wso2 · mpmadhavig · Sep 24, 2024 · Aug 28, 2024 · Sep 24, 2024
diff --git a/...wso2/carbon/identity/api/server/application/management/v1/OpenIDConnectConfiguration.java b/...wso2/carbon/identity/api/server/application/management/v1/OpenIDConnectConfiguration.java
@@ -88,8 +88,6 @@ public static StateEnum fromValue(String value) {
     private RefreshTokenConfiguration refreshToken;
     private SubjectTokenConfiguration subjectToken;
     private IdTokenConfiguration idToken;
-    private Boolean useClientIdAsSubClaimForAppTokens;
-    private Boolean omitUsernameInIntrospectionRespForAppTokens;
     private OIDCLogoutConfiguration logout;
     private Boolean validateRequestObjectSignature = false;
     private List<String> scopeValidators = null;
@@ -360,45 +358,6 @@ public void setIdToken(IdTokenConfiguration idToken) {
         this.idToken = idToken;
     }
 
-    /**
-     * If enabled, client_id will be sent as the subject claim value for app tokens.
-     */
-    public OpenIDConnectConfiguration useClientIdAsSubClaimForAppTokens(Boolean useClientIdAsSubClaimForAppTokens) {
-
-        this.useClientIdAsSubClaimForAppTokens = useClientIdAsSubClaimForAppTokens;
-        return this;
-    }
-
-    @ApiModelProperty("If enable, client_id will be sent as the sub claim value for app tokens.")
-    @JsonProperty("useClientIdAsSubClaimForAppTokens")
-    @Valid
-    public Boolean getUseClientIdAsSubClaimForAppTokens() {
-        return useClientIdAsSubClaimForAppTokens;
-    }
-    public void setUseClientIdAsSubClaimForAppTokens(Boolean useClientIdAsSubClaimForAppTokens) {
-        this.useClientIdAsSubClaimForAppTokens = useClientIdAsSubClaimForAppTokens;
-    }
-
-    /**
-     * If enabled, username will not be sent in the introspection response for app tokens.
-     */
-    public OpenIDConnectConfiguration omitUsernameInIntrospectionRespForAppTokens(
-            Boolean omitUsernameInIntrospectionRespForAppTokens) {
-
-        this.omitUsernameInIntrospectionRespForAppTokens = omitUsernameInIntrospectionRespForAppTokens;
-        return this;
-    }
-
-    @ApiModelProperty("If enabled, username will not be sent in the introspection response for app tokens.")
-    @JsonProperty("omitUsernameInIntrospectionRespForAppTokens")
-    @Valid
-    public Boolean getOmitUsernameInIntrospectionRespForAppTokens() {
-        return omitUsernameInIntrospectionRespForAppTokens;
-    }
-    public void setOmitUsernameInIntrospectionRespForAppTokens(Boolean omitUsernameInIntrospectionRespForAppTokens) {
-        this.omitUsernameInIntrospectionRespForAppTokens = omitUsernameInIntrospectionRespForAppTokens;
-    }
-
     /**
     **/
     public OpenIDConnectConfiguration logout(OIDCLogoutConfiguration logout) {
@@ -593,10 +552,6 @@ public boolean equals(java.lang.Object o) {
             Objects.equals(this.refreshToken, openIDConnectConfiguration.refreshToken) &&
             Objects.equals(this.subjectToken, openIDConnectConfiguration.subjectToken) &&
             Objects.equals(this.idToken, openIDConnectConfiguration.idToken) &&
-            Objects.equals(this.useClientIdAsSubClaimForAppTokens,
-                    openIDConnectConfiguration.useClientIdAsSubClaimForAppTokens) &&
-            Objects.equals(this.omitUsernameInIntrospectionRespForAppTokens,
-                    openIDConnectConfiguration.omitUsernameInIntrospectionRespForAppTokens) &&
             Objects.equals(this.logout, openIDConnectConfiguration.logout) &&
             Objects.equals(this.validateRequestObjectSignature, openIDConnectConfiguration.validateRequestObjectSignature) &&
             Objects.equals(this.scopeValidators, openIDConnectConfiguration.scopeValidators) &&
@@ -611,7 +566,7 @@ public boolean equals(java.lang.Object o) {
     @Override
     public int hashCode() {
 
-        return Objects.hash(clientId, clientSecret, state, grantTypes, callbackURLs, allowedOrigins, publicClient, pkce, hybridFlow, accessToken, refreshToken, subjectToken, idToken, useClientIdAsSubClaimForAppTokens, omitUsernameInIntrospectionRespForAppTokens, logout, validateRequestObjectSignature, scopeValidators, clientAuthentication, requestObject, pushAuthorizationRequest, subject, isFAPIApplication, fapiMetadata);
+        return Objects.hash(clientId, clientSecret, state, grantTypes, callbackURLs, allowedOrigins, publicClient, pkce, hybridFlow, accessToken, refreshToken, subjectToken, idToken, logout, validateRequestObjectSignature, scopeValidators, clientAuthentication, requestObject, pushAuthorizationRequest, subject, isFAPIApplication, fapiMetadata);
     }
 
     @Override
@@ -633,8 +588,6 @@ public String toString() {
         sb.append("    refreshToken: ").append(toIndentedString(refreshToken)).append("\n");
         sb.append("    subjectToken: ").append(toIndentedString(subjectToken)).append("\n");
         sb.append("    idToken: ").append(toIndentedString(idToken)).append("\n");
-        sb.append("    useClientIdAsSubClaimForAppTokens: ").append(toIndentedString(useClientIdAsSubClaimForAppTokens)).append("\n");
-        sb.append("    omitUsernameInIntrospectionRespForAppTokens: ").append(toIndentedString(omitUsernameInIntrospectionRespForAppTokens)).append("\n");
         sb.append("    logout: ").append(toIndentedString(logout)).append("\n");
         sb.append("    validateRequestObjectSignature: ").append(toIndentedString(validateRequestObjectSignature)).append("\n");
         sb.append("    scopeValidators: ").append(toIndentedString(scopeValidators)).append("\n");

diff --git a/...n/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java b/...n/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java
@@ -69,10 +69,6 @@ public OAuthConsumerAppDTO apply(String appName, OpenIDConnectConfiguration oidc
         consumerAppDTO.setBypassClientCredentials(oidcModel.getPublicClient());
         consumerAppDTO.setRequestObjectSignatureValidationEnabled(oidcModel.getValidateRequestObjectSignature());
 
-        consumerAppDTO.setUseClientIdAsSubClaimForAppTokens(oidcModel.getUseClientIdAsSubClaimForAppTokens());
-        consumerAppDTO.setOmitUsernameInIntrospectionRespForAppTokens(
-                oidcModel.getOmitUsernameInIntrospectionRespForAppTokens());
-
         updateAllowedOrigins(consumerAppDTO, oidcModel.getAllowedOrigins());
         updatePkceConfigurations(consumerAppDTO, oidcModel.getPkce());
         updateHybridFlowConfigurations(consumerAppDTO, oidcModel.getHybridFlow());

diff --git a/...n/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java b/...n/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java
@@ -59,9 +59,6 @@ public OpenIDConnectConfiguration apply(OAuthConsumerAppDTO oauthAppDTO) {
                 .accessToken(buildTokenConfiguration(oauthAppDTO))
                 .refreshToken(buildRefreshTokenConfiguration(oauthAppDTO))
                 .idToken(buildIdTokenConfiguration(oauthAppDTO))
-                .useClientIdAsSubClaimForAppTokens(oauthAppDTO.isUseClientIdAsSubClaimForAppTokens())
-                .omitUsernameInIntrospectionRespForAppTokens(
-                        oauthAppDTO.isOmitUsernameInIntrospectionRespForAppTokens())
                 .logout(buildLogoutConfiguration(oauthAppDTO))
                 .scopeValidators(getScopeValidators(oauthAppDTO))
                 .validateRequestObjectSignature(oauthAppDTO.isRequestObjectSignatureValidationEnabled())

diff --git a/...carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml b/...carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml
@@ -3603,12 +3603,6 @@ components:
             Enabling this option will allow the client to authenticate without a
             client secret.
           example: false
-        useClientIdAsSubClaimForAppTokens:
-          type: boolean
-          description: If enabled, client_id will be sent as the sub claim value for app tokens.
-        omitUsernameInIntrospectionRespForAppTokens:
-          type: boolean
-          description: If enabled, username will not be sent in the introspection response for app tokens.
         pkce:
           $ref: '#/components/schemas/OAuth2PKCEConfiguration'
         accessToken:

diff --git a/pom.xml b/pom.xml
@@ -808,7 +808,7 @@
         <findsecbugs-plugin.version>1.12.0</findsecbugs-plugin.version>
         <maven.checkstyleplugin.excludes>**/gen/**/*</maven.checkstyleplugin.excludes>
         <identity.event.handler.version>1.8.19</identity.event.handler.version>
-        <identity.inbound.oauth2.version>7.0.140</identity.inbound.oauth2.version>
+        <identity.inbound.oauth2.version>7.0.154</identity.inbound.oauth2.version>
         <identity.inbound.saml2.version>5.11.41</identity.inbound.saml2.version>
         <commons.beanutils.version>1.9.4</commons.beanutils.version>
         <mavan.findbugsplugin.exclude.file>findbugs-exclude-filter.xml</mavan.findbugsplugin.exclude.file>