KEYCLOAK-221 Don't require username to recover password

2013-12-07 13:34:31 +00:00 · 2013-12-07 13:34:31 +00:00 · 145eab98d8
commit 145eab98d8
parent cd8c8d52e8
6 changed files with 9 additions and 32 deletions
--- a/forms/src/main/resources/META-INF/resources/forms/theme/default/login-reset-password.ftl
+++ b/forms/src/main/resources/META-INF/resources/forms/theme/default/login-reset-password.ftl
@ -13,9 +13,6 @@
    <div id="form">
        <p class="instruction">${rb.getString('emailInstruction')}</p>
        <form action="${url.loginPasswordResetUrl}" method="post">
-            <div>
-                <label for="username">${rb.getString('username')}</label><input id="username" name="username" type="text" />
-            </div>
        	<div>
      	    	<label for="email">${rb.getString('email')}</label><input type="text" id="email" name="email" />
 			</div>
--- a/forms/src/main/resources/org/keycloak/forms/messages.properties
+++ b/forms/src/main/resources/org/keycloak/forms/messages.properties
@ -60,9 +60,9 @@ emailForgotHeader=Forgot Your Password?
 emailUpdateHeader=Update password
 emailSent=You should receive an email shortly with further instructions.
 emailSendError=Failed to send email, please try again later
-emailError=Invalid username or email.
+emailError=Invalid email.
 emailErrorInfo=Please, fill in the fields again.
-emailInstruction=Enter your username and email address and we will send you instructions on how to create a new password.
+emailInstruction=Enter your email address and we will send you instructions on how to create a new password.

 emailUsernameForgotHeader=Forgot Your Username?
 emailUsernameInstruction=Enter your email address and we will send you an email with your username.
--- a/services/src/main/java/org/keycloak/services/resources/RequiredActionsService.java
+++ b/services/src/main/java/org/keycloak/services/resources/RequiredActionsService.java
@ -236,7 +236,6 @@ public class RequiredActionsService {
    @POST
    @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
    public Response sendPasswordReset(final MultivaluedMap<String, String> formData) {
-        String username = formData.getFirst("username");
        String email = formData.getFirst("email");

        String scopeParam = uriInfo.getQueryParameters().getFirst("scope");
@ -254,8 +253,8 @@ public class RequiredActionsService {
                    "Login requester not enabled.");
        }

-        UserModel user = realm.getUser(username);
-        if (user == null || !email.equals(user.getEmail())) {
+        UserModel user = realm.getUserByEmail(email);
+        if (user == null) {
            return Flows.forms(realm, request, uriInfo).setError("emailError").forwardToPasswordReset();
        }

--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/LoginRecoverUsernameTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/LoginRecoverUsernameTest.java
@ -103,7 +103,7 @@ public class LoginRecoverUsernameTest {

        recoverUsernamePage.assertCurrent();

-        Assert.assertEquals("Invalid username or email.", recoverUsernamePage.getMessage());
+        Assert.assertEquals("Invalid email.", recoverUsernamePage.getMessage());
    }

 }
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java
@ -80,7 +80,7 @@ public class ResetPasswordTest {

        resetPasswordPage.assertCurrent();

-        resetPasswordPage.changePassword("test-user@localhost", "test-user@localhost");
+        resetPasswordPage.changePassword("test-user@localhost");

        resetPasswordPage.assertCurrent();

@ -110,21 +110,6 @@ public class ResetPasswordTest {
        Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
    }

-    @Test
-    public void resetPasswordWrongUsername() throws IOException, MessagingException {
-        loginPage.open();
-        loginPage.resetPassword();
-
-        resetPasswordPage.assertCurrent();
-
-        resetPasswordPage.changePassword("invalid", "test-user@localhost");
-
-        resetPasswordPage.assertCurrent();
-
-        Assert.assertNotEquals("Success!", resetPasswordPage.getMessage());
-        Assert.assertEquals("Invalid username or email.", resetPasswordPage.getMessage());
-    }
-
    @Test
    public void resetPasswordWrongEmail() throws IOException, MessagingException {
        loginPage.open();
@ -132,12 +117,12 @@ public class ResetPasswordTest {

        resetPasswordPage.assertCurrent();

-        resetPasswordPage.changePassword("test-user@localhost", "invalid");
+        resetPasswordPage.changePassword("invalid");

        resetPasswordPage.assertCurrent();

        Assert.assertNotEquals("Success!", resetPasswordPage.getMessage());
-        Assert.assertEquals("Invalid username or email.", resetPasswordPage.getMessage());
+        Assert.assertEquals("Invalid email.", resetPasswordPage.getMessage());
    }

 }
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/pages/LoginPasswordResetPage.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/pages/LoginPasswordResetPage.java
@ -29,9 +29,6 @@ import org.openqa.selenium.support.FindBy;
 */
 public class LoginPasswordResetPage extends AbstractPage {

-    @FindBy(id = "username")
-    private WebElement usernameInput;
-
    @FindBy(id = "email")
    private WebElement emailInput;

@ -41,8 +38,7 @@ public class LoginPasswordResetPage extends AbstractPage {
    @FindBy(css = ".feedback > p > strong")
    private WebElement emailErrorMessage;

-    public void changePassword(String username, String email) {
-        usernameInput.sendKeys(username);
+    public void changePassword(String email) {
        emailInput.sendKeys(email);

        submitButton.click();