From 1644432df3617227d085347a80b931c1c3545e65 Mon Sep 17 00:00:00 2001
From: Daniele Martinoli <86618610+dmartinol@users.noreply.github.com>
Date: Fri, 7 Jul 2023 10:27:43 +0200
Subject: [PATCH] Reviewed solution as per reviewer's comments

---
 .../authenticators/resetcred/ResetPassword.java           | 1 -
 .../authentication/requiredactions/UpdatePassword.java    | 3 +--
 .../resources/theme/base/login/login-update-password.ftl  | 8 +++-----
 3 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetPassword.java b/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetPassword.java
index 8463d97b26..24e688d453 100755
--- a/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetPassword.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetPassword.java
@@ -38,7 +38,6 @@ public class ResetPassword extends AbstractSetRequiredActionAuthenticator {
                 (context.getExecution().isConditional() &&
                         configuredFor(context))) {
             context.getAuthenticationSession().addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
-            context.getAuthenticationSession().setClientNote(Constants.KC_ACTION_EXECUTING, UserModel.RequiredAction.UPDATE_PASSWORD.name());
         }
         context.success();
     }
diff --git a/services/src/main/java/org/keycloak/authentication/requiredactions/UpdatePassword.java b/services/src/main/java/org/keycloak/authentication/requiredactions/UpdatePassword.java
index 80684f07af..2eb8126512 100755
--- a/services/src/main/java/org/keycloak/authentication/requiredactions/UpdatePassword.java
+++ b/services/src/main/java/org/keycloak/authentication/requiredactions/UpdatePassword.java
@@ -125,8 +125,7 @@ public class UpdatePassword implements RequiredActionProvider, RequiredActionFac
             return;
         }
 
-        if (getId().equals(authSession.getClientNote(Constants.KC_ACTION_EXECUTING))
-                && "on".equals(formData.getFirst("logout-sessions")))
+        if ("on".equals(formData.getFirst("logout-sessions")))
         {
             session.sessions().getUserSessionsStream(realm, user)
                     .filter(s -> !Objects.equals(s.getId(), authSession.getParentSession().getId()))
diff --git a/themes/src/main/resources/theme/base/login/login-update-password.ftl b/themes/src/main/resources/theme/base/login/login-update-password.ftl
index b884d75271..2cac0f9798 100755
--- a/themes/src/main/resources/theme/base/login/login-update-password.ftl
+++ b/themes/src/main/resources/theme/base/login/login-update-password.ftl
@@ -49,11 +49,9 @@
             <div class="${properties.kcFormGroupClass!}">
                 <div id="kc-form-options" class="${properties.kcFormOptionsClass!}">
                     <div class="${properties.kcFormOptionsWrapperClass!}">
-                        <#if isAppInitiatedAction??>
-                            <div class="checkbox">
-                                <label><input type="checkbox" id="logout-sessions" name="logout-sessions" value="on" checked> ${msg("logoutOtherSessions")}</label>
-                            </div>
-                        </#if>
+                        <div class="checkbox">
+                            <label><input type="checkbox" id="logout-sessions" name="logout-sessions" value="on" checked> ${msg("logoutOtherSessions")}</label>
+                        </div>
                     </div>
                 </div>