflow.impl.bps.version>5.2.0</identity.workflow.impl.bps.version>
         <maven.checkstyleplugin.excludes>**/gen/**/*</maven.checkstyleplugin.excludes>

From 657b83291593b5b706de3a0a64f99a3b0cee8af8 Mon Sep 17 00:00:00 2001
From: AnuradhaSK <anuradha199528@gmail.com>
Date: Mon, 23 Oct 2023 23:59:48 +0530
Subject: [PATCH 4/4] fix enum issue

---
 .../application/management/v1/AssociatedRolesConfig.java  | 5 +++--
 .../src/main/resources/applications.yaml                  | 8 ++++----
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/AssociatedRolesConfig.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/AssociatedRolesConfig.java
index 65aac77d32..c78cc6c36b 100644
--- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/AssociatedRolesConfig.java
+++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/AssociatedRolesConfig.java
@@ -39,7 +39,8 @@ public class AssociatedRolesConfig  {
 @XmlType(name="AllowedAudienceEnum")
 @XmlEnum(String.class)
 public enum AllowedAudienceEnum {
-    @XmlEnumValue("organization") ORGANIZATION(String.valueOf("organization")), @XmlEnumValue("application") APPLICATION(String.valueOf("application"));
+
+    @XmlEnumValue("ORGANIZATION") ORGANIZATION(String.valueOf("ORGANIZATION")), @XmlEnumValue("APPLICATION") APPLICATION(String.valueOf("APPLICATION"));
 
 
     private String value;
@@ -79,7 +80,7 @@ public AssociatedRolesConfig allowedAudience(AllowedAudienceEnum allowedAudience
         return this;
     }
     
-    @ApiModelProperty(example = "organization", required = true, value = "")
+    @ApiModelProperty(example = "ORGANIZATION", required = true, value = "")
     @JsonProperty("allowedAudience")
     @Valid
     @NotNull(message = "Property allowedAudience cannot be null.")
diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml
index 2933119123..57873e99b7 100644
--- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml
+++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml
@@ -2963,11 +2963,11 @@ components:
       properties:
         allowedAudience:
           type: string
-          example: "organization"
+          example: "ORGANIZATION"
           enum:
-            - organization
-            - application
-          default: organization
+            - ORGANIZATION
+            - APPLICATION
+          default: ORGANIZATION
         roles:
           type: array
           items: