libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

KEYCLOAK-1971 REST end point does't validate password policies properly

Browse source
This commit is contained in:
Stian Thorgersen 2015-11-24 20:50:41 +01:00
parent ccd456dba6
commit 500bced6ee
2 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
model/api/src/main/java/org/keycloak/models/PasswordPolicy.java
View file

@ -76,6 +76,8 @@ public class PasswordPolicy implements Serializable {
list.add(new PasswordHistory(arg)); list.add(new PasswordHistory(arg));
} else if (name.equals(ForceExpiredPasswordChange.NAME)) { } else if (name.equals(ForceExpiredPasswordChange.NAME)) {
list.add(new ForceExpiredPasswordChange(arg)); list.add(new ForceExpiredPasswordChange(arg));
} else {
throw new IllegalArgumentException("Unsupported policy");
} }
} }
return list; return list;

9
model/api/src/test/java/org/keycloak/models/PasswordPolicyTest.java
View file

@ -84,6 +84,15 @@ public class PasswordPolicyTest {
Assert.assertNull(policy.validate("jdoe", "ab&d1234")); Assert.assertNull(policy.validate("jdoe", "ab&d1234"));
} }
@Test
public void testInvalidPolicyName() {
try {
PasswordPolicy policy = new PasswordPolicy("noSuchPolicy");
Assert.fail("Expected exception");
} catch (IllegalArgumentException e) {
}
}
@Test @Test
public void testRegexPatterns() { public void testRegexPatterns() {
PasswordPolicy policy = null; PasswordPolicy policy = null;