Merge branch 'gerbermichi-reset-password'
This commit is contained in:
commit
6c8013182b
3 changed files with 43 additions and 1 deletions
|
@ -816,6 +816,8 @@ public class LoginActionsService {
|
|||
|
||||
if (user == null) {
|
||||
event.error(Errors.USER_NOT_FOUND);
|
||||
} else if(!user.isEnabled()) {
|
||||
event.user(user).error(Errors.USER_DISABLED);
|
||||
} else {
|
||||
UserSessionModel userSession = session.sessions().createUserSession(realm, user, username, clientConnection.getRemoteAddr(), "form", false);
|
||||
event.session(userSession);
|
||||
|
|
|
@ -686,7 +686,11 @@ public class UsersResource {
|
|||
|
||||
UserModel user = session.users().getUserByUsername(username, realm);
|
||||
if (user == null) {
|
||||
throw new NotFoundException("User not found");
|
||||
return Flows.errors().error("User not found", Response.Status.NOT_FOUND);
|
||||
}
|
||||
|
||||
if (!user.isEnabled()) {
|
||||
return Flows.errors().error("User is disabled", Response.Status.BAD_REQUEST);
|
||||
}
|
||||
|
||||
if (user.getEmail() == null) {
|
||||
|
|
|
@ -221,6 +221,42 @@ public class ResetPasswordTest {
|
|||
events.expectRequiredAction(EventType.SEND_RESET_PASSWORD).user((String) null).session((String) null).detail(Details.USERNAME, "invalid").removeDetail(Details.EMAIL).removeDetail(Details.CODE_ID).error("user_not_found").assertEvent();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void resetPasswordDisabledUser() throws IOException, MessagingException, InterruptedException {
|
||||
keycloakRule.configure(new KeycloakRule.KeycloakSetup() {
|
||||
@Override
|
||||
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
|
||||
session.users().getUserByUsername("login-test", appRealm).setEnabled(false);
|
||||
}
|
||||
});
|
||||
|
||||
try {
|
||||
loginPage.open();
|
||||
loginPage.resetPassword();
|
||||
|
||||
resetPasswordPage.assertCurrent();
|
||||
|
||||
resetPasswordPage.changePassword("login-test");
|
||||
|
||||
resetPasswordPage.assertCurrent();
|
||||
|
||||
Assert.assertEquals("You should receive an email shortly with further instructions.", resetPasswordPage.getSuccessMessage());
|
||||
|
||||
Thread.sleep(1000);
|
||||
|
||||
Assert.assertEquals(0, greenMail.getReceivedMessages().length);
|
||||
|
||||
events.expectRequiredAction(EventType.SEND_RESET_PASSWORD).session((String) null).user(userId).detail(Details.USERNAME, "login-test").removeDetail(Details.CODE_ID).error("user_disabled").assertEvent();
|
||||
} finally {
|
||||
keycloakRule.configure(new KeycloakRule.KeycloakSetup() {
|
||||
@Override
|
||||
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
|
||||
session.users().getUserByUsername("login-test", appRealm).setEnabled(true);
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void resetPasswordWithPasswordPolicy() throws IOException, MessagingException {
|
||||
keycloakRule.update(new KeycloakRule.KeycloakSetup() {
|
||||
|
|
Loading…
Reference in a new issue