KEYCLOAK-2957 IdpEmailVerificationAuthenticator should setEmailVerified to true after successfuly link user by email verification

2016-09-05 18:04:24 +02:00 · 2016-09-05 18:04:24 +02:00 · 03c05bd72b
commit 03c05bd72b
parent 22e85b11eb
2 changed files with 7 additions and 0 deletions
--- a/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpEmailVerificationAuthenticator.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpEmailVerificationAuthenticator.java
@ -132,6 +132,9 @@ public class IdpEmailVerificationAuthenticator extends AbstractIdpAuthenticator
                    clientSession.setNote(IS_DIFFERENT_BROWSER, "true");
                }

+                // User successfully confirmed linking by email verification. His email was defacto verified
+                existingUser.setEmailVerified(true);
+
                context.setUser(existingUser);
                context.success();
            } else {
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractFirstBrokerLoginTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractFirstBrokerLoginTest.java
@ -287,6 +287,10 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractIdentityProvi

        // authenticated and redirected to app. User is linked with identity provider
        assertFederatedUser("pedroigor", "psilva@redhat.com", "pedroigor");
+
+        // Assert user's email is verified now
+        UserModel user = getFederatedUser();
+        Assert.assertTrue(user.isEmailVerified());
    }