[MOSIP-44632]: Unknown error returned when individualId contains characters in idvid-metadata/search fix (develop)#1479
Merged
JanardhanBS-SyncByte merged 33 commits intomosip:developfrom Mar 24, 2026
Conversation
…acters in idvid-metadata/search fix (develop) Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
WalkthroughController now validates incoming individualId as UIN, VID, or RID before processing; IdRequestValidator autowires a RidValidator and exposes validateRid; tests updated to use a long RID and flexible validator matchers; POM adds kernel-idvalidator-rid dependency. Changes
Sequence Diagram(s)sequenceDiagram
participant Client as Client
participant Controller as Controller
participant Validator as IdRequestValidator
participant KernelRID as KernelRidValidator
Client->>Controller: searchIdVidMeta(request with individualId)
Controller->>Validator: validateUin(individualId)
alt UIN valid
Validator-->>Controller: true
Controller-->>Client: proceed with UIN flow
else UIN invalid
Controller->>Validator: validateVid(individualId)
alt VID valid
Validator-->>Controller: true
Controller-->>Client: proceed with VID flow
else VID invalid
Controller->>Validator: validateRid(individualId)
Validator->>KernelRID: ridValidator.validateId(individualId)
alt RID valid
KernelRID-->>Controller: true
Controller-->>Client: proceed with RID flow
else RID invalid
KernelRID-->>Controller: false
Controller-->>Client: throw IdRepoAppException(INVALID_INPUT_PARAMETER)
end
end
end
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Poem
🚥 Pre-merge checks | ✅ 2 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
…acters in idvid-metadata/search fix (develop) Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
id-repository/id-repository-identity-service/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java (1)
100-116:⚠️ Potential issue | 🟠 MajorAdd the missing regression test for invalid
individualId.This setup wires the regex into
IdRepoController, but the suite still does not cover the failure path this PR is fixing. Please add asearchIdVidMetadatatest with a special-character value such asIND@123and assert that it throwsIDR-IDC-002/INVALID_INPUT_PARAMETERwithout callingidRepoService.getIdVidMetadata(...). Otherwise the original “unknown error” regression can slip back while all current happy-path tests still pass.Suggested test shape
+ `@Test` + public void testSearchIdVidMetadata_InvalidIndividualIdCharacters() { + IdVidMetadataRequestDTO dto = new IdVidMetadataRequestDTO(); + dto.setIndividualId("IND@123"); + dto.setIdType(null); + + RequestWrapper<IdVidMetadataRequestDTO> request = new RequestWrapper<>(); + request.setRequest(dto); + + IdRepoAppException ex = assertThrows(IdRepoAppException.class, + () -> controller.searchIdVidMetadata(request)); + + assertEquals(INVALID_INPUT_PARAMETER.getErrorCode(), ex.getErrorCode()); + verify(idRepoService, Mockito.never()).getIdVidMetadata(anyString(), any()); + }Based on learnings, the
/idrepository/v1/identity/idvid-metadata/searchnegative cases for invalid or special-characterindividualIdare expected to returnIDR-IDC-002(INVALID_INPUT_PARAMETER).🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@id-repository/id-repository-identity-service/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java` around lines 100 - 116, Add a negative unit test named searchIdVidMetadata in IdRepoControllerTest that submits an invalid individualId (e.g., "IND@123") to the controller's search idvid-metadata flow, assert the response/error code is IDR-IDC-002 / INVALID_INPUT_PARAMETER, and verify idRepoService.getIdVidMetadata(...) is never invoked; use the already-wired individualIdRegex and controller instance (and validator) in the `@Before` setup and mock/verifiy the idRepoService to ensure the failure path is exercised and no service call occurs.
