diff --git a/events/api/src/main/java/org/keycloak/events/Errors.java b/events/api/src/main/java/org/keycloak/events/Errors.java index 2e7588056f..fa5d49b6e3 100755 --- a/events/api/src/main/java/org/keycloak/events/Errors.java +++ b/events/api/src/main/java/org/keycloak/events/Errors.java @@ -41,4 +41,5 @@ public interface Errors { String USER_SESSION_NOT_FOUND = "user_session_not_found"; String EMAIL_SEND_FAILED = "email_send_failed"; + String INVALID_EMAIL = "invalid_email"; } diff --git a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java index 4f462e0a61..84f7cdb965 100755 --- a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java +++ b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java @@ -826,7 +826,10 @@ public class LoginActionsService { event.error(Errors.USER_NOT_FOUND); } else if(!user.isEnabled()) { event.user(user).error(Errors.USER_DISABLED); - } else { + } + else if(user.getEmail() == null || user.getEmail().trim().length() == 0) { + event.user(user).error(Errors.INVALID_EMAIL); + } else{ event.user(user); UserSessionModel userSession = session.sessions().createUserSession(realm, user, username, clientConnection.getRemoteAddr(), "form", false); diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java index 878a2e414f..07b24d763a 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java @@ -271,6 +271,44 @@ public class ResetPasswordTest { } }); + try { + loginPage.open(); + loginPage.resetPassword(); + + resetPasswordPage.assertCurrent(); + + resetPasswordPage.changePassword("login-test"); + + resetPasswordPage.assertCurrent(); + + Assert.assertEquals("You should receive an email shortly with further instructions.", resetPasswordPage.getSuccessMessage()); + + Thread.sleep(1000); + + Assert.assertEquals(0, greenMail.getReceivedMessages().length); + + events.expectRequiredAction(EventType.SEND_RESET_PASSWORD_ERROR).session((String) null).user(userId).detail(Details.USERNAME, "login-test").removeDetail(Details.CODE_ID).error("invalid_email").assertEvent(); + } finally { + keycloakRule.configure(new KeycloakRule.KeycloakSetup() { + @Override + public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) { + session.users().getUserByUsername("login-test", appRealm).setEmail(email[0]); + } + }); + } + } + + @Test + public void resetPasswordWrongSmtp() throws IOException, MessagingException, InterruptedException { + final String[] host = new String[1]; + keycloakRule.configure(new KeycloakRule.KeycloakSetup() { + @Override + public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) { + host[0] = appRealm.getSmtpConfig().get("host"); + appRealm.getSmtpConfig().put("host", "invalid_host"); + } + }); + try { loginPage.open(); loginPage.resetPassword(); @@ -292,7 +330,7 @@ public class ResetPasswordTest { keycloakRule.configure(new KeycloakRule.KeycloakSetup() { @Override public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) { - session.users().getUserByUsername("login-test", appRealm).setEmail(email[0]); + appRealm.getSmtpConfig().put("host",host[0]); } }); }