From 7be2c55f61ec35a8e5c5437f6e9afbf9beae1d50 Mon Sep 17 00:00:00 2001 From: mposolda Date: Mon, 10 Jul 2017 18:17:57 +0200 Subject: [PATCH] KEYCLOAK-5061 Better error messages when action expired --- .../main/java/org/keycloak/services/messages/Messages.java | 4 ++++ .../keycloak/services/resources/LoginActionsService.java | 4 ++-- .../actions/RequiredActionEmailVerificationTest.java | 4 ++-- .../test/java/org/keycloak/testsuite/admin/UserTest.java | 2 +- .../org/keycloak/testsuite/forms/ResetPasswordTest.java | 6 +++--- .../theme/base/login/messages/messages_en.properties | 2 ++ 6 files changed, 14 insertions(+), 8 deletions(-) diff --git a/services/src/main/java/org/keycloak/services/messages/Messages.java b/services/src/main/java/org/keycloak/services/messages/Messages.java index 295f07b27e..710779e8db 100755 --- a/services/src/main/java/org/keycloak/services/messages/Messages.java +++ b/services/src/main/java/org/keycloak/services/messages/Messages.java @@ -35,6 +35,10 @@ public class Messages { public static final String EXPIRED_ACTION = "expiredActionMessage"; + public static final String EXPIRED_ACTION_TOKEN_NO_SESSION = "expiredActionTokenNoSessionMessage"; + + public static final String EXPIRED_ACTION_TOKEN_SESSION_EXISTS = "expiredActionTokenSessionExistsMessage"; + public static final String MISSING_FIRST_NAME = "missingFirstNameMessage"; public static final String MISSING_LAST_NAME = "missingLastNameMessage"; diff --git a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java index b1bd354207..61bdf259e9 100755 --- a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java +++ b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java @@ -469,10 +469,10 @@ public class LoginActionsService { flowPath = AUTHENTICATE_PATH; } AuthenticationProcessor.resetFlow(authSession, flowPath); - return processAuthentication(false, null, authSession, Messages.LOGIN_TIMEOUT); + return processAuthentication(false, null, authSession, Messages.EXPIRED_ACTION_TOKEN_SESSION_EXISTS); } - return handleActionTokenVerificationException(null, ex, Errors.EXPIRED_CODE, defaultErrorMessage); + return handleActionTokenVerificationException(null, ex, Errors.EXPIRED_CODE, Messages.EXPIRED_ACTION_TOKEN_NO_SESSION); } catch (ExplainedTokenVerificationException ex) { return handleActionTokenVerificationException(null, ex, ex.getErrorEvent(), ex.getMessage()); } catch (VerificationException ex) { diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionEmailVerificationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionEmailVerificationTest.java index 9fd5c7ac57..041ee0edf8 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionEmailVerificationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionEmailVerificationTest.java @@ -424,7 +424,7 @@ public class RequiredActionEmailVerificationTest extends AbstractTestRealmKeyclo driver.navigate().to(verificationUrl.trim()); loginPage.assertCurrent(); - assertEquals("You took too long to login. Login process starting from beginning.", loginPage.getError()); + assertEquals("Action expired. Please login again.", loginPage.getError()); events.expectRequiredAction(EventType.EXECUTE_ACTION_TOKEN_ERROR) .error(Errors.EXPIRED_CODE) @@ -462,7 +462,7 @@ public class RequiredActionEmailVerificationTest extends AbstractTestRealmKeyclo driver.navigate().to(verificationUrl.trim()); errorPage.assertCurrent(); - assertEquals("The link you clicked is a old stale link and is no longer valid. Maybe you have already verified your email?", errorPage.getError()); + assertEquals("Action expired.", errorPage.getError()); events.expectRequiredAction(EventType.EXECUTE_ACTION_TOKEN_ERROR) .error(Errors.EXPIRED_CODE) diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserTest.java index 8314be09f7..d4de8e65a3 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserTest.java @@ -791,7 +791,7 @@ public class UserTest extends AbstractAdminTest { driver.navigate().to(link); errorPage.assertCurrent(); - assertEquals("An error occurred, please login again through your application.", errorPage.getError()); + assertEquals("Action expired.", errorPage.getError()); } finally { setTimeOffset(0); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java index 16d85ef370..32adba72e9 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java @@ -371,7 +371,7 @@ public class ResetPasswordTest extends AbstractTestRealmKeycloakTest { loginPage.assertCurrent(); - assertEquals("You took too long to login. Login process starting from beginning.", loginPage.getError()); + assertEquals("Action expired. Please login again.", loginPage.getError()); events.expectRequiredAction(EventType.EXECUTE_ACTION_TOKEN_ERROR).error("expired_code").client((String) null).user(userId).session((String) null).clearDetails().detail(Details.ACTION, ResetCredentialsActionToken.TOKEN_TYPE).assertEvent(); } finally { @@ -407,7 +407,7 @@ public class ResetPasswordTest extends AbstractTestRealmKeycloakTest { loginPage.assertCurrent(); - assertEquals("You took too long to login. Login process starting from beginning.", loginPage.getError()); + assertEquals("Action expired. Please login again.", loginPage.getError()); events.expectRequiredAction(EventType.EXECUTE_ACTION_TOKEN_ERROR).error("expired_code").client((String) null).user(userId).session((String) null).clearDetails().detail(Details.ACTION, ResetCredentialsActionToken.TOKEN_TYPE).assertEvent(); } finally { @@ -450,7 +450,7 @@ public class ResetPasswordTest extends AbstractTestRealmKeycloakTest { driver.navigate().to(changePasswordUrl.trim()); errorPage.assertCurrent(); - Assert.assertEquals("Reset Credential not allowed", errorPage.getError()); + Assert.assertEquals("Action expired.", errorPage.getError()); String backToAppLink = errorPage.getBackToApplicationLink(); Assert.assertTrue(backToAppLink.endsWith("/app/auth")); diff --git a/themes/src/main/resources/theme/base/login/messages/messages_en.properties b/themes/src/main/resources/theme/base/login/messages/messages_en.properties index e765d31cee..d319f5b552 100755 --- a/themes/src/main/resources/theme/base/login/messages/messages_en.properties +++ b/themes/src/main/resources/theme/base/login/messages/messages_en.properties @@ -130,6 +130,8 @@ accountDisabledMessage=Account is disabled, contact admin. accountTemporarilyDisabledMessage=Account is temporarily disabled, contact admin or try again later. expiredCodeMessage=Login timeout. Please login again. expiredActionMessage=Action expired. Please continue with login now. +expiredActionTokenNoSessionMessage=Action expired. +expiredActionTokenSessionExistsMessage=Action expired. Please login again. missingFirstNameMessage=Please specify first name. missingLastNameMessage=Please specify last name.