🧹 Nitpick comments (1)
id-repository/id-repository-identity-service/src/main/java/io/mosip/idrepository/identity/controller/IdRepoController.java (1)
156-170: Compile the regex once at startup.Line 170 recompiles the same
Patternon every binder creation and stores it in a mutable static field. That adds request-path work and turns a badmosip.individualId.validation.regexvalue into a runtime failure instead of a startup failure; compiling once into an instance field is safer and matches the pattern already used inIdRepoDraftController.♻️ Suggested refactor
+import jakarta.annotation.PostConstruct; import java.util.regex.Pattern; ... - private static Pattern ALPHANUMERIC_WITH_DIGIT; + private Pattern individualIdPattern; + + `@PostConstruct` + public void compileIndividualIdPattern() { + individualIdPattern = Pattern.compile(individualIdRegex); + } `@InitBinder` public void initBinder(WebDataBinder binder) { binder.addValidators(validator); - ALPHANUMERIC_WITH_DIGIT = Pattern.compile(individualIdRegex); }🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@id-repository/id-repository-identity-service/src/main/java/io/mosip/idrepository/identity/controller/IdRepoController.java` around lines 156 - 170, The code currently compiles individualIdRegex into a mutable static ALPHANUMERIC_WITH_DIGIT inside initBinder, causing recompilation per binder and deferring regex errors to runtime; change to compile the regex once at startup by moving compilation out of initBinder into a safe startup point (e.g., constructor or `@PostConstruct`) and store it in a final instance field (not a mutable static), keep references to the same symbols individualIdRegex and ALPHANUMERIC_WITH_DIGIT and mirror the approach used in IdRepoDraftController so regex compilation occurs at application startup and initBinder only uses the already-compiled Pattern.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In
`@id-repository/id-repository-identity-service/src/main/java/io/mosip/idrepository/identity/controller/IdRepoController.java`:
- Around line 582-589: The current check only uses ALPHANUMERIC_WITH_DIGIT for
individualId; change the logic to resolve the effective IdType first (use
getIdType(idType) or validator.validateIdType(idType) as in the existing line
for individualIdType) and then validate the individualId against that resolved
type using the validator method used elsewhere (e.g.,
validator.validateIdvId(individualId, individualIdType) or the appropriate
validator call), and if validation fails throw IdRepoAppException with
IdRepoErrorConstants.INVALID_INPUT_PARAMETER (same format as existing) so
invalid IDs like "ABC123" with idType=UIN are rejected early.
---
Outside diff comments:
In
`@id-repository/id-repository-identity-service/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java`:
- Around line 100-116: Add a negative unit test named searchIdVidMetadata in
IdRepoControllerTest that submits an invalid individualId (e.g., "IND@123") to
the controller's search idvid-metadata flow, assert the response/error code is
IDR-IDC-002 / INVALID_INPUT_PARAMETER, and verify
idRepoService.getIdVidMetadata(...) is never invoked; use the already-wired
individualIdRegex and controller instance (and validator) in the `@Before` setup
and mock/verifiy the idRepoService to ensure the failure path is exercised and
no service call occurs.
---
Nitpick comments:
In
`@id-repository/id-repository-identity-service/src/main/java/io/mosip/idrepository/identity/controller/IdRepoController.java`:
- Around line 156-170: The code currently compiles individualIdRegex into a
mutable static ALPHANUMERIC_WITH_DIGIT inside initBinder, causing recompilation
per binder and deferring regex errors to runtime; change to compile the regex
once at startup by moving compilation out of initBinder into a safe startup
point (e.g., constructor or `@PostConstruct`) and store it in a final instance
field (not a mutable static), keep references to the same symbols
individualIdRegex and ALPHANUMERIC_WITH_DIGIT and mirror the approach used in
IdRepoDraftController so regex compilation occurs at application startup and
initBinder only uses the already-compiled Pattern.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: bd0a9656-e4ba-4e63-b8d3-77fe6c21a4a3
📒 Files selected for processing (2)
id-repository/id-repository-identity-service/src/main/java/io/mosip/idrepository/identity/controller/IdRepoController.javaid-repository/id-repository-identity-service/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java
...entity-service/src/main/java/io/mosip/idrepository/identity/controller/IdRepoController.java
Outdated
Show resolved
Hide resolved
…s characters in idvid-metadata/search in (develop) Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
There was a problem hiding this comment.
🧹 Nitpick comments (2)
id-repository/id-repository-identity-service/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java (2)
802-974: Consider adding the malformed-individualIdregression case here.All of the new
searchIdVidMetadatacoverage is happy-path. One controller-level case for a special-character or otherwise invalidindividualIdwould pin MOSIP-44544 and assert that this endpoint returnsINVALID_INPUT_PARAMETERrather than falling through to the unknown-error path.Based on learnings,
/idrepository/v1/identity/idvid-metadata/searchshould returnIDR-IDC-002for invalid or special-characterindividualIdinputs.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@id-repository/id-repository-identity-service/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java` around lines 802 - 974, Add a negative test that supplies a malformed individualId (e.g. containing special characters) to controller.searchIdVidMetadata and asserts the controller returns the INVALID_INPUT_PARAMETER error code (IDR-IDC-002) rather than a generic failure; implement it as a new test (e.g. testSearchIdVidMetadata_MalformedIndividualId) that builds a RequestWrapper<IdVidMetadataRequestDTO> with the bad individualId and null idType, mock validator.validateUin(...), validator.validateVid(...), and validator.validateRid(...) to all return false (and validator.validateIdType(...) as appropriate), invoke controller.searchIdVidMetadata(request) and assert the response is a bad-request/error wrapper containing error code "IDR-IDC-002" (and the corresponding INVALID_INPUT_PARAMETER message).
94-101: Add negative test cases for invalid/malformedindividualIdvalues.The stubs targeting
IdRequestValidatorare correct — the controller calls its methods (validateUin,validateVid,validateRid) directly, which internally delegate to the kernel validators. However, the test suite covers only happy-path scenarios (valid UIN, VID, and ID formats). Per MOSIP-44544, the API should returnIDR-IDC-002(INVALID_INPUT_PARAMETER) when an invalid or special-characterindividualIdis provided. Add negative test cases (e.g., invalid UIN, special characters, empty/null values) to verify this error handling path and prevent regression.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@id-repository/id-repository-identity-service/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java` around lines 94 - 101, Add negative test cases in IdRepoControllerTest that call the controller endpoints with malformed/invalid individualId values (e.g., invalid UIN format, strings with special characters, empty and null) and assert the controller returns the IDR-IDC-002 (INVALID_INPUT_PARAMETER) response; to implement this, stub the IdRequestValidator methods validateUin, validateVid, and validateRid to simulate validation failures (throwing the expected validation exception or returning an invalid result depending on existing test patterns) for those inputs and verify the controller error path and response code are exercised for each case.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Nitpick comments:
In
`@id-repository/id-repository-identity-service/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java`:
- Around line 802-974: Add a negative test that supplies a malformed
individualId (e.g. containing special characters) to
controller.searchIdVidMetadata and asserts the controller returns the
INVALID_INPUT_PARAMETER error code (IDR-IDC-002) rather than a generic failure;
implement it as a new test (e.g. testSearchIdVidMetadata_MalformedIndividualId)
that builds a RequestWrapper<IdVidMetadataRequestDTO> with the bad individualId
and null idType, mock validator.validateUin(...), validator.validateVid(...),
and validator.validateRid(...) to all return false (and
validator.validateIdType(...) as appropriate), invoke
controller.searchIdVidMetadata(request) and assert the response is a
bad-request/error wrapper containing error code "IDR-IDC-002" (and the
corresponding INVALID_INPUT_PARAMETER message).
- Around line 94-101: Add negative test cases in IdRepoControllerTest that call
the controller endpoints with malformed/invalid individualId values (e.g.,
invalid UIN format, strings with special characters, empty and null) and assert
the controller returns the IDR-IDC-002 (INVALID_INPUT_PARAMETER) response; to
implement this, stub the IdRequestValidator methods validateUin, validateVid,
and validateRid to simulate validation failures (throwing the expected
validation exception or returning an invalid result depending on existing test
patterns) for those inputs and verify the controller error path and response
code are exercised for each case.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: a40aec01-1287-486d-9745-dd72799a7dec
📒 Files selected for processing (4)
