Merge pull request #1900 from stianst/KEYCLOAK-2063

KEYCLOAK-2063 Fix verify email link from admin endpoint
2015-11-30 13:17:17 +01:00 · 2015-11-30 13:17:17 +01:00 · 2a6851b01f
commit 2a6851b01f
parent 61c2ec04a4 233b1e2553
3 changed files with 21 additions and 38 deletions
--- a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
@ -828,40 +828,9 @@ public class UsersResource {
    @PUT
    @Consumes(MediaType.APPLICATION_JSON)
    public Response sendVerifyEmail(@PathParam("id") String id, @QueryParam(OIDCLoginProtocol.REDIRECT_URI_PARAM) String redirectUri, @QueryParam(OIDCLoginProtocol.CLIENT_ID_PARAM) String clientId) {
-        auth.requireManage();
+        List<String> actions = new LinkedList<>();
-
+        actions.add(UserModel.RequiredAction.VERIFY_EMAIL.name());
-        UserModel user = session.users().getUserById(id, realm);
+        return executeActionsEmail(id, redirectUri, clientId, actions);
        if (user == null) {
            return ErrorResponse.error("User not found", Response.Status.NOT_FOUND);
        }
        if (user.getEmail() == null) {
            return ErrorResponse.error("User email missing", Response.Status.BAD_REQUEST);
        }
        ClientSessionModel clientSession = createClientSession(user, redirectUri, clientId);
        ClientSessionCode accessCode = new ClientSessionCode(realm, clientSession);
        accessCode.setAction(ClientSessionModel.Action.VERIFY_EMAIL.name());
        try {
            UriBuilder builder = Urls.loginActionEmailVerificationBuilder(uriInfo.getBaseUri());
            builder.queryParam("key", accessCode.getCode());
            String link = builder.build(realm.getName()).toString();
            long expiration = TimeUnit.SECONDS.toMinutes(realm.getAccessCodeLifespanUserAction());
            this.session.getProvider(EmailTemplateProvider.class).setRealm(realm).setUser(user).sendVerifyEmail(link, expiration);
            //audit.user(user).detail(Details.EMAIL, user.getEmail()).detail(Details.CODE_ID, accessCode.getCodeId()).success();
            adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success();
            return Response.ok().build();
        } catch (EmailException e) {
            logger.error("Failed to send verification email", e);
            return ErrorResponse.error("Failed to send email", Response.Status.INTERNAL_SERVER_ERROR);
        }
    }
    private ClientSessionModel createClientSession(UserModel user, String redirectUri, String clientId) {
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/actions/RequiredActionEmailVerificationTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/actions/RequiredActionEmailVerificationTest.java
@ -277,7 +277,7 @@ public class RequiredActionEmailVerificationTest {
                .assertEvent();
    }
-    private String getPasswordResetEmailLink(MimeMessage message) throws IOException, MessagingException {
+    public static String getPasswordResetEmailLink(MimeMessage message) throws IOException, MessagingException {
    	Multipart multipart = (Multipart) message.getContent();
        final String textContentType = multipart.getBodyPart(0).getContentType();
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/UserTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/UserTest.java
@ -6,6 +6,8 @@ import org.junit.Rule;
 import org.junit.Test;
 import org.keycloak.admin.client.resource.IdentityProviderResource;
 import org.keycloak.admin.client.resource.UserResource;
 import org.keycloak.events.Details;
 import org.keycloak.events.EventType;
 import org.keycloak.models.RealmModel;
 import org.keycloak.models.UserModel;
 import org.keycloak.models.utils.KeycloakModelUtils;
@ -15,9 +17,9 @@ import org.keycloak.representations.idm.IdentityProviderRepresentation;
 import org.keycloak.representations.idm.RealmRepresentation;
 import org.keycloak.representations.idm.UserRepresentation;
 import org.keycloak.services.managers.RealmManager;
 import org.keycloak.testsuite.actions.RequiredActionEmailVerificationTest;
 import org.keycloak.testsuite.forms.ResetPasswordTest;
-import org.keycloak.testsuite.pages.LoginPasswordResetPage;
+import org.keycloak.testsuite.pages.*;
 import org.keycloak.testsuite.pages.LoginPasswordUpdatePage;
 import org.keycloak.testsuite.rule.GreenMailRule;
 import org.keycloak.testsuite.rule.KeycloakRule;
 import org.keycloak.testsuite.rule.WebResource;
@ -58,6 +60,9 @@ public class UserTest extends AbstractClientTest {
    @WebResource
    protected WebDriver driver;
    @WebResource
    protected InfoPage infoPage;
    @Before
    public void before() {
        super.before();
@ -475,7 +480,7 @@ public class UserTest extends AbstractClientTest {
    @Test
-    public void sendVerifyEmail() {
+    public void sendVerifyEmail() throws IOException, MessagingException {
        UserRepresentation userRep = new UserRepresentation();
        userRep.setUsername("user1");
        Response response = realm.users().create(userRep);
@ -517,6 +522,15 @@ public class UserTest extends AbstractClientTest {
            ErrorRepresentation error = e.getResponse().readEntity(ErrorRepresentation.class);
            Assert.assertEquals("invalidClientId not enabled", error.getErrorMessage());
        }
        user.sendVerifyEmail();
        assertEquals(1, greenMail.getReceivedMessages().length);
        String link = RequiredActionEmailVerificationTest.getPasswordResetEmailLink(greenMail.getReceivedMessages()[0]);
        driver.navigate().to(link);
        Assert.assertEquals("Your account has been updated.", infoPage.getInfo());
    }
    @Test