From 4a0382c1cc7a148a7b5443c7b51265c0a9c2a0c2 Mon Sep 17 00:00:00 2001
From: thumimku <thumilan.15@cse.mrt.ac.lk>
Date: Thu, 9 Jan 2025 15:33:55 +0530
Subject: [PATCH] update SP Audience DCR

---
 .../oauth/dcr/service/DCRMService.java        | 29 ++++++++++---------
 .../oauth/dcr/service/DCRMServiceTest.java    |  2 ++
 2 files changed, 18 insertions(+), 13 deletions(-)

diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java
index e0b95d3338..ae87ca10fe 100644
--- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java
+++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java
@@ -310,13 +310,24 @@ public Application updateApplication(ApplicationUpdateRequest updateRequest, Str
                 sp.setJwksUri(updateRequest.getJwksURI());
             }
             // Todo: validate version input. Create a function at app mgt.
-            sp.setApplicationVersion(applicationVersion);
-            // Need to create a deep clone, since modifying the fields of the original object,
-            // will modify the cached SP object.
-            ServiceProvider clonedSP = cloneServiceProvider(sp);
+            if (StringUtils.isNotBlank(applicationVersion)) {
+                sp.setApplicationVersion(applicationVersion);
+            }
+        }
+        if (StringUtils.isNotEmpty(updateRequest.getExtAllowedAudience()) &&
+                (updateRequest.getExtAllowedAudience().equalsIgnoreCase(ORG_ROLE_AUDIENCE)
+                        || updateRequest.getExtAllowedAudience().equalsIgnoreCase(APP_ROLE_AUDIENCE))) {
+            AssociatedRolesConfig associatedRolesConfig = new AssociatedRolesConfig();
+            associatedRolesConfig.setAllowedAudience(updateRequest.getExtAllowedAudience().toLowerCase());
+            sp.setAssociatedRolesConfig(associatedRolesConfig);
+        }
+        // Need to create a deep clone, since modifying the fields of the original object,
+        // will modify the cached SP object.
+        ServiceProvider clonedSP = cloneServiceProvider(sp);
+        if (StringUtils.isNotEmpty(clientName)) {
             clonedSP.setApplicationName(clientName);
-            updateServiceProvider(clonedSP, tenantDomain, applicationOwner);
         }
+        updateServiceProvider(clonedSP, tenantDomain, applicationOwner);
 
         // Update application
         try {
@@ -413,14 +424,6 @@ public Application updateApplication(ApplicationUpdateRequest updateRequest, Str
             appDTO.setPkceSupportPlain(updateRequest.isExtPkceSupportPlain());
             appDTO.setBypassClientCredentials(updateRequest.isExtPublicClient());
             oAuthAdminService.updateConsumerApplication(appDTO);
-
-            if (StringUtils.isNotEmpty(updateRequest.getExtAllowedAudience()) &&
-                    (updateRequest.getExtAllowedAudience().equalsIgnoreCase(ORG_ROLE_AUDIENCE)
-                            || updateRequest.getExtAllowedAudience().equalsIgnoreCase(APP_ROLE_AUDIENCE))) {
-                AssociatedRolesConfig associatedRolesConfig = new AssociatedRolesConfig();
-                associatedRolesConfig.setAllowedAudience(updateRequest.getExtAllowedAudience().toLowerCase());
-                sp.setAssociatedRolesConfig(associatedRolesConfig);
-            }
         } catch (IdentityOAuthClientException e) {
             throw new DCRMClientException(DCRMConstants.ErrorCodes.INVALID_CLIENT_METADATA, e.getMessage(), e);
         } catch (IdentityOAuthAdminException e) {
diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/test/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMServiceTest.java b/components/org.wso2.carbon.identity.oauth.dcr/src/test/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMServiceTest.java
index 1678df7280..8edaea61d9 100644
--- a/components/org.wso2.carbon.identity.oauth.dcr/src/test/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMServiceTest.java
+++ b/components/org.wso2.carbon.identity.oauth.dcr/src/test/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMServiceTest.java
@@ -108,6 +108,7 @@ public class DCRMServiceTest {
     private String dummyCallbackUrl = "dummyCallbackUrl";
     private final String dummyTemplateName = "dummyTemplateName";
     private final String dummyBackchannelLogoutUri = "http://backchannel.com/";
+    private static final String ORG_ROLE_AUDIENCE = "organization";
 
     @Mock
     private OAuthConsumerAppDTO dto;
@@ -1007,6 +1008,7 @@ public void updateApplicationTest(List<String> redirectUri1, String roleAudience
         assertEquals(application.getClientId(), dummyConsumerKey);
         assertEquals(application.getClientName(), dummyClientName);
         assertEquals(application.getClientSecret(), dummyConsumerSecret);
+        assertEquals(application.getExtAllowedAudience(), roleAudience);
     }
 
     @Test