libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Merge pull request #3703 from stianst/KEYCLOAK-4116

Browse source 
KEYCLOAK-4116 Trim username on recover password page
This commit is contained in:
Stian Thorgersen 2017-01-04 07:00:51 +01:00 committed by GitHub
commit 5212f57b5b
2 changed files with 10 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetCredentialChooseUser.java
View file

@ -80,6 +80,8 @@ public class ResetCredentialChooseUser implements Authenticator, AuthenticatorFa
context.failureChallenge(AuthenticationFlowError.INVALID_USER, challenge); context.failureChallenge(AuthenticationFlowError.INVALID_USER, challenge);
return; return;
} }
username = username.trim();
RealmModel realm = context.getRealm(); RealmModel realm = context.getRealm();
UserModel user = context.getSession().users().getUserByUsername(username, realm); UserModel user = context.getSession().users().getUserByUsername(username, realm);

11
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java
View file

@ -177,6 +177,11 @@ public class ResetPasswordTest extends AbstractTestRealmKeycloakTest {
resetPassword("login-test"); resetPassword("login-test");
} }
@Test
public void resetPasswordWithSpacesInUsername() throws IOException, MessagingException {
resetPassword(" login-test ");
}
@Test @Test
public void resetPasswordCancelChangeUser() throws IOException, MessagingException { public void resetPasswordCancelChangeUser() throws IOException, MessagingException {
loginPage.open(); loginPage.open();
@ -224,7 +229,7 @@ public class ResetPasswordTest extends AbstractTestRealmKeycloakTest {
events.expectRequiredAction(EventType.SEND_RESET_PASSWORD) events.expectRequiredAction(EventType.SEND_RESET_PASSWORD)
.user(userId) .user(userId)
.detail(Details.USERNAME, username) .detail(Details.USERNAME, username.trim())
.detail(Details.EMAIL, "login@test.com") .detail(Details.EMAIL, "login@test.com")
.session((String)null) .session((String)null)
.assertEvent(); .assertEvent();
@ -241,11 +246,11 @@ public class ResetPasswordTest extends AbstractTestRealmKeycloakTest {
updatePasswordPage.changePassword("resetPassword", "resetPassword"); updatePasswordPage.changePassword("resetPassword", "resetPassword");
String sessionId = events.expectRequiredAction(EventType.UPDATE_PASSWORD).user(userId).detail(Details.USERNAME, username).assertEvent().getSessionId(); String sessionId = events.expectRequiredAction(EventType.UPDATE_PASSWORD).user(userId).detail(Details.USERNAME, username.trim()).assertEvent().getSessionId();
assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType()); assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
events.expectLogin().user(userId).detail(Details.USERNAME, username).session(sessionId).assertEvent(); events.expectLogin().user(userId).detail(Details.USERNAME, username.trim()).session(sessionId).assertEvent();
oauth.openLogout(); oauth.openLogout();