Fix unresolved CUSTOM placeholder in My Account impersonation callback URL

[AfraHussaindeen]

Purpose

• After migrating from IS 7.1.0 to IS 7.2.0, the MyAccountForImpersonationMigrator adds the impersonation redirect URL to the My Account OAuth app's callback URL list using the <CUSTOM_PROTOCOL>://<CUSTOM_HOSTNAME>:<CUSTOM_PORT> placeholder. When Console.Origin is not configured, this placeholder was left unresolved at OAuth redirect_uri validation time, causing user impersonation via Console to fail.
• Root cause:
  • When MyAccount.Origin is not configured, the standard <PROTOCOL>://<HOSTNAME>:<PORT> placeholder in the My Account callback URL was resolved correctly, but the CUSTOM <CUSTOM_PROTOCOL>://<CUSTOM_HOSTNAME>:<CUSTOM_PORT> placeholder for the impersonation redirect URL was not — leaving it unresolved.
• Fix:
  • Fixes the read path (resolveOriginUrlFromPlaceholders) to fall back to the server base URL when Console.Origin is not configured, ensuring the CUSTOM placeholder in the impersonation callback URL is resolved correctly.
    • Removes the dependency on the @Deprecated single-argument overload of resolveOriginUrlFromPlaceholders.

Related Issues

• Internal : https://github.com/wso2-enterprise/wso2-iam-internal/issues/7255
• Public : [Migration] User Impersonation Feature Not Working in IS 7.2.0 product-is#27809

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Pro

Run ID: 4b854d8c-44cd-4c20-8fee-e9f066c15395

📥 Commits

Reviewing files that changed from the base of the PR and between 93e0996 and fa33cdd.

📒 Files selected for processing (1)

• components/application-mgt/org.wso2.carbon.identity.application.mgt/src/main/java/org/wso2/carbon/identity/application/mgt/ApplicationMgtUtil.java

---

📝 Walkthrough

Walkthrough

In ApplicationMgtUtil, a new private helper getAbsolutePublicUrlWithoutPath() centralizes the ServiceURLBuilder.create().build().getAbsolutePublicUrlWithoutPath() call. resolveOriginUrlFromPlaceholders is updated to use this helper as a fallback when no basePath is set for the sub-org branch and when CONSOLE_ACCESS_ORIGIN is empty for MY_ACCOUNT URLs.

Changes

Base URL placeholder resolution

Layer / File(s)	Summary
resolveOriginUrlFromPlaceholders fallback and getAbsolutePublicUrlWithoutPath helper components/application-mgt/.../ApplicationMgtUtil.java	Introduces a private getAbsolutePublicUrlWithoutPath() helper and uses it as a fallback in two branches of resolveOriginUrlFromPlaceholders: the sub-org no-basePath path and the MY_ACCOUNT empty-CONSOLE_ACCESS_ORIGIN path before BASE_URL_CUSTOM_PLACEHOLDER replacement.

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Description check	❓ Inconclusive	The description covers Purpose, Root Cause, Fix, and Related Issues comprehensively. However, it omits several required template sections like Goals, Approach, User stories, Release note, Documentation, Training, Certification, Marketing, Automation tests, and Security checks.	While the critical context is provided, complete the PR description by addressing missing template sections such as Release note, Documentation, Automation tests, and Security checks.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title directly and clearly describes the main fix: resolving the CUSTOM placeholder in the My Account impersonation callback URL, which is the primary objective of the PR.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[jenkins-is-staging]

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/27934815092

[codecov]

Codecov Report

❌ Patch coverage is 0% with 4 lines in your changes missing coverage. Please review.
✅ Project coverage is 52.80%. Comparing base (93e0996) to head (fa33cdd).

Files with missing lines	Patch %	Lines
...n/identity/application/mgt/ApplicationMgtUtil.java	0.00%	4 Missing ⚠️

❌ Your patch check has failed because the patch coverage (0.00%) is below the target coverage (80.00%). You can increase the patch coverage or adjust the target coverage.

Additional details and impacted files

@@             Coverage Diff              @@
##             master    #8172      +/-   ##
============================================
+ Coverage     52.77%   52.80%   +0.03%     
+ Complexity    21216    21178      -38     
============================================
  Files          2197     2197              
  Lines        130819   130618     -201     
  Branches      19654    19623      -31     
============================================
- Hits          69040    68977      -63     
+ Misses        53364    53245     -119     
+ Partials       8415     8396      -19     

Flag	Coverage Δ
unit	38.22% <0.00%> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[jenkins-is-staging]

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/27934815092
Status: failure