libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Do not send attributes when unlocking the user

Browse source 
Closes #31165

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
This commit is contained in:
Pedro Igor 2024-07-10 18:24:35 -03:00 committed by Marek Posolda
parent 096e335a92
commit 0410653e71
3 changed files with 16 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
js/apps/admin-ui/src/user/EditUser.tsx
View file

@ -318,6 +318,7 @@ export default function EditUser() {
user={user} user={user}
bruteForce={bruteForced} bruteForce={bruteForced}
userProfileMetadata={userProfileMetadata} userProfileMetadata={userProfileMetadata}
refresh={refresh}
save={save} save={save}
/> />
</PageSection> </PageSection>

10
js/apps/admin-ui/src/user/UserForm.tsx
View file

@ -52,6 +52,7 @@ export type UserFormProps = {
bruteForce?: BruteForced; bruteForce?: BruteForced;
userProfileMetadata?: UserProfileMetadata; userProfileMetadata?: UserProfileMetadata;
save: (user: UserFormFields) => void; save: (user: UserFormFields) => void;
refresh?: () => void;
onGroupsUpdate?: (groups: GroupRepresentation[]) => void; onGroupsUpdate?: (groups: GroupRepresentation[]) => void;
}; };
@ -65,6 +66,7 @@ export const UserForm = ({
}, },
userProfileMetadata, userProfileMetadata,
save, save,
refresh,
onGroupsUpdate, onGroupsUpdate,
}: UserFormProps) => { }: UserFormProps) => {
const { adminClient } = useAdminClient(); const { adminClient } = useAdminClient();
@ -94,8 +96,11 @@ export const UserForm = ({
const unLockUser = async () => { const unLockUser = async () => {
try { try {
await adminClient.attackDetection.del({ id: user!.id! }); await adminClient.users.update({ id: user!.id! }, { enabled: true });
addAlert(t("unlockSuccess"), AlertVariant.success); addAlert(t("unlockSuccess"), AlertVariant.success);
if (refresh) {
refresh();
}
} catch (error) { } catch (error) {
addError("unlockError", error); addError("unlockError", error);
} }
@ -279,9 +284,6 @@ export const UserForm = ({
onChange={(_event, value) => { onChange={(_event, value) => {
unLockUser(); unLockUser();
setLocked(value); setLocked(value);
save({
enabled: !value,
});
}} }}
isChecked={locked} isChecked={locked}
isDisabled={!locked} isDisabled={!locked}

8
services/src/main/java/org/keycloak/services/resources/admin/UserResource.java
View file

@ -186,9 +186,15 @@ public class UserResource {
boolean wasPermanentlyLockedOut = false; boolean wasPermanentlyLockedOut = false;
if (rep.isEnabled() != null && rep.isEnabled()) { if (rep.isEnabled() != null && rep.isEnabled()) {
if (!user.isEnabled() || session.getProvider(BruteForceProtector.class).isTemporarilyDisabled(session, realm, user)) {
UserLoginFailureModel failureModel = session.loginFailures().getUserLoginFailure(realm, user.getId()); UserLoginFailureModel failureModel = session.loginFailures().getUserLoginFailure(realm, user.getId());
if (failureModel != null) { if (failureModel != null) {
failureModel.clearFailures(); session.loginFailures().removeUserLoginFailure(realm, user.getId());
adminEvent.clone(session).resource(ResourceType.USER_LOGIN_FAILURE)
.resourcePath(session.getContext().getUri())
.operation(OperationType.DELETE)
.success();
}
} }
wasPermanentlyLockedOut = session.getProvider(BruteForceProtector.class).isPermanentlyLockedOut(session, realm, user); wasPermanentlyLockedOut = session.getProvider(BruteForceProtector.class).isPermanentlyLockedOut(session, realm, user);
} }