KEYCLOAK-2557
Cannot login with email if another user is using this email as username
This commit is contained in:
Stian Thorgersen
parent
45b940ad2d
commit
370b86141c
2 changed files with 32 additions and 12 deletions
|
|
@ -254,18 +254,21 @@ public final class KeycloakModelUtils {
|
|||
}
|
||||
|
||||
/**
|
||||
* Try to find user by given username. If it fails, then fallback to find him by email
|
||||
* Try to find user by username or email
|
||||
*
|
||||
* @param realm realm
|
||||
* @param username username or email of user
|
||||
* @return found user
|
||||
*/
|
||||
public static UserModel findUserByNameOrEmail(KeycloakSession session, RealmModel realm, String username) {
|
||||
UserModel user = session.users().getUserByUsername(username, realm);
|
||||
if (user == null && username.contains("@")) {
|
||||
user = session.users().getUserByEmail(username, realm);
|
||||
if (username.indexOf('@') != -1) {
|
||||
UserModel user = session.users().getUserByEmail(username, realm);
|
||||
if (user != null) {
|
||||
return user;
|
||||
}
|
||||
}
|
||||
return user;
|
||||
|
||||
return session.users().getUserByUsername(username, realm);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -25,6 +25,7 @@ import org.keycloak.events.Details;
|
|||
import org.keycloak.events.Event;
|
||||
import org.keycloak.events.EventType;
|
||||
import org.keycloak.models.BrowserSecurityHeaders;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.PasswordPolicy;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.UserCredentialModel;
|
||||
|
|
@ -64,17 +65,13 @@ public class LoginTest {
|
|||
|
||||
@Override
|
||||
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
|
||||
UserCredentialModel creds = new UserCredentialModel();
|
||||
creds.setType(CredentialRepresentation.PASSWORD);
|
||||
creds.setValue("password");
|
||||
|
||||
UserModel user = manager.getSession().users().addUser(appRealm, "login-test");
|
||||
user.setEmail("login@test.com");
|
||||
user.setEnabled(true);
|
||||
|
||||
userId = user.getId();
|
||||
|
||||
user.updateCredential(creds);
|
||||
user.updateCredential(UserCredentialModel.password("password"));
|
||||
|
||||
UserModel user2 = manager.getSession().users().addUser(appRealm, "login-test2");
|
||||
user2.setEmail("login2@test.com");
|
||||
|
|
@ -82,7 +79,7 @@ public class LoginTest {
|
|||
|
||||
user2Id = user2.getId();
|
||||
|
||||
user2.updateCredential(creds);
|
||||
user2.updateCredential(UserCredentialModel.password("password"));
|
||||
}
|
||||
});
|
||||
|
||||
|
|
@ -303,11 +300,31 @@ public class LoginTest {
|
|||
.assertEvent();
|
||||
}
|
||||
|
||||
@Test
|
||||
// KEYCLOAK-2557
|
||||
public void loginUserWithEmailAsUsername() {
|
||||
KeycloakSession session = keycloakRule.startSession();
|
||||
|
||||
UserModel user = session.users().addUser(session.realms().getRealmByName("test"), "login@test.com");
|
||||
user.setEnabled(true);
|
||||
user.updateCredential(UserCredentialModel.password("password"));
|
||||
|
||||
keycloakRule.stopSession(session, true);
|
||||
|
||||
loginPage.open();
|
||||
loginPage.login("login@test.com", "password");
|
||||
|
||||
Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
|
||||
Assert.assertNotNull(oauth.getCurrentQuery().get(OAuth2Constants.CODE));
|
||||
|
||||
events.expectLogin().user(userId).detail(Details.USERNAME, "login@test.com").assertEvent();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loginSuccess() {
|
||||
loginPage.open();
|
||||
loginPage.login("login-test", "password");
|
||||
|
||||
|
||||
Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
|
||||
Assert.assertNotNull(oauth.getCurrentQuery().get(OAuth2Constants.CODE));
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue