From 1c6620248723bd8bb32df9b18f822c9db1e7c490 Mon Sep 17 00:00:00 2001
From: akila94 <akilaaroshanaa@gmail.com>
Date: Wed, 13 Nov 2024 16:53:53 +0530
Subject: [PATCH] Move PAR request validation logic before authenticaiton
 validation

---
 .../api/PushAuthorisationEndpoint.java        | 22 +++++++++----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.push.authorization.endpoint/src/main/java/com/wso2/openbanking/accelerator/push/authorization/endpoint/api/PushAuthorisationEndpoint.java b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.push.authorization.endpoint/src/main/java/com/wso2/openbanking/accelerator/push/authorization/endpoint/api/PushAuthorisationEndpoint.java
index df7b39ee..5aca9340 100644
--- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.push.authorization.endpoint/src/main/java/com/wso2/openbanking/accelerator/push/authorization/endpoint/api/PushAuthorisationEndpoint.java
+++ b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.push.authorization.endpoint/src/main/java/com/wso2/openbanking/accelerator/push/authorization/endpoint/api/PushAuthorisationEndpoint.java
@@ -95,16 +95,6 @@ public Response parPost(@Context HttpServletRequest request, @Context HttpServle
         OAuthClientAuthnContext clientAuthnContext = (OAuthClientAuthnContext)
                 request.getAttribute(CLIENT_AUTHENTICATION_CONTEXT);
 
-        // Check if the client authentication is successful
-        if (!clientAuthnContext.isAuthenticated()) {
-            // create error response
-            PushAuthErrorResponse errorResponse = pushAuthRequestValidator
-                    .createErrorResponse(HttpServletResponse.SC_UNAUTHORIZED,
-                            clientAuthnContext.getErrorCode(), clientAuthnContext.getErrorMessage());
-            return Response.status(errorResponse.getHttpStatusCode())
-                    .entity(errorResponse.getPayload()).build();
-        }
-
         try {
             paramMap = pushAuthRequestValidator.validateParams(request, (Map<String, List<String>>) parameterMap);
         } catch (PushAuthRequestValidatorException exception) {
@@ -113,7 +103,17 @@ public Response parPost(@Context HttpServletRequest request, @Context HttpServle
                     .createErrorResponse(exception.getHttpStatusCode(), exception.getErrorCode(),
                             exception.getErrorDescription());
             return Response.status(errorResponse.getHttpStatusCode() != 0 ?
-                    errorResponse.getHttpStatusCode() : exception.getHttpStatusCode())
+                            errorResponse.getHttpStatusCode() : exception.getHttpStatusCode())
+                    .entity(errorResponse.getPayload()).build();
+        }
+
+        // Check if the client authentication is successful
+        if (!clientAuthnContext.isAuthenticated()) {
+            // create error response
+            PushAuthErrorResponse errorResponse = pushAuthRequestValidator
+                    .createErrorResponse(HttpServletResponse.SC_UNAUTHORIZED,
+                            clientAuthnContext.getErrorCode(), clientAuthnContext.getErrorMessage());
+            return Response.status(errorResponse.getHttpStatusCode())
                     .entity(errorResponse.getPayload()).build();
         }