KEYCLOAK-5019 Fixes for password managers
This commit is contained in:
stianst
Stian Thorgersen
parent
61fe554617
commit
465675ac28
4 changed files with 28 additions and 26 deletions
|
|
@ -75,6 +75,7 @@ public class UpdatePassword implements RequiredActionProvider, RequiredActionFac
|
|||
@Override
|
||||
public void requiredActionChallenge(RequiredActionContext context) {
|
||||
Response challenge = context.form()
|
||||
.setAttribute("username", context.getAuthenticationSession().getAuthenticatedUser().getUsername())
|
||||
.createResponse(UserModel.RequiredAction.UPDATE_PASSWORD);
|
||||
context.challenge(challenge);
|
||||
}
|
||||
|
|
@ -93,6 +94,7 @@ public class UpdatePassword implements RequiredActionProvider, RequiredActionFac
|
|||
|
||||
if (Validation.isBlank(passwordNew)) {
|
||||
Response challenge = context.form()
|
||||
.setAttribute("username", context.getAuthenticationSession().getAuthenticatedUser().getUsername())
|
||||
.setError(Messages.MISSING_PASSWORD)
|
||||
.createResponse(UserModel.RequiredAction.UPDATE_PASSWORD);
|
||||
context.challenge(challenge);
|
||||
|
|
@ -100,6 +102,7 @@ public class UpdatePassword implements RequiredActionProvider, RequiredActionFac
|
|||
return;
|
||||
} else if (!passwordNew.equals(passwordConfirm)) {
|
||||
Response challenge = context.form()
|
||||
.setAttribute("username", context.getAuthenticationSession().getAuthenticatedUser().getUsername())
|
||||
.setError(Messages.NOTMATCH_PASSWORD)
|
||||
.createResponse(UserModel.RequiredAction.UPDATE_PASSWORD);
|
||||
context.challenge(challenge);
|
||||
|
|
@ -113,6 +116,7 @@ public class UpdatePassword implements RequiredActionProvider, RequiredActionFac
|
|||
} catch (ModelException me) {
|
||||
errorEvent.detail(Details.REASON, me.getMessage()).error(Errors.PASSWORD_REJECTED);
|
||||
Response challenge = context.form()
|
||||
.setAttribute("username", context.getAuthenticationSession().getAuthenticatedUser().getUsername())
|
||||
.setError(me.getMessage(), me.getParameters())
|
||||
.createResponse(UserModel.RequiredAction.UPDATE_PASSWORD);
|
||||
context.challenge(challenge);
|
||||
|
|
@ -120,6 +124,7 @@ public class UpdatePassword implements RequiredActionProvider, RequiredActionFac
|
|||
} catch (Exception ape) {
|
||||
errorEvent.detail(Details.REASON, ape.getMessage()).error(Errors.PASSWORD_REJECTED);
|
||||
Response challenge = context.form()
|
||||
.setAttribute("username", context.getAuthenticationSession().getAuthenticatedUser().getUsername())
|
||||
.setError(ape.getMessage())
|
||||
.createResponse(UserModel.RequiredAction.UPDATE_PASSWORD);
|
||||
context.challenge(challenge);
|
||||
|
|
|
|||
|
|
@ -11,8 +11,7 @@
|
|||
</div>
|
||||
|
||||
<form action="${url.passwordUrl}" class="form-horizontal" method="post">
|
||||
<input type="text" readonly value="this is not a login form" style="display: none;">
|
||||
<input type="password" readonly value="this is not a login form" style="display: none;">
|
||||
<input type="text" id="username" name="username" value="${(account.username!'')}" autocomplete="username" readonly="readonly" style="display:none;">
|
||||
|
||||
<#if password.passwordSet>
|
||||
<div class="form-group">
|
||||
|
|
@ -21,7 +20,7 @@
|
|||
</div>
|
||||
|
||||
<div class="col-sm-10 col-md-10">
|
||||
<input type="password" class="form-control" id="password" name="password" autofocus autocomplete="off">
|
||||
<input type="password" class="form-control" id="password" name="password" autofocus autocomplete="current-password">
|
||||
</div>
|
||||
</div>
|
||||
</#if>
|
||||
|
|
@ -34,7 +33,7 @@
|
|||
</div>
|
||||
|
||||
<div class="col-sm-10 col-md-10">
|
||||
<input type="password" class="form-control" id="password-new" name="password-new" autocomplete="off">
|
||||
<input type="password" class="form-control" id="password-new" name="password-new" autocomplete="new-password">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
@ -44,7 +43,7 @@
|
|||
</div>
|
||||
|
||||
<div class="col-sm-10 col-md-10">
|
||||
<input type="password" class="form-control" id="password-confirm" name="password-confirm" autocomplete="off">
|
||||
<input type="password" class="form-control" id="password-confirm" name="password-confirm" autocomplete="new-password">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
|
|||
|
|
@ -6,15 +6,15 @@
|
|||
${msg("updatePasswordTitle")}
|
||||
<#elseif section = "form">
|
||||
<form id="kc-passwd-update-form" class="${properties.kcFormClass!}" action="${url.loginAction}" method="post">
|
||||
<input type="text" readonly value="this is not a login form" style="display: none;">
|
||||
<input type="password" readonly value="this is not a login form" style="display: none;">
|
||||
<input type="text" id="username" name="username" value="${username}" autocomplete="username" readonly="readonly" style="display:none;"/>
|
||||
<input type="password" id="password" name="password" autocomplete="current-password" style="display:none;"/>
|
||||
|
||||
<div class="${properties.kcFormGroupClass!}">
|
||||
<div class="${properties.kcLabelWrapperClass!}">
|
||||
<label for="password-new" class="${properties.kcLabelClass!}">${msg("passwordNew")}</label>
|
||||
</div>
|
||||
<div class="${properties.kcInputWrapperClass!}">
|
||||
<input type="password" id="password-new" name="password-new" class="${properties.kcInputClass!}" autofocus autocomplete="off" />
|
||||
<input type="password" id="password-new" name="password-new" class="${properties.kcInputClass!}" autofocus autocomplete="new-password" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
@ -23,7 +23,7 @@
|
|||
<label for="password-confirm" class="${properties.kcLabelClass!}">${msg("passwordConfirm")}</label>
|
||||
</div>
|
||||
<div class="${properties.kcInputWrapperClass!}">
|
||||
<input type="password" id="password-confirm" name="password-confirm" class="${properties.kcInputClass!}" autocomplete="off" />
|
||||
<input type="password" id="password-confirm" name="password-confirm" class="${properties.kcInputClass!}" autocomplete="new-password" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
|
|||
|
|
@ -6,19 +6,6 @@
|
|||
${msg("registerWithTitleHtml",(realm.displayNameHtml!''))?no_esc}
|
||||
<#elseif section = "form">
|
||||
<form id="kc-register-form" class="${properties.kcFormClass!}" action="${url.registrationAction}" method="post">
|
||||
<input type="text" readonly value="this is not a login form" style="display: none;">
|
||||
<input type="password" readonly value="this is not a login form" style="display: none;">
|
||||
|
||||
<#if !realm.registrationEmailAsUsername>
|
||||
<div class="${properties.kcFormGroupClass!} ${messagesPerField.printIfExists('username',properties.kcFormGroupErrorClass!)}">
|
||||
<div class="${properties.kcLabelWrapperClass!}">
|
||||
<label for="username" class="${properties.kcLabelClass!}">${msg("username")}</label>
|
||||
</div>
|
||||
<div class="${properties.kcInputWrapperClass!}">
|
||||
<input type="text" id="username" class="${properties.kcInputClass!}" name="username" value="${(register.formData.username!'')}" />
|
||||
</div>
|
||||
</div>
|
||||
</#if>
|
||||
<div class="${properties.kcFormGroupClass!} ${messagesPerField.printIfExists('firstName',properties.kcFormGroupErrorClass!)}">
|
||||
<div class="${properties.kcLabelWrapperClass!}">
|
||||
<label for="firstName" class="${properties.kcLabelClass!}">${msg("firstName")}</label>
|
||||
|
|
@ -42,17 +29,28 @@
|
|||
<label for="email" class="${properties.kcLabelClass!}">${msg("email")}</label>
|
||||
</div>
|
||||
<div class="${properties.kcInputWrapperClass!}">
|
||||
<input type="text" id="email" class="${properties.kcInputClass!}" name="email" value="${(register.formData.email!'')}" />
|
||||
<input type="text" id="email" class="${properties.kcInputClass!}" name="email" value="${(register.formData.email!'')}" autocomplete="email" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<#if !realm.registrationEmailAsUsername>
|
||||
<div class="${properties.kcFormGroupClass!} ${messagesPerField.printIfExists('username',properties.kcFormGroupErrorClass!)}">
|
||||
<div class="${properties.kcLabelWrapperClass!}">
|
||||
<label for="username" class="${properties.kcLabelClass!}">${msg("username")}</label>
|
||||
</div>
|
||||
<div class="${properties.kcInputWrapperClass!}">
|
||||
<input type="text" id="username" class="${properties.kcInputClass!}" name="username" value="${(register.formData.username!'')}" autocomplete="username" />
|
||||
</div>
|
||||
</div>
|
||||
</#if>
|
||||
|
||||
<#if passwordRequired>
|
||||
<div class="${properties.kcFormGroupClass!} ${messagesPerField.printIfExists('password',properties.kcFormGroupErrorClass!)}">
|
||||
<div class="${properties.kcLabelWrapperClass!}">
|
||||
<label for="password" class="${properties.kcLabelClass!}">${msg("password")}</label>
|
||||
</div>
|
||||
<div class="${properties.kcInputWrapperClass!}">
|
||||
<input type="password" id="password" class="${properties.kcInputClass!}" name="password" />
|
||||
<input type="password" id="password" class="${properties.kcInputClass!}" name="password" autocomplete="new-password"/>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue