libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Fix test failure in X509BrowserCRLTest on IBM JDK. Don't display details of exception message to the end user

Browse source 
Closes #12458
This commit is contained in:
mposolda 2022-06-13 13:42:33 +02:00 committed by Marek Posolda
parent 39a507f0cb
commit 3aefb59d40
3 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
services/src/main/java/org/keycloak/authentication/authenticators/x509/X509ClientCertificateAuthenticator.java
View file

@ -96,7 +96,7 @@ public class X509ClientCertificateAuthenticator extends AbstractX509ClientCertif
String errorMessage = "Certificate validation's failed."; String errorMessage = "Certificate validation's failed.";
// TODO is calling form().setErrors enough to show errors on login screen? // TODO is calling form().setErrors enough to show errors on login screen?
context.challenge(createErrorResponse(context, certs[0].getSubjectDN().getName(), context.challenge(createErrorResponse(context, certs[0].getSubjectDN().getName(),
errorMessage, e.getMessage())); errorMessage, "Certificate revoked or incorrect."));
context.attempted(); context.attempted();
return; return;
} }

4
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserCRLTest.java
View file

@ -136,7 +136,7 @@ public class X509BrowserCRLTest extends AbstractX509AuthenticationTest {
Assert.assertNotNull(cfgId); Assert.assertNotNull(cfgId);
// Verify there is an error message because of invalid CRL signature // Verify there is an error message because of invalid CRL signature
assertLoginFailedWithExpectedX509Error("Certificate validation's failed.\nSignature length not correct"); assertLoginFailedWithExpectedX509Error("Certificate validation's failed.\nCertificate revoked or incorrect.");
} }
@ -194,7 +194,7 @@ public class X509BrowserCRLTest extends AbstractX509AuthenticationTest {
private void assertLoginFailedDueRevokedCertificate() { private void assertLoginFailedDueRevokedCertificate() {
assertLoginFailedWithExpectedX509Error("Certificate validation's failed.\nCertificate has been revoked, certificate's subject:"); assertLoginFailedWithExpectedX509Error("Certificate validation's failed.\nCertificate revoked or incorrect.");
} }
private void assertLoginFailedWithExpectedX509Error(String expectedError) { private void assertLoginFailedWithExpectedX509Error(String expectedError) {

2
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserLoginTest.java
View file

@ -106,7 +106,7 @@ public class X509BrowserLoginTest extends AbstractX509AuthenticationTest {
loginConfirmationPage.open(); loginConfirmationPage.open();
Assert.assertThat(loginPage.getError(), containsString("Certificate validation's failed.\n" + Assert.assertThat(loginPage.getError(), containsString("Certificate validation's failed.\n" +
"Key Usage bit 'dataEncipherment' is not set.")); "Certificate revoked or incorrect."));
} }
@Test @Test