[KEYCLOAK-14611] Incorrect error message shown on duplicated email registration

This commit is contained in:
Douglas Palmer 2020-07-13 16:56:52 -07:00 committed by Bruno Oliveira da Silva
parent 969b09f530
commit 6d5495141d
3 changed files with 58 additions and 7 deletions

View file

@ -28,6 +28,7 @@ import org.keycloak.forms.login.LoginFormsProvider;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.FormMessage;
@ -83,11 +84,21 @@ public class RegistrationProfile implements FormAction, FormActionFactory {
emailValid = false;
}
if (emailValid && !context.getRealm().isDuplicateEmailsAllowed() && context.getSession().users().getUserByEmail(email, context.getRealm()) != null) {
eventError = Errors.EMAIL_IN_USE;
formData.remove(Validation.FIELD_EMAIL);
context.getEvent().detail(Details.EMAIL, email);
errors.add(new FormMessage(RegistrationPage.FIELD_EMAIL, Messages.EMAIL_EXISTS));
if (emailValid && !context.getRealm().isDuplicateEmailsAllowed()) {
boolean duplicateEmail = false;
try {
if(context.getSession().users().getUserByEmail(email, context.getRealm()) != null) {
duplicateEmail = true;
}
} catch (ModelDuplicateException e) {
duplicateEmail = true;
}
if (duplicateEmail) {
eventError = Errors.EMAIL_IN_USE;
formData.remove(Validation.FIELD_EMAIL);
context.getEvent().detail(Details.EMAIL, email);
errors.add(new FormMessage(RegistrationPage.FIELD_EMAIL, Messages.EMAIL_EXISTS));
}
}
if (errors.size() > 0) {

View file

@ -121,8 +121,14 @@ public class UsersResource {
if (session.users().getUserByUsername(username, realm) != null) {
return ErrorResponse.exists("User exists with same username");
}
if (rep.getEmail() != null && !realm.isDuplicateEmailsAllowed() && session.users().getUserByEmail(rep.getEmail(), realm) != null) {
return ErrorResponse.exists("User exists with same email");
if (rep.getEmail() != null && !realm.isDuplicateEmailsAllowed()) {
try {
if(session.users().getUserByEmail(rep.getEmail(), realm) != null) {
return ErrorResponse.exists("User exists with same email");
}
} catch (ModelDuplicateException e) {
return ErrorResponse.exists("User exists with same email");
}
}
try {

View file

@ -246,6 +246,40 @@ public class UserTest extends AbstractAdminTest {
user.setEmail("user1@localhost");
Response response = realm.users().create(user);
assertEquals(409, response.getStatus());
assertAdminEvents.assertEmpty();
ErrorRepresentation error = response.readEntity(ErrorRepresentation.class);
Assert.assertEquals("User exists with same email", error.getErrorMessage());
response.close();
}
//KEYCLOAK-14611
@Test
public void createDuplicateEmailWithExistingDuplicates() {
//Allow duplicate emails
RealmRepresentation rep = realm.toRepresentation();
rep.setDuplicateEmailsAllowed(true);
realm.update(rep);
//Create 2 users with the same email
UserRepresentation user = new UserRepresentation();
user.setEmail("user1@localhost");
user.setUsername("user1");
createUser(user, false);
user.setUsername("user2");
createUser(user, false);
//Disallow duplicate emails
rep.setDuplicateEmailsAllowed(false);
realm.update(rep);
//Create a third user with the same email
user.setUsername("user3");
Response response = realm.users().create(user);
assertEquals(409, response.getStatus());
ErrorRepresentation error = response.readEntity(ErrorRepresentation.class);
Assert.assertEquals("User exists with same email", error.getErrorMessage());
response.close();
}