KEYCLOAK-1802

This commit is contained in:
mposolda 2015-09-04 12:21:33 +02:00
parent 853f1af40d
commit 6318964374
3 changed files with 18 additions and 2 deletions

View file

@ -327,6 +327,10 @@ public class LDAPOperationManager {
InitialContext authCtx = null;
try {
if (password == null || password.isEmpty()) {
throw new Exception("Empty password used");
}
Hashtable<String, Object> env = new Hashtable<String, Object>(this.connectionProperties);
env.put(Context.SECURITY_PRINCIPAL, dn);

View file

@ -31,7 +31,7 @@ public class ValidatePassword extends AbstractDirectGrantAuthenticator {
MultivaluedMap<String, String> inputData = context.getHttpRequest().getDecodedFormParameters();
List<UserCredentialModel> credentials = new LinkedList<>();
String password = inputData.getFirst(CredentialRepresentation.PASSWORD);
if (password == null) {
if (password == null || password.isEmpty()) {
if (context.getUser() != null) {
context.getEvent().user(context.getUser());
}

View file

@ -27,6 +27,7 @@ import org.keycloak.models.UserFederationProvider;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.representations.AccessToken;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.testsuite.OAuthClient;
import org.keycloak.testsuite.pages.AccountPasswordPage;
@ -43,6 +44,8 @@ import org.openqa.selenium.WebDriver;
import java.util.List;
import java.util.Map;
import static org.junit.Assert.assertEquals;
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
*/
@ -247,6 +250,16 @@ public class FederationProvidersIntegrationTest {
Assert.assertEquals("john@email.org", profilePage.getEmail());
}
@Test
public void loginLdapWithDirectGrant() throws Exception {
OAuthClient.AccessTokenResponse response = oauth.doGrantAccessTokenRequest("password", "johnkeycloak", "Password1");
assertEquals(200, response.getStatusCode());
AccessToken accessToken = oauth.verifyToken(response.getAccessToken());
response = oauth.doGrantAccessTokenRequest("password", "johnkeycloak", "");
assertEquals(401, response.getStatusCode());
}
@Test
public void loginLdapWithEmail() {
loginPage.open();
@ -260,7 +273,6 @@ public class FederationProvidersIntegrationTest {
public void loginLdapWithoutPassword() {
loginPage.open();
loginPage.login("john@email.org", "");
Assert.assertEquals("Invalid username or password.", loginPage.getError());
}