commit
97a08a1d99
3 changed files with 42 additions and 6 deletions
|
@ -126,9 +126,13 @@ public class ClientSessionCode {
|
||||||
}
|
}
|
||||||
|
|
||||||
public static ClientSessionModel getClientSession(String code, KeycloakSession session, RealmModel realm) {
|
public static ClientSessionModel getClientSession(String code, KeycloakSession session, RealmModel realm) {
|
||||||
String[] parts = code.split("\\.");
|
try {
|
||||||
String id = parts[1];
|
String[] parts = code.split("\\.");
|
||||||
return session.sessions().getClientSession(realm, id);
|
String id = parts[1];
|
||||||
|
return session.sessions().getClientSession(realm, id);
|
||||||
|
} catch (ArrayIndexOutOfBoundsException e) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public ClientSessionModel getClientSession() {
|
public ClientSessionModel getClientSession() {
|
||||||
|
|
|
@ -715,14 +715,15 @@ public class LoginActionsService {
|
||||||
String keyFromSession = null;
|
String keyFromSession = null;
|
||||||
if (code != null) {
|
if (code != null) {
|
||||||
clientSession = ClientSessionCode.getClientSession(code, session, realm);
|
clientSession = ClientSessionCode.getClientSession(code, session, realm);
|
||||||
keyFromSession = clientSession.getNote(Constants.VERIFY_EMAIL_KEY);
|
keyFromSession = clientSession != null ? clientSession.getNote(Constants.VERIFY_EMAIL_KEY) : null;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (clientSession == null || !key.equals(keyFromSession)) {
|
if (!key.equals(keyFromSession)) {
|
||||||
ServicesLogger.LOGGER.invalidKeyForEmailVerification();
|
ServicesLogger.LOGGER.invalidKeyForEmailVerification();
|
||||||
event.error(Errors.INVALID_CODE);
|
event.error(Errors.INVALID_CODE);
|
||||||
throw new WebApplicationException(ErrorPage.error(session, Messages.STALE_VERIFY_EMAIL_LINK));
|
throw new WebApplicationException(ErrorPage.error(session, Messages.STALE_VERIFY_EMAIL_LINK));
|
||||||
}
|
}
|
||||||
|
|
||||||
clientSession.removeNote(Constants.VERIFY_EMAIL_KEY);
|
clientSession.removeNote(Constants.VERIFY_EMAIL_KEY);
|
||||||
|
|
||||||
Checks checks = new Checks();
|
Checks checks = new Checks();
|
||||||
|
|
|
@ -264,7 +264,7 @@ public class RequiredActionEmailVerificationTest extends TestRealmKeycloakTest {
|
||||||
.clearDetails()
|
.clearDetails()
|
||||||
.assertEvent();
|
.assertEvent();
|
||||||
|
|
||||||
String badKeyURL = KeycloakUriBuilder.fromUri(resendEmailLink).queryParam("key", "foo").build().toString();
|
String badKeyURL = KeycloakUriBuilder.fromUri(resendEmailLink).replaceQueryParam("key", "foo").build().toString();
|
||||||
driver.navigate().to(badKeyURL);
|
driver.navigate().to(badKeyURL);
|
||||||
|
|
||||||
events.expectRequiredAction(EventType.VERIFY_EMAIL_ERROR)
|
events.expectRequiredAction(EventType.VERIFY_EMAIL_ERROR)
|
||||||
|
@ -276,6 +276,37 @@ public class RequiredActionEmailVerificationTest extends TestRealmKeycloakTest {
|
||||||
.assertEvent();
|
.assertEvent();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void verifyEmailBadCode() throws IOException, MessagingException {
|
||||||
|
loginPage.open();
|
||||||
|
loginPage.login("test-user@localhost", "password");
|
||||||
|
|
||||||
|
Assert.assertTrue(verifyEmailPage.isCurrent());
|
||||||
|
|
||||||
|
Assert.assertEquals(1, greenMail.getReceivedMessages().length);
|
||||||
|
|
||||||
|
MimeMessage message = greenMail.getReceivedMessages()[0];
|
||||||
|
|
||||||
|
String verificationUrl = getPasswordResetEmailLink(message);
|
||||||
|
|
||||||
|
verificationUrl = KeycloakUriBuilder.fromUri(verificationUrl).replaceQueryParam("code", "foo").build().toString();
|
||||||
|
|
||||||
|
events.poll();
|
||||||
|
|
||||||
|
driver.navigate().to(verificationUrl.trim());
|
||||||
|
|
||||||
|
assertEquals("The link you clicked is a old stale link and is no longer valid. Maybe you have already verified your email?", errorPage.getError());
|
||||||
|
|
||||||
|
events.expectRequiredAction(EventType.VERIFY_EMAIL_ERROR)
|
||||||
|
.error(Errors.INVALID_CODE)
|
||||||
|
.client((String)null)
|
||||||
|
.user((String)null)
|
||||||
|
.session((String)null)
|
||||||
|
.clearDetails()
|
||||||
|
.assertEvent();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
public static String getPasswordResetEmailLink(MimeMessage message) throws IOException, MessagingException {
|
public static String getPasswordResetEmailLink(MimeMessage message) throws IOException, MessagingException {
|
||||||
Multipart multipart = (Multipart) message.getContent();
|
Multipart multipart = (Multipart) message.getContent();
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue