From 500bced6ee81252de055145ce1cfc4321b1fa74a Mon Sep 17 00:00:00 2001 From: Stian Thorgersen Date: Tue, 24 Nov 2015 20:50:41 +0100 Subject: [PATCH] KEYCLOAK-1971 REST end point does't validate password policies properly --- .../main/java/org/keycloak/models/PasswordPolicy.java | 2 ++ .../java/org/keycloak/models/PasswordPolicyTest.java | 9 +++++++++ 2 files changed, 11 insertions(+) diff --git a/model/api/src/main/java/org/keycloak/models/PasswordPolicy.java b/model/api/src/main/java/org/keycloak/models/PasswordPolicy.java index aff7d37622..3674334ffe 100755 --- a/model/api/src/main/java/org/keycloak/models/PasswordPolicy.java +++ b/model/api/src/main/java/org/keycloak/models/PasswordPolicy.java @@ -76,6 +76,8 @@ public class PasswordPolicy implements Serializable { list.add(new PasswordHistory(arg)); } else if (name.equals(ForceExpiredPasswordChange.NAME)) { list.add(new ForceExpiredPasswordChange(arg)); + } else { + throw new IllegalArgumentException("Unsupported policy"); } } return list; diff --git a/model/api/src/test/java/org/keycloak/models/PasswordPolicyTest.java b/model/api/src/test/java/org/keycloak/models/PasswordPolicyTest.java index df76588a3d..8c662fb8af 100755 --- a/model/api/src/test/java/org/keycloak/models/PasswordPolicyTest.java +++ b/model/api/src/test/java/org/keycloak/models/PasswordPolicyTest.java @@ -83,6 +83,15 @@ public class PasswordPolicyTest { Assert.assertEquals("invalidPasswordNotUsernameMessage", policy.validate("jdoe", "jdoe").getMessage()); Assert.assertNull(policy.validate("jdoe", "ab&d1234")); } + + @Test + public void testInvalidPolicyName() { + try { + PasswordPolicy policy = new PasswordPolicy("noSuchPolicy"); + Assert.fail("Expected exception"); + } catch (IllegalArgumentException e) { + } + } @Test public void testRegexPatterns() {