wso2 · lashinijay · Jan 24, 2025 · Jan 23, 2025 · Jan 24, 2025 · Jan 24, 2025
diff --git a/...dentification/org.wso2.carbon.identity.api.expired.password.identification.common/pom.xml b/...dentification/org.wso2.carbon.identity.api.expired.password.identification.common/pom.xml
@@ -57,11 +57,6 @@
             <artifactId>cxf-rt-rs-service-description</artifactId>
             <scope>provided</scope>
         </dependency>
-        <dependency>
-            <groupId>org.springframework</groupId>
-            <artifactId>spring-web</artifactId>
-            <scope>provided</scope>
-        </dependency>
         <dependency>
             <groupId>javax.ws.rs</groupId>
             <artifactId>javax.ws.rs-api</artifactId>

diff --git a/...rbon/identity/api/expired/password/identification/common/PasswordExpiryServiceHolder.java b/...rbon/identity/api/expired/password/identification/common/PasswordExpiryServiceHolder.java
@@ -18,33 +18,28 @@
 
 package org.wso2.carbon.identity.api.expired.password.identification.common;
 
+import org.wso2.carbon.context.PrivilegedCarbonContext;
 import org.wso2.carbon.identity.password.expiry.services.ExpiredPasswordIdentificationService;
 
 /**
  * Service holder class for password expired users identification.
  */
 public class PasswordExpiryServiceHolder {
 
-    private static ExpiredPasswordIdentificationService expiredPasswordIdentificationService;
+    private PasswordExpiryServiceHolder() {}
+
+    private static class ExpiredPasswordIdentificationServiceHolder {
+        static final ExpiredPasswordIdentificationService SERVICE =
+                (ExpiredPasswordIdentificationService) PrivilegedCarbonContext.getThreadLocalCarbonContext()
+                        .getOSGiService(ExpiredPasswordIdentificationService.class, null);
+    }
 
     /**
      * Get ExpiredPasswordIdentificationService OSGi service.
      *
      * @return ExpiredPassword identification Service.
      */
     public static ExpiredPasswordIdentificationService getExpiredPasswordIdentificationService() {
-
-        return expiredPasswordIdentificationService;
-    }
-
-    /**
-     * Set ExpiredPasswordIdentificationService OSGi service.
-     *
-     * @param expiredPasswordIdentificationService ExpiredPassword identification Service.
-     */
-    public static void setExpiredPasswordIdentificationService(
-            ExpiredPasswordIdentificationService expiredPasswordIdentificationService) {
-
-        PasswordExpiryServiceHolder.expiredPasswordIdentificationService = expiredPasswordIdentificationService;
+        return ExpiredPasswordIdentificationServiceHolder.SERVICE;
     }
 }
diff --git a/...ssword/identification/common/factory/ExpiredPasswordIdentificationOSGIServiceFactory.java b/...ssword/identification/common/factory/ExpiredPasswordIdentificationOSGIServiceFactory.java
diff --git a/...rd.identification/org.wso2.carbon.identity.api.expired.password.identification.v1/pom.xml b/...rd.identification/org.wso2.carbon.identity.api.expired.password.identification.v1/pom.xml
@@ -107,11 +107,6 @@
             <artifactId>cxf-rt-rs-service-description</artifactId>
             <scope>provided</scope>
         </dependency>
-        <dependency>
-            <groupId>org.springframework</groupId>
-            <artifactId>spring-web</artifactId>
-            <scope>provided</scope>
-        </dependency>
         <dependency>
             <groupId>javax.ws.rs</groupId>
             <artifactId>javax.ws.rs-api</artifactId>

diff --git a/.../wso2/carbon/identity/api/expired/password/identification/v1/PasswordExpiredUsersApi.java b/.../wso2/carbon/identity/api/expired/password/identification/v1/PasswordExpiredUsersApi.java
@@ -18,16 +18,10 @@
 
 package org.wso2.carbon.identity.api.expired.password.identification.v1;
 
