libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

KEYCLOAK-1802

Browse source
This commit is contained in:
mposolda 2015-09-04 12:21:33 +02:00
parent 853f1af40d
commit 6318964374
3 changed files with 18 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/store/ldap/LDAPOperationManager.java
View file

@ -327,6 +327,10 @@ public class LDAPOperationManager {
InitialContext authCtx = null; InitialContext authCtx = null;
try { try {
if (password == null || password.isEmpty()) {
throw new Exception("Empty password used");
}
Hashtable<String, Object> env = new Hashtable<String, Object>(this.connectionProperties); Hashtable<String, Object> env = new Hashtable<String, Object>(this.connectionProperties);
env.put(Context.SECURITY_PRINCIPAL, dn); env.put(Context.SECURITY_PRINCIPAL, dn);

2
services/src/main/java/org/keycloak/authentication/authenticators/directgrant/ValidatePassword.java
View file

@ -31,7 +31,7 @@ public class ValidatePassword extends AbstractDirectGrantAuthenticator {
MultivaluedMap<String, String> inputData = context.getHttpRequest().getDecodedFormParameters(); MultivaluedMap<String, String> inputData = context.getHttpRequest().getDecodedFormParameters();
List<UserCredentialModel> credentials = new LinkedList<>(); List<UserCredentialModel> credentials = new LinkedList<>();
String password = inputData.getFirst(CredentialRepresentation.PASSWORD); String password = inputData.getFirst(CredentialRepresentation.PASSWORD);
if (password == null) { if (password == null || password.isEmpty()) {
if (context.getUser() != null) { if (context.getUser() != null) {
context.getEvent().user(context.getUser()); context.getEvent().user(context.getUser());
} }

14
testsuite/integration/src/test/java/org/keycloak/testsuite/federation/FederationProvidersIntegrationTest.java
View file

@ -27,6 +27,7 @@ import org.keycloak.models.UserFederationProvider;
import org.keycloak.models.UserFederationProviderModel; import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel; import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.representations.AccessToken;
import org.keycloak.services.managers.RealmManager; import org.keycloak.services.managers.RealmManager;
import org.keycloak.testsuite.OAuthClient; import org.keycloak.testsuite.OAuthClient;
import org.keycloak.testsuite.pages.AccountPasswordPage; import org.keycloak.testsuite.pages.AccountPasswordPage;
@ -43,6 +44,8 @@ import org.openqa.selenium.WebDriver;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import static org.junit.Assert.assertEquals;
/** /**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a> * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
*/ */
@ -247,6 +250,16 @@ public class FederationProvidersIntegrationTest {
Assert.assertEquals("john@email.org", profilePage.getEmail()); Assert.assertEquals("john@email.org", profilePage.getEmail());
} }
@Test
public void loginLdapWithDirectGrant() throws Exception {
OAuthClient.AccessTokenResponse response = oauth.doGrantAccessTokenRequest("password", "johnkeycloak", "Password1");
assertEquals(200, response.getStatusCode());
AccessToken accessToken = oauth.verifyToken(response.getAccessToken());
response = oauth.doGrantAccessTokenRequest("password", "johnkeycloak", "");
assertEquals(401, response.getStatusCode());
}
@Test @Test
public void loginLdapWithEmail() { public void loginLdapWithEmail() {
loginPage.open(); loginPage.open();
@ -260,7 +273,6 @@ public class FederationProvidersIntegrationTest {
public void loginLdapWithoutPassword() { public void loginLdapWithoutPassword() {
loginPage.open(); loginPage.open();
loginPage.login("john@email.org", ""); loginPage.login("john@email.org", "");
Assert.assertEquals("Invalid username or password.", loginPage.getError()); Assert.assertEquals("Invalid username or password.", loginPage.getError());
} }