add review comments

components/application-mgt/org.wso2.carbon.identity.application.mgt/src/main/java/org/wso2/carbon/identity/application/mgt/dao/impl/ApplicationDAOImpl.java

@@ -437,6 +437,22 @@ private ApplicationCreateResult persistBasicApplicationInformation(Connection co
             ServiceProviderProperty isB2BSSAppProperty = buildIsB2BSSAppProperty(application);
             serviceProviderProperties.add(isB2BSSAppProperty);
 
+            ServiceProviderProperty isAPIBasedAuthenticationEnabled
+                    = buildIsAPIBasedAuthenticationEnabledProperty(application);
+            serviceProviderProperties.add(isAPIBasedAuthenticationEnabled);
+
+            if (application.getClientAttestationMetaData() != null) {
+                ServiceProviderProperty isAttestationEnabled =
+                        buildIsAttestationEnabledProperty(application.getClientAttestationMetaData());
+                serviceProviderProperties.add(isAttestationEnabled);
+
+                ServiceProviderProperty androidPackageName =
+                        buildAndroidPackageNameProperty(application.getClientAttestationMetaData());
+                serviceProviderProperties.add(androidPackageName);
+
+                storeAndroidAttestationServiceCredentialAsSecret(application);
+            }
+
             ServiceProviderProperty allowedRoleAudienceProperty = buildAllowedRoleAudienceProperty(application);
             serviceProviderProperties.add(allowedRoleAudienceProperty);
             application.setSpProperties(serviceProviderProperties.toArray(new ServiceProviderProperty[0]));

components/application-mgt/org.wso2.carbon.identity.application.mgt/src/test/java/org/wso2/carbon/identity/application/mgt/ApplicationManagementServiceImplTest.java

@@ -38,6 +38,7 @@
 import org.wso2.carbon.identity.application.common.model.Claim;
 import org.wso2.carbon.identity.application.common.model.ClaimConfig;
 import org.wso2.carbon.identity.application.common.model.ClaimMapping;
+import org.wso2.carbon.identity.application.common.model.ClientAttestationMetaData;
 import org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig;
 import org.wso2.carbon.identity.application.common.model.IdentityProvider;
 import org.wso2.carbon.identity.application.common.model.InboundAuthenticationConfig;
@@ -776,6 +777,119 @@ public void testAddApplicationWithIsManagementApplication(boolean isManagementAp
                 REGISTRY_SYSTEM_USERNAME);
     }
 
+    @DataProvider(name = "testAddApplicationWithAPIBasedAuthenticationData")
+    public Object[][] testAddApplicationWithAPIBasedAuthenticationData() {
+
+
+        return new Object[][]{
+                {true},
+                {false}
+        };
+    }
+
+    @Test(dataProvider = "testAddApplicationWithAPIBasedAuthenticationData")
+    public void testAddApplicationWithAPIBasedAuthentication(boolean isAPIBasedAuthenticationEnabled) throws Exception {
+
+
+        ServiceProvider inputSP = new ServiceProvider();
+        inputSP.setApplicationName(APPLICATION_NAME_1);
+
+        addApplicationConfigurations(inputSP);
+        inputSP.setAPIBasedAuthenticationEnabled(isAPIBasedAuthenticationEnabled);
+
+        // Adding new application.
+        ServiceProvider addedSP = applicationManagementService.addApplication(inputSP, SUPER_TENANT_DOMAIN_NAME,
+                REGISTRY_SYSTEM_USERNAME);
+        Assert.assertEquals(addedSP.isAPIBasedAuthenticationEnabled(), isAPIBasedAuthenticationEnabled);
+
+
+        //  Retrieving added application.
+        ServiceProvider retrievedSP = applicationManagementService.getApplicationExcludingFileBasedSPs
+                (inputSP.getApplicationName(), SUPER_TENANT_DOMAIN_NAME);
+        Assert.assertEquals(retrievedSP.isAPIBasedAuthenticationEnabled(), isAPIBasedAuthenticationEnabled);
+
+        // Updating the application by changing the isManagementApplication flag. It should be changed.
+        inputSP.setAPIBasedAuthenticationEnabled(!isAPIBasedAuthenticationEnabled);
+
+        applicationManagementService.updateApplication(inputSP, SUPER_TENANT_DOMAIN_NAME, REGISTRY_SYSTEM_USERNAME);
+
+        retrievedSP = applicationManagementService.getApplicationExcludingFileBasedSPs
+                (inputSP.getApplicationName(), SUPER_TENANT_DOMAIN_NAME);
+
+        Assert.assertEquals(retrievedSP.isAPIBasedAuthenticationEnabled(), !isAPIBasedAuthenticationEnabled);
+
+        // Deleting added application.
+        applicationManagementService.deleteApplication(inputSP.getApplicationName(), SUPER_TENANT_DOMAIN_NAME,
+                REGISTRY_SYSTEM_USERNAME);
+    }
+
+    @DataProvider(name = "testAddApplicationWithAttestationData")
+    public Object[][] testAddApplicationWithAttestationData() {
+
+
+        return new Object[][]{
+                {true, "com.wso2.sample.mobile.application", "sampleCredentials"}
+        };
+    }
+
+    @Test(dataProvider = "testAddApplicationWithAttestationData")
+    public void testAddApplicationWithAttestationData(boolean isAttestationEnabled,
+                                                      String androidPackageName,
+                                                      String androidCredentials) throws Exception {
+
+        ResolvedSecret resolvedSecret = new ResolvedSecret();
+        resolvedSecret.setResolvedSecretValue(androidCredentials);
+        SecretResolveManager secretResolveManager = mock(SecretResolveManagerImpl.class);
+        ApplicationManagementServiceComponentHolder.getInstance().setSecretResolveManager(secretResolveManager);
+        when(secretResolveManager.getResolvedSecret(anyString(), anyString())).thenReturn(resolvedSecret);
+
+        ServiceProvider inputSP = new ServiceProvider();
+        inputSP.setApplicationName(APPLICATION_NAME_1);
+
+        addApplicationConfigurations(inputSP);
+        ClientAttestationMetaData clientAttestationMetaData = new ClientAttestationMetaData();
+        clientAttestationMetaData.setAttestationEnabled(isAttestationEnabled);
+        clientAttestationMetaData.setAndroidPackageName(androidPackageName);
+        clientAttestationMetaData.setAndroidAttestationServiceCredentials(androidCredentials);
+        inputSP.setClientAttestationMetaData(clientAttestationMetaData);
+
+        // Adding new application.
+        ServiceProvider addedSP = applicationManagementService.addApplication(inputSP, SUPER_TENANT_DOMAIN_NAME,
+                REGISTRY_SYSTEM_USERNAME);
+        Assert.assertEquals(addedSP.getClientAttestationMetaData().isAttestationEnabled(), isAttestationEnabled);
+        Assert.assertEquals(addedSP.getClientAttestationMetaData().getAndroidPackageName(), androidPackageName);
+        Assert.assertEquals(addedSP.getClientAttestationMetaData().getAndroidAttestationServiceCredentials(),
+                androidCredentials);
+
+        SecretManager secretManager = mock(SecretManagerImpl.class);
+        when(secretManager.isSecretExist(anyString(), anyString())).thenReturn(true);
+        ApplicationManagementServiceComponentHolder.getInstance().setSecretManager(secretManager);
+
+        //  Retrieving added application.
+        ServiceProvider retrievedSP = applicationManagementService.getApplicationExcludingFileBasedSPs
+                (inputSP.getApplicationName(), SUPER_TENANT_DOMAIN_NAME);
+        Assert.assertEquals(retrievedSP.getClientAttestationMetaData().isAttestationEnabled(), isAttestationEnabled);
+        Assert.assertEquals(retrievedSP.getClientAttestationMetaData().getAndroidPackageName(), androidPackageName);
+        Assert.assertEquals(retrievedSP.getClientAttestationMetaData().getAndroidAttestationServiceCredentials(),
+                androidCredentials);
+        // Updating the application by changing the isManagementApplication flag. It should be changed.
+        ClientAttestationMetaData clientAttestationMetaData2 = new ClientAttestationMetaData();
+        clientAttestationMetaData2.setAttestationEnabled(!isAttestationEnabled);
+        clientAttestationMetaData2.setAndroidPackageName(null);
+        clientAttestationMetaData2.setAndroidAttestationServiceCredentials(null);
+        inputSP.setClientAttestationMetaData(clientAttestationMetaData2);
+        applicationManagementService.updateApplication(inputSP, SUPER_TENANT_DOMAIN_NAME, REGISTRY_SYSTEM_USERNAME);
+
+        retrievedSP = applicationManagementService.getApplicationExcludingFileBasedSPs
+                (inputSP.getApplicationName(), SUPER_TENANT_DOMAIN_NAME);
+
+        Assert.assertEquals(retrievedSP.getClientAttestationMetaData().isAttestationEnabled(), !isAttestationEnabled);
+        Assert.assertNull(retrievedSP.getClientAttestationMetaData().getAndroidAttestationServiceCredentials());
+        // Deleting added application.
+        applicationManagementService.deleteApplication(inputSP.getApplicationName(), SUPER_TENANT_DOMAIN_NAME,
+                REGISTRY_SYSTEM_USERNAME);
+    }
+
     private void addApplicationConfigurations(ServiceProvider serviceProvider) {
 
         serviceProvider.setDescription("Created for testing");

components/client-attestation-mgt/org.wso2.carbon.identity.client.attestation.mgt/pom.xml

@@ -47,7 +47,6 @@
             <scope>provided</scope>
         </dependency>
 
-<!--        Dependencies-->
         <dependency>
             <groupId>org.wso2.carbon.identity.framework</groupId>
             <artifactId>org.wso2.carbon.identity.base</artifactId>
@@ -93,7 +92,7 @@
             <groupId>org.wso2.carbon.identity.framework</groupId>
             <artifactId>org.wso2.carbon.identity.core</artifactId>
         </dependency>
-<!--        Test dependencies-->
+        <!--Test dependencies-->
         <dependency>
             <groupId>org.testng</groupId>
             <artifactId>testng</artifactId>

components/client-attestation-mgt/org.wso2.carbon.identity.client.attestation.mgt/src/main/java/org/wso2/carbon/identity/client/attestation/mgt/exceptions/ClientAttestationMgtException.java

@@ -32,6 +32,7 @@ public class ClientAttestationMgtException extends IdentityException {
      * @param message The error message.
      */
     public ClientAttestationMgtException(String message) {
+
         super(message);
     }
 
@@ -42,6 +43,7 @@ public ClientAttestationMgtException(String message) {
      * @param message   The error message.
      */
     public ClientAttestationMgtException(String errorCode, String message) {
+
         super(errorCode, message);
     }
 
@@ -52,6 +54,7 @@ public ClientAttestationMgtException(String errorCode, String message) {
      * @param cause   The throwable cause of the exception.
      */
     public ClientAttestationMgtException(String message, Throwable cause) {
+
         super(message, cause);
     }
 
@@ -64,6 +67,7 @@ public ClientAttestationMgtException(String message, Throwable cause) {
      * @param cause     The throwable cause of the exception.
      */
     public ClientAttestationMgtException(String errorCode, String message, Throwable cause) {
+
         super(errorCode, message, cause);
     }
 }

components/client-attestation-mgt/org.wso2.carbon.identity.client.attestation.mgt/src/main/java/org/wso2/carbon/identity/client/attestation/mgt/internal/ClientAttestationMgtServiceComponent.java

@@ -51,7 +51,9 @@ protected void activate(ComponentContext context) {
         try {
             context.getBundleContext().registerService(ClientAttestationService.class.getName(),
                     new ClientAttestationServiceImpl(), null);
-            log.info("Client Attestation Service Component deployed.");
+            if (log.isDebugEnabled()) {
+                log.debug("Client Attestation Service Component deployed.");
+            }
 
         } catch (Throwable throwable) {
             log.error("Error while activating Input Validation Service Component.", throwable);

components/client-attestation-mgt/org.wso2.carbon.identity.client.attestation.mgt/src/main/java/org/wso2/carbon/identity/client/attestation/mgt/model/ClientAttestationContext.java

@@ -40,55 +40,68 @@ public class ClientAttestationContext extends MessageContext {
     private String validationFailureMessage;
 
     public String getApplicationResourceId() {
+
         return applicationResourceId;
     }
 
     public void setApplicationResourceId(String applicationResourceId) {
+
         this.applicationResourceId = applicationResourceId;
     }
 
     public String getTenantDomain() {
+
         return tenantDomain;
     }
 
     public void setTenantDomain(String tenantDomain) {
+
         this.tenantDomain = tenantDomain;
     }
 
     public boolean isAttestationEnabled() {
+
         return attestationEnabled;
     }
 
     public void setAttestationEnabled(boolean attestationEnabled) {
+
         this.attestationEnabled = attestationEnabled;
     }
 
     public boolean isAttested() {
+
         return isAttested;
     }
 
     public void setAttested(boolean attested) {
+
         isAttested = attested;
     }
 
     public Constants.ClientTypes getClientType() {
+
         return clientType;
     }
 
     public void setClientType(Constants.ClientTypes clientType) {
+
         this.clientType = clientType;
     }
 
     public String getValidationFailureMessage() {
+
         return validationFailureMessage;
     }
 
     public void setValidationFailureMessage(String validationFailureMessage) {
+
         this.validationFailureMessage = validationFailureMessage;
     }
 
     @Override
     public String toString() {
+
         return "ClientAttestationContext{" +
                 "applicationResourceId='" + applicationResourceId + '\'' +
                 ", tenantDomain='" + tenantDomain + '\'' +