-import org.springframework.beans.factory.annotation.Autowired;
-import org.apache.cxf.jaxrs.ext.multipart.Attachment;
-import org.apache.cxf.jaxrs.ext.multipart.Multipart;
-import java.io.InputStream;
-import java.util.List;
-
+import org.wso2.carbon.identity.api.expired.password.identification.v1.factories.PasswordExpiredUsersApiServiceFactory;
 import org.wso2.carbon.identity.api.expired.password.identification.v1.model.Error;
 import org.wso2.carbon.identity.api.expired.password.identification.v1.model.PasswordExpiredUser;
 import org.wso2.carbon.identity.api.expired.password.identification.v1.model.Unauthorized;
-import org.wso2.carbon.identity.api.expired.password.identification.v1.PasswordExpiredUsersApiService;
 
 import javax.validation.Valid;
 import javax.ws.rs.*;
@@ -41,8 +35,12 @@
 
 public class PasswordExpiredUsersApi  {
 
-    @Autowired
-    private PasswordExpiredUsersApiService delegate;
+    private final PasswordExpiredUsersApiService delegate;
+
+    public PasswordExpiredUsersApi() {
+
+        this.delegate = PasswordExpiredUsersApiServiceFactory.getPasswordExpiredUsersApi();
+    }
 
     @Valid
     @GET

diff --git a/...i/expired/password/identification/v1/factories/PasswordExpiredUsersApiServiceFactory.java b/...i/expired/password/identification/v1/factories/PasswordExpiredUsersApiServiceFactory.java
@@ -21,12 +21,20 @@
 import org.wso2.carbon.identity.api.expired.password.identification.v1.PasswordExpiredUsersApiService;
 import org.wso2.carbon.identity.api.expired.password.identification.v1.impl.PasswordExpiredUsersApiServiceImpl;
 
+/**
+ * Factory class for PasswordExpiredUsersApiService.
+ */
 public class PasswordExpiredUsersApiServiceFactory {
 
-   private final static PasswordExpiredUsersApiService service = new PasswordExpiredUsersApiServiceImpl();
+   private final static PasswordExpiredUsersApiService SERVICE = new PasswordExpiredUsersApiServiceImpl();
+
+   /**
+    * Get PasswordExpiredUsersApiService.
+    *
+    * @return PasswordExpiredUsersApiService.
+    */
+   public static PasswordExpiredUsersApiService getPasswordExpiredUsersApi() {
 
-   public static PasswordExpiredUsersApiService getPasswordExpiredUsersApi()
-   {
-      return service;
+      return SERVICE;
    }
 }
diff --git a/...api/expired/password/identification/v1/core/PasswordExpiredUsersManagementApiService.java b/...api/expired/password/identification/v1/core/PasswordExpiredUsersManagementApiService.java
@@ -21,7 +21,6 @@
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.wso2.carbon.identity.api.expired.password.identification.common.PasswordExpiryServiceHolder;
 import org.wso2.carbon.identity.api.expired.password.identification.common.util.ExpiredPasswordIdentificationConstants.ErrorMessage;
 import org.wso2.carbon.identity.api.expired.password.identification.v1.model.PasswordExpiredUser;
 import org.wso2.carbon.identity.api.server.common.error.APIError;
@@ -31,6 +30,7 @@
 import org.wso2.carbon.identity.password.expiry.exceptions.ExpiredPasswordIdentificationException;
 import org.wso2.carbon.identity.password.expiry.exceptions.ExpiredPasswordIdentificationServerException;
 import org.wso2.carbon.identity.password.expiry.models.PasswordExpiredUserModel;
+import org.wso2.carbon.identity.password.expiry.services.ExpiredPasswordIdentificationService;
 import org.wso2.carbon.identity.password.expiry.util.PasswordPolicyUtils;
 
 import java.time.LocalDate;
@@ -51,8 +51,15 @@
  */
 public class PasswordExpiredUsersManagementApiService {
 
+    private final ExpiredPasswordIdentificationService expiredPasswordIdentificationService;
     private static final Log LOG = LogFactory.getLog(PasswordExpiredUsersManagementApiService.class);
 
