From 3cfd14c0141a2c6575136d17853f9a4116d67991 Mon Sep 17 00:00:00 2001
From: lskublik <lskublik@evolveum.com>
Date: Thu, 25 Jun 2020 08:33:36 +0200
Subject: [PATCH] fix for showing of question with enabled by default
 (MID-6286)

---
 .../HttpSecurityQuestionsAuthenticationEntryPoint.java        | 2 +-
 .../testing/rest/TestSecurityQuestionChallengeResponse.java   | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/HttpSecurityQuestionsAuthenticationEntryPoint.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/HttpSecurityQuestionsAuthenticationEntryPoint.java
index e9329376f30..c2442729ae2 100644
--- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/HttpSecurityQuestionsAuthenticationEntryPoint.java
+++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/HttpSecurityQuestionsAuthenticationEntryPoint.java
@@ -78,7 +78,7 @@ private JSONArray generateAnswer(PrismObject<UserType> user) {
             return null;
         }
         for (SecurityQuestionDefinitionType question : questions) {
-            if (Boolean.TRUE.equals(question.isEnabled())) {
+            if (!Boolean.FALSE.equals(question.isEnabled())) {
                 JSONObject json  = new JSONObject();
                 json.put(SecurityQuestionsAuthenticationFilter.J_QID, question.getIdentifier());
                 json.put(SecurityQuestionsAuthenticationFilter.J_QTXT, question.getQuestionText());
diff --git a/testing/rest/src/test/java/com/evolveum/midpoint/testing/rest/TestSecurityQuestionChallengeResponse.java b/testing/rest/src/test/java/com/evolveum/midpoint/testing/rest/TestSecurityQuestionChallengeResponse.java
index 80935da3013..f73c72d5762 100644
--- a/testing/rest/src/test/java/com/evolveum/midpoint/testing/rest/TestSecurityQuestionChallengeResponse.java
+++ b/testing/rest/src/test/java/com/evolveum/midpoint/testing/rest/TestSecurityQuestionChallengeResponse.java
@@ -15,6 +15,7 @@
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 
+import org.apache.commons.lang3.StringUtils;
 import org.apache.cxf.common.util.Base64Exception;
 import org.apache.cxf.common.util.Base64Utility;
 import org.apache.cxf.jaxrs.client.ClientConfiguration;
@@ -46,13 +47,14 @@ public void testChallengeResponse() {
 
         response = getUserAdministrator("SecQ " + Base64Utility.encode(secQusernameChallenge.getBytes()));
         challengeBase64 = assertAndGetChallenge(response);
-        String answerChallenge;
+        String answerChallenge = null;
         try {
             answerChallenge = new String(Base64Utility.decode(challengeBase64));
             logger.info("Answer challenge: " + answerChallenge);
         } catch (Base64Exception e) {
             fail("Failed to decode base64 username challenge");
         }
+        assertEquals("Wrong number of questions", 3,  StringUtils.countMatches(answerChallenge, "\"qid\":"));
         String secQAnswerChallenge = "{"
                 + "\"user\" : \"administrator\","
                 + "\"answer\" : ["