id-repository/id-repository-identity-service/pom.xmlid-repository/id-repository-identity-service/src/main/java/io/mosip/idrepository/identity/controller/IdRepoController.javaid-repository/id-repository-identity-service/src/main/java/io/mosip/idrepository/identity/validator/IdRequestValidator.javaid-repository/id-repository-identity-service/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java
🚧 Files skipped from review as they are similar to previous changes (1)
- id-repository/id-repository-identity-service/src/main/java/io/mosip/idrepository/identity/controller/IdRepoController.java
NidhiKumari0201
changed the title
Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (1)
id-repository/id-repository-identity-service/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java (1)
856-883: Consider adding a negative test for invalid individualId.The tests cover cases where at least one validator returns
true. However, there's no test for when all validations fail (UIN, VID, and RID all returnfalse). Based on the PR objective (fixing "Unknown error returned when individualId contains characters"), this error path should be tested to verify the correct error codeIDR-IDC-002(INVALID_INPUT_PARAMETER) is returned.📝 Suggested test case for invalid individualId
`@Test` public void testSearchIdVidMetadata_InvalidIndividualId_ShouldThrowException() throws Exception { String invalidIndividualId = "abc@#$123"; // invalid characters IdVidMetadataRequestDTO dto = new IdVidMetadataRequestDTO(); dto.setIndividualId(invalidIndividualId); dto.setIdType(null); RequestWrapper<IdVidMetadataRequestDTO> request = new RequestWrapper<>(); request.setRequest(dto); when(validator.validateUin(any())).thenReturn(false); when(validator.validateVid(any())).thenReturn(false); when(validator.validateRid(any())).thenReturn(false); IdRepoAppException ex = assertThrows(IdRepoAppException.class, () -> controller.searchIdVidMetadata(request)); assertEquals(IdRepoErrorConstants.INVALID_INPUT_PARAMETER.getErrorCode(), ex.getErrorCode()); }🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@id-repository/id-repository-identity-service/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java` around lines 856 - 883, Add a negative unit test that verifies controller.searchIdVidMetadata throws IdRepoAppException with error code IDR-IDC-002 when all validators reject the individualId: create a test similar to testSearchIdVidMetadata_DefaultsToID but set individualId to an invalid value (e.g., "abc@#$123"), mock validator.validateUin(...), validateVid(...), and validateRid(...) to all return false, call controller.searchIdVidMetadata(request) and assert that an IdRepoAppException is thrown and its error code equals IdRepoErrorConstants.INVALID_INPUT_PARAMETER.getErrorCode(); reference the existing RequestWrapper/IdVidMetadataRequestDTO usage and the validator mocks to locate where to add this test.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In
`@id-repository/id-repository-identity-service/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java`:
- Around line 94-101: Remove the unused mock fields uinValidator, vidValidator,
and ridValidator from the IdRepoControllerTest class; tests already mock and
exercise the composite IdRequestValidator (validator) so delete the declarations
of UinValidator<String> uinValidator, VidValidator<String> vidValidator, and
RidValidator<String> ridValidator to clean up the test class and avoid
unused-mock warnings.
---
Nitpick comments:
In
`@id-repository/id-repository-identity-service/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java`:
- Around line 856-883: Add a negative unit test that verifies
controller.searchIdVidMetadata throws IdRepoAppException with error code
IDR-IDC-002 when all validators reject the individualId: create a test similar
to testSearchIdVidMetadata_DefaultsToID but set individualId to an invalid value
(e.g., "abc@#$123"), mock validator.validateUin(...), validateVid(...), and
validateRid(...) to all return false, call
controller.searchIdVidMetadata(request) and assert that an IdRepoAppException is
thrown and its error code equals
IdRepoErrorConstants.INVALID_INPUT_PARAMETER.getErrorCode(); reference the
existing RequestWrapper/IdVidMetadataRequestDTO usage and the validator mocks to
locate where to add this test.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 15e60e46-8991-4ec4-b713-4fddaa8331dd
📒 Files selected for processing (1)
id-repository/id-repository-identity-service/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java
...rvice/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java
Outdated
Show resolved
Hide resolved
Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
There was a problem hiding this comment.
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
id-repository/id-repository-identity-service/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java (1)
789-961:⚠️ Potential issue | 🟠 MajorAdd the missing invalid-
individualIdregression test.These updates cover only success paths, but the PR objective is the invalid-character failure path. Please add a test where
individualIdcontains special characters,validateUin/validateVid/validateRidall returnfalse, andsearchIdVidMetadatathrowsIdRepoAppExceptionwithINVALID_INPUT_PARAMETER/IDR-IDC-002. Otherwise this bug can regress without any unit-test signal.🧪 Suggested test shape
+ `@Test` + public void testSearchIdVidMetadata_InvalidIndividualIdReturnsInvalidInput() { + String individualId = "abc@#123"; + IdVidMetadataRequestDTO dto = new IdVidMetadataRequestDTO(); + dto.setIndividualId(individualId); + dto.setIdType(null); + + RequestWrapper<IdVidMetadataRequestDTO> request = new RequestWrapper<>(); + request.setRequest(dto); + + when(validator.validateUin(individualId)).thenReturn(false); + when(validator.validateVid(individualId)).thenReturn(false); + when(validator.validateRid(individualId)).thenReturn(false); + + IdRepoAppException ex = assertThrows(IdRepoAppException.class, + () -> controller.searchIdVidMetadata(request)); + + assertEquals(INVALID_INPUT_PARAMETER.getErrorCode(), ex.getErrorCode()); + }Based on learnings: In the MOSIP id-repository project, the
/idrepository/v1/identity/idvid-metadata/searchAPI returns error codeIDR-IDC-002(INVALID_INPUT_PARAMETER) when an invalidindividualIdvalue is provided.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@id-repository/id-repository-identity-service/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java` around lines 789 - 961, Add a unit test for the invalid-character regression: create a test (e.g., testSearchIdVidMetadata_InvalidIndividualId) that sets IdVidMetadataRequestDTO.request.individualId to a value containing special characters, mocks validator.validateUin/validateVid/validateRid to return false, calls controller.searchIdVidMetadata(request) and asserts that the call throws IdRepoAppException whose error code equals INVALID_INPUT_PARAMETER/IDR-IDC-002; ensure you reference the same controller.searchIdVidMetadata method and validator mock used in the other tests so it fits with existing setup.
🧹 Nitpick comments (1)
id-repository/id-repository-identity-service/src/main/java/io/mosip/idrepository/identity/controller/IdRepoController.java (1)
576-583: LGTM — validation correctly rejects malformedindividualIdvalues.The added check ensures invalid inputs (e.g., special characters, non-ID formats) are caught early and return
INVALID_INPUT_PARAMETERas expected by the API contract.One optional efficiency note: when
idTypeis null,getIdType(individualId)on line 575 already callsvalidateUin/validateVidinternally. ThenvalidateUinOrVidOrRidcalls them again. You could refactor to capture the result fromgetIdTypeto avoid duplicate validator calls, but this is a minor concern.,
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@id-repository/id-repository-identity-service/src/main/java/io/mosip/idrepository/identity/controller/IdRepoController.java` around lines 576 - 583, The controller currently may validate individualId twice: getIdType(individualId) internally calls validateUin/validateVid and then validateUinOrVidOrRid(individualId) repeats validation; to avoid duplicate checks, capture the result from getIdType into the idType variable and only call validateUinOrVidOrRid(individualId) when idType is null/unknown (or modify getIdType to return a validation flag), updating the logic around the idType variable and getIdType/validateUinOrVidOrRid calls so validation runs exactly once per request.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Outside diff comments:
In
`@id-repository/id-repository-identity-service/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java`:
- Around line 789-961: Add a unit test for the invalid-character regression:
create a test (e.g., testSearchIdVidMetadata_InvalidIndividualId) that sets
IdVidMetadataRequestDTO.request.individualId to a value containing special
characters, mocks validator.validateUin/validateVid/validateRid to return false,
calls controller.searchIdVidMetadata(request) and asserts that the call throws
IdRepoAppException whose error code equals INVALID_INPUT_PARAMETER/IDR-IDC-002;
ensure you reference the same controller.searchIdVidMetadata method and
validator mock used in the other tests so it fits with existing setup.
---
Nitpick comments:
In
`@id-repository/id-repository-identity-service/src/main/java/io/mosip/idrepository/identity/controller/IdRepoController.java`:
- Around line 576-583: The controller currently may validate individualId twice:
getIdType(individualId) internally calls validateUin/validateVid and then
validateUinOrVidOrRid(individualId) repeats validation; to avoid duplicate
checks, capture the result from getIdType into the idType variable and only call
validateUinOrVidOrRid(individualId) when idType is null/unknown (or modify
getIdType to return a validation flag), updating the logic around the idType
variable and getIdType/validateUinOrVidOrRid calls so validation runs exactly
once per request.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: d941c44e-6fc8-441c-ae7c-967fa981c37e
📒 Files selected for processing (2)
id-repository/id-repository-identity-service/src/main/java/io/mosip/idrepository/identity/controller/IdRepoController.javaid-repository/id-repository-identity-service/src/test/java/io/mosip/idrepository/identity/test/controller/IdRepoControllerTest.java
…hod develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
There was a problem hiding this comment.
Actionable comments posted: 1
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
id-repository/id-repository-identity-service/src/main/java/io/mosip/idrepository/identity/controller/IdRepoController.java (1)
568-582:⚠️ Potential issue | 🟠 MajorNormalize blank
idTypebefore resolvingindividualIdType.Line 575 still treats
""as present, sovalidator.validateIdType("")throws before the new helper can take its "idType omitted" path. That leaves the optionalidTypeflow inconsistent for request bodies that send an empty string.💡 Suggested fix
IdVidMetadataRequestDTO metadataRequest = request.getRequest(); String individualId = metadataRequest.getIndividualId(); - String idType = metadataRequest.getIdType(); + String idType = StringUtils.trimToNull(metadataRequest.getIdType()); if (StringUtils.isBlank(individualId)) { throw new IdRepoAppException( IdRepoErrorConstants.MISSING_INPUT_PARAMETER.getErrorCode(), String.format(IdRepoErrorConstants.MISSING_INPUT_PARAMETER.getErrorMessage(), "individualId") ); } - IdType individualIdType = Objects.isNull(idType) ? getIdType(individualId) : validator.validateIdType(idType); - if (!validateUinOrVidOrRid(idType, individualId)) { throw new IdRepoAppException( IdRepoErrorConstants.INVALID_INPUT_PARAMETER.getErrorCode(), String.format(IdRepoErrorConstants.INVALID_INPUT_PARAMETER.getErrorMessage(), "individualId") ); } + IdType individualIdType = Objects.isNull(idType) ? getIdType(individualId) : validator.validateIdType(idType);🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@id-repository/id-repository-identity-service/src/main/java/io/mosip/idrepository/identity/controller/IdRepoController.java` around lines 568 - 582, Normalize the incoming idType before using it: replace direct metadataRequest.getIdType() usage with a trimmed/null-normalized value (e.g., treat "" as null via StringUtils.trimToNull or StringUtils.isBlank check) and use that normalized variable when computing individualIdType (i.e., pass normalizedIdType to Objects.isNull(...) ? getIdType(individualId) : validator.validateIdType(normalizedIdType)) and also pass the normalizedIdType into validateUinOrVidOrRid(normalizedIdType, individualId) so empty strings are treated as omitted rather than validated.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In
`@id-repository/id-repository-identity-service/src/main/java/io/mosip/idrepository/identity/controller/IdRepoController.java`:
- Around line 676-691: The helper validateUinOrVidOrRid is reparsing the raw
idType string with IdType.valueOf(idType) causing case-sensitivity bugs; change
validateUinOrVidOrRid to accept the already-normalized IdType (individualIdType
produced by validator.validateIdType(idType)) instead of the raw String, update
all callers to pass that IdType, remove the IdType.valueOf(...) call and switch
directly on the passed IdType (UIN/VID/ID) to invoke
validator.validateUin/validateVid/validateRid accordingly; ensure signatures and
imports are updated and no other code relies on the old String overload.
---
Outside diff comments:
In
`@id-repository/id-repository-identity-service/src/main/java/io/mosip/idrepository/identity/controller/IdRepoController.java`:
- Around line 568-582: Normalize the incoming idType before using it: replace
direct metadataRequest.getIdType() usage with a trimmed/null-normalized value
(e.g., treat "" as null via StringUtils.trimToNull or StringUtils.isBlank check)
and use that normalized variable when computing individualIdType (i.e., pass
normalizedIdType to Objects.isNull(...) ? getIdType(individualId) :
validator.validateIdType(normalizedIdType)) and also pass the normalizedIdType
into validateUinOrVidOrRid(normalizedIdType, individualId) so empty strings are
treated as omitted rather than validated.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: e4858579-c6f7-4b6f-bf37-5b6219d7dff0
📒 Files selected for processing (1)
id-repository/id-repository-identity-service/src/main/java/io/mosip/idrepository/identity/controller/IdRepoController.java
...entity-service/src/main/java/io/mosip/idrepository/identity/controller/IdRepoController.java
Outdated
Show resolved
Hide resolved
Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
JanardhanBS-SyncByte
approved these changes
Mar 17, 2026
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
…pper in IndividualIdValidator develop Signed-off-by: Nidhi0201 <nidhi.k@cyberpwn.com>
JanardhanBS-SyncByte
approved these changes
Mar 24, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary by CodeRabbit
New Features
Bug Fixes
Tests