+    public PasswordExpiredUsersManagementApiService(
+            ExpiredPasswordIdentificationService expiredPasswordIdentificationService) {
+
+        this.expiredPasswordIdentificationService = expiredPasswordIdentificationService;
+    }
+
     /**
      * Get password expired users.
      *
@@ -71,11 +78,11 @@ public List<PasswordExpiredUser> getPasswordExpiredUsers(
             LocalDateTime expiredAfterDate = convertToDateObject(expiredAfter, DATE_EXPIRED_AFTER);
             LocalDateTime excludeAfterDate = convertToDateObject(excludeAfter, DATE_EXCLUDE_AFTER);
             if (excludeAfterDate == null) {
-                passwordExpiredUsers = PasswordExpiryServiceHolder.getExpiredPasswordIdentificationService().
-                        getPasswordExpiredUsersFromSpecificDate(expiredAfterDate, tenantDomain);
+                passwordExpiredUsers = expiredPasswordIdentificationService
+                        .getPasswordExpiredUsersFromSpecificDate(expiredAfterDate, tenantDomain);
             } else {
-                passwordExpiredUsers = PasswordExpiryServiceHolder.getExpiredPasswordIdentificationService().
-                        getPasswordExpiredUsersBetweenSpecificDates(expiredAfterDate, excludeAfterDate, tenantDomain);
+                passwordExpiredUsers = expiredPasswordIdentificationService
+                        .getPasswordExpiredUsersBetweenSpecificDates(expiredAfterDate, excludeAfterDate, tenantDomain);
             }
             return buildResponse(passwordExpiredUsers);
         } catch (ExpiredPasswordIdentificationException e) {

diff --git a/...password/identification/v1/factories/PasswordExpiredUsersManagementApiServiceFactory.java b/...password/identification/v1/factories/PasswordExpiredUsersManagementApiServiceFactory.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2025, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.api.expired.password.identification.v1.factories;
+
+import org.wso2.carbon.identity.api.expired.password.identification.common.PasswordExpiryServiceHolder;
+import org.wso2.carbon.identity.api.expired.password.identification.v1.core.PasswordExpiredUsersManagementApiService;
+import org.wso2.carbon.identity.password.expiry.services.ExpiredPasswordIdentificationService;
+
+/**
+ * Factory class for PasswordExpiredUsersManagementApiService.
+ */
+public class PasswordExpiredUsersManagementApiServiceFactory {
+
+    private static final PasswordExpiredUsersManagementApiService SERVICE;
+
+    static {
+        ExpiredPasswordIdentificationService expiredPasswordIdentificationService =
+                PasswordExpiryServiceHolder.getExpiredPasswordIdentificationService();
+
+        if (expiredPasswordIdentificationService == null) {
+            throw new IllegalStateException("RolePermissionManagementService is not available from OSGi context.");
+        }
+
+        SERVICE = new PasswordExpiredUsersManagementApiService(expiredPasswordIdentificationService);
+    }
+
+    /**
+     * Get PasswordExpiredUsersManagementApiService service instance.
+     *
+     * @return PasswordExpiredUsersManagementApiService service.
+     */
+    public static PasswordExpiredUsersManagementApiService getExpiredPasswordIdentificationService() {
+
+        return SERVICE;
+    }
+}
diff --git a/...ntity/api/expired/password/identification/v1/impl/PasswordExpiredUsersApiServiceImpl.java b/...ntity/api/expired/password/identification/v1/impl/PasswordExpiredUsersApiServiceImpl.java
@@ -18,10 +18,10 @@
 
 package org.wso2.carbon.identity.api.expired.password.identification.v1.impl;
 
-import org.springframework.beans.factory.annotation.Autowired;
 import org.wso2.carbon.identity.api.expired.password.identification.common.ContextLoader;
 import org.wso2.carbon.identity.api.expired.password.identification.v1.PasswordExpiredUsersApiService;
 import org.wso2.carbon.identity.api.expired.password.identification.v1.core.PasswordExpiredUsersManagementApiService;
+import org.wso2.carbon.identity.api.expired.password.identification.v1.factories.PasswordExpiredUsersManagementApiServiceFactory;
 
 import javax.ws.rs.core.Response;
 
@@ -30,8 +30,17 @@
  */
 public class PasswordExpiredUsersApiServiceImpl implements PasswordExpiredUsersApiService {
 
-    @Autowired
-    private PasswordExpiredUsersManagementApiService passwordExpiredUsersManagementApiService;
+    private final PasswordExpiredUsersManagementApiService passwordExpiredUsersManagementApiService;
+
+    public PasswordExpiredUsersApiServiceImpl() {
+
+        try {
+            this.passwordExpiredUsersManagementApiService = PasswordExpiredUsersManagementApiServiceFactory
+                    .getExpiredPasswordIdentificationService();
+        } catch (IllegalStateException e) {
+            throw new RuntimeException("Error occurred while initiating password expired users management service.", e);
+        }
+    }
 
     @Override
     public Response getPasswordExpiredUsers(String expiredAfter, String excludeAfter) {

diff --git a/...identification.v1/src/main/resources/META-INF/cxf/expired-password-identification-cxf.xml b/...identification.v1/src/main/resources/META-INF/cxf/expired-password-identification-cxf.xml