Merge remote-tracking branch 'upstream/master'

This commit is contained in:
Bill Burke 2015-02-11 20:54:11 -05:00
commit 889fe8dd8c
7 changed files with 32 additions and 7 deletions

View file

@ -107,9 +107,11 @@ public class KerberosIdentityProvider extends AbstractIdentityProvider<KerberosI
Response response = request.getSession().getProvider(LoginFormsProvider.class)
.setRealm(request.getRealm())
.setUriInfo(request.getUriInfo())
.setError("errorKerberosLogin")
.setClient(request.getClientSession().getClient())
.setClientSessionCode(getRelayState(request))
.setWarning("errorKerberosLogin")
.setStatus(Response.Status.UNAUTHORIZED)
.createErrorPage();
.createLogin();
response.getMetadata().putSingle(HttpHeaders.WWW_AUTHENTICATE, negotiateHeader);
return AuthenticationResponse.fromResponse(response);

View file

@ -27,6 +27,7 @@ public interface Errors {
String INVALID_SIGNATURE = "invalid_signature";
String INVALID_REGISTRATION = "invalid_registration";
String INVALID_FORM = "invalid_form";
String EXPIRED_CODE = "expired_code";
String REGISTRATION_DISABLED = "registration_disabled";

View file

@ -34,6 +34,7 @@ invalidPassword=Invalid username or password.
invalidEmail=Invalid email address
accountDisabled=Account is disabled, contact admin
accountTemporarilyDisabled=Account is temporarily disabled, contact admin or try again later
expiredCode=Login timeout or unknown action. Please login again
missingFirstName=Please specify first name
missingLastName=Please specify last name
@ -97,7 +98,7 @@ actionPasswordWarning=You need to change your password to activate your account.
actionEmailWarning=You need to verify your email address to activate your account.
actionFollow=Please fill in the fields below.
errorKerberosLogin=Unable to login with Kerberos
errorKerberosLogin=Unable to login with Kerberos. Request Kerberos ticket or use different login mechanism
successHeader=Success!
errorHeader=Error!

View file

@ -39,6 +39,8 @@ public class Messages {
public static final String INVALID_USER = "invalidUser";
public static final String EXPIRED_CODE = "expiredCode";
public static final String READ_ONLY_USER = "readOnlyUser";
public static final String READ_ONLY_PASSWORD = "readOnlyPassword";

View file

@ -275,8 +275,8 @@ public class LoginActionsService {
ClientSessionModel clientSession = clientCode.getClientSession();
if (!clientCode.isValid(ClientSessionModel.Action.AUTHENTICATE) || clientSession.getUserSession() != null) {
clientCode.setAction(ClientSessionModel.Action.AUTHENTICATE);
event.client(clientSession.getClient()).error(Errors.INVALID_CODE);
return Flows.forms(this.session, realm, clientSession.getClient(), uriInfo).setError(Messages.INVALID_USER)
event.client(clientSession.getClient()).error(Errors.EXPIRED_CODE);
return Flows.forms(this.session, realm, clientSession.getClient(), uriInfo).setError(Messages.EXPIRED_CODE)
.setClientSessionCode(clientCode.getCode())
.createLogin();
}

View file

@ -42,6 +42,7 @@ import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.rule.KeycloakRule;
import org.keycloak.testsuite.rule.WebResource;
import org.keycloak.testsuite.rule.WebRule;
import org.keycloak.util.Time;
import org.openqa.selenium.WebDriver;
import javax.ws.rs.client.Client;
@ -276,4 +277,22 @@ public class LoginTest {
events.expectLogin().error("rejected_by_user").user((String) null).session((String) null).removeDetail(Details.USERNAME).removeDetail(Details.CODE_ID).assertEvent();
}
// KEYCLOAK-1037
@Test
public void loginExpiredCode() {
try {
loginPage.open();
Time.setOffset(5000);
loginPage.login("login@test.com", "password");
loginPage.assertCurrent();
Assert.assertEquals("Login timeout or unknown action. Please login again", loginPage.getError());
events.expectLogin().user((String) null).session((String) null).error("expired_code").clearDetails().assertEvent();
} finally {
Time.setOffset(0);
}
}
}

View file

@ -164,9 +164,9 @@ public class LoginTotpTest {
loginTotpPage.login(totp.generate("totpSecret"));
loginPage.assertCurrent();
Assert.assertEquals("Invalid username or password.", loginPage.getError());
Assert.assertEquals("Login timeout or unknown action. Please login again", loginPage.getError());
AssertEvents.ExpectedEvent expectedEvent = events.expectLogin().error("invalid_code")
AssertEvents.ExpectedEvent expectedEvent = events.expectLogin().error("expired_code")
.user((String)null)
.clearDetails()
.session((String) null);