libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

KEYCLOAK-221 Don't require username to recover password

Browse source
This commit is contained in:
Stian Thorgersen 2013-12-07 13:34:31 +00:00
parent cd8c8d52e8
commit 145eab98d8
6 changed files with 9 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
forms/src/main/resources/META-INF/resources/forms/theme/default/login-reset-password.ftl
View file

@ -13,9 +13,6 @@
<div id="form"> <div id="form">
<p class="instruction">${rb.getString('emailInstruction')}</p> <p class="instruction">${rb.getString('emailInstruction')}</p>
<form action="${url.loginPasswordResetUrl}" method="post"> <form action="${url.loginPasswordResetUrl}" method="post">
<div>
<label for="username">${rb.getString('username')}</label><input id="username" name="username" type="text" />
</div>
<div> <div>
<label for="email">${rb.getString('email')}</label><input type="text" id="email" name="email" /> <label for="email">${rb.getString('email')}</label><input type="text" id="email" name="email" />
</div> </div>

4
forms/src/main/resources/org/keycloak/forms/messages.properties
View file

@ -60,9 +60,9 @@ emailForgotHeader=Forgot Your Password?
emailUpdateHeader=Update password emailUpdateHeader=Update password
emailSent=You should receive an email shortly with further instructions. emailSent=You should receive an email shortly with further instructions.
emailSendError=Failed to send email, please try again later emailSendError=Failed to send email, please try again later
emailError=Invalid username or email. emailError=Invalid email.
emailErrorInfo=Please, fill in the fields again. emailErrorInfo=Please, fill in the fields again.
emailInstruction=Enter your username and email address and we will send you instructions on how to create a new password. emailInstruction=Enter your email address and we will send you instructions on how to create a new password.
emailUsernameForgotHeader=Forgot Your Username? emailUsernameForgotHeader=Forgot Your Username?
emailUsernameInstruction=Enter your email address and we will send you an email with your username. emailUsernameInstruction=Enter your email address and we will send you an email with your username.

5
services/src/main/java/org/keycloak/services/resources/RequiredActionsService.java
View file

@ -236,7 +236,6 @@ public class RequiredActionsService {
@POST @POST
@Consumes(MediaType.APPLICATION_FORM_URLENCODED) @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public Response sendPasswordReset(final MultivaluedMap<String, String> formData) { public Response sendPasswordReset(final MultivaluedMap<String, String> formData) {
String username = formData.getFirst("username");
String email = formData.getFirst("email"); String email = formData.getFirst("email");
String scopeParam = uriInfo.getQueryParameters().getFirst("scope"); String scopeParam = uriInfo.getQueryParameters().getFirst("scope");
@ -254,8 +253,8 @@ public class RequiredActionsService {
"Login requester not enabled."); "Login requester not enabled.");
} }
UserModel user = realm.getUser(username); UserModel user = realm.getUserByEmail(email);
if (user == null || !email.equals(user.getEmail())) { if (user == null) {
return Flows.forms(realm, request, uriInfo).setError("emailError").forwardToPasswordReset(); return Flows.forms(realm, request, uriInfo).setError("emailError").forwardToPasswordReset();
} }

2
testsuite/integration/src/test/java/org/keycloak/testsuite/forms/LoginRecoverUsernameTest.java
View file

@ -103,7 +103,7 @@ public class LoginRecoverUsernameTest {
recoverUsernamePage.assertCurrent(); recoverUsernamePage.assertCurrent();
Assert.assertEquals("Invalid username or email.", recoverUsernamePage.getMessage()); Assert.assertEquals("Invalid email.", recoverUsernamePage.getMessage());
} }
} }

21
testsuite/integration/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java
View file

@ -80,7 +80,7 @@ public class ResetPasswordTest {
resetPasswordPage.assertCurrent(); resetPasswordPage.assertCurrent();
resetPasswordPage.changePassword("test-user@localhost", "test-user@localhost"); resetPasswordPage.changePassword("test-user@localhost");
resetPasswordPage.assertCurrent(); resetPasswordPage.assertCurrent();
@ -110,21 +110,6 @@ public class ResetPasswordTest {
Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType()); Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
} }
@Test
public void resetPasswordWrongUsername() throws IOException, MessagingException {
loginPage.open();
loginPage.resetPassword();
resetPasswordPage.assertCurrent();
resetPasswordPage.changePassword("invalid", "test-user@localhost");
resetPasswordPage.assertCurrent();
Assert.assertNotEquals("Success!", resetPasswordPage.getMessage());
Assert.assertEquals("Invalid username or email.", resetPasswordPage.getMessage());
}
@Test @Test
public void resetPasswordWrongEmail() throws IOException, MessagingException { public void resetPasswordWrongEmail() throws IOException, MessagingException {
loginPage.open(); loginPage.open();
@ -132,12 +117,12 @@ public class ResetPasswordTest {
resetPasswordPage.assertCurrent(); resetPasswordPage.assertCurrent();
resetPasswordPage.changePassword("test-user@localhost", "invalid"); resetPasswordPage.changePassword("invalid");
resetPasswordPage.assertCurrent(); resetPasswordPage.assertCurrent();
Assert.assertNotEquals("Success!", resetPasswordPage.getMessage()); Assert.assertNotEquals("Success!", resetPasswordPage.getMessage());
Assert.assertEquals("Invalid username or email.", resetPasswordPage.getMessage()); Assert.assertEquals("Invalid email.", resetPasswordPage.getMessage());
} }
} }

6
testsuite/integration/src/test/java/org/keycloak/testsuite/pages/LoginPasswordResetPage.java
View file

@ -29,9 +29,6 @@ import org.openqa.selenium.support.FindBy;
*/ */
public class LoginPasswordResetPage extends AbstractPage { public class LoginPasswordResetPage extends AbstractPage {
@FindBy(id = "username")
private WebElement usernameInput;
@FindBy(id = "email") @FindBy(id = "email")
private WebElement emailInput; private WebElement emailInput;
@ -41,8 +38,7 @@ public class LoginPasswordResetPage extends AbstractPage {
@FindBy(css = ".feedback > p > strong") @FindBy(css = ".feedback > p > strong")
private WebElement emailErrorMessage; private WebElement emailErrorMessage;
public void changePassword(String username, String email) { public void changePassword(String email) {
usernameInput.sendKeys(username);
emailInput.sendKeys(email); emailInput.sendKeys(email);
submitButton.click(); submitButton.click();