KEYCLOAK-4042 Better error message when failed updating MSAD password in account mgmt

2016-12-06 11:07:16 +01:00 · 2016-12-06 11:07:16 +01:00 · ba51640c61
commit ba51640c61
parent 287593d75f
4 changed files with 28 additions and 3 deletions
--- a/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProvider.java
+++ b/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProvider.java
@ -488,9 +488,20 @@ public class LDAPStorageProvider implements UserStorageProvider,
            UserCredentialModel cred = (UserCredentialModel)input;
            String password = cred.getValue();
            LDAPObject ldapUser = loadAndValidateUser(realm, user);
-            ldapIdentityStore.updatePassword(ldapUser, password);
-            if (updater != null) updater.passwordUpdated(user, ldapUser, input);
-            return true;
+
+            try {
+                ldapIdentityStore.updatePassword(ldapUser, password);
+                if (updater != null) updater.passwordUpdated(user, ldapUser, input);
+                return true;
+            } catch (ModelException me) {
+                if (updater != null) {
+                    updater.passwordUpdateFailed(user, ldapUser, input, me);
+                    return false;
+                } else {
+                    throw me;
+                }
+            }
+
        } else {
            return false;
        }
--- a/federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/PasswordUpdated.java
+++ b/federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/PasswordUpdated.java
@ -17,6 +17,7 @@
 package org.keycloak.storage.ldap.mappers;

 import org.keycloak.credential.CredentialInput;
+import org.keycloak.models.ModelException;
 import org.keycloak.models.UserModel;
 import org.keycloak.storage.ldap.idm.model.LDAPObject;

@ -25,5 +26,8 @@ import org.keycloak.storage.ldap.idm.model.LDAPObject;
 * @version $Revision: 1 $
 */
 public interface PasswordUpdated {
+
    void passwordUpdated(UserModel user, LDAPObject ldapUser, CredentialInput input);
+
+    void passwordUpdateFailed(UserModel user, LDAPObject ldapUser, CredentialInput input, ModelException exception) throws ModelException;
 }
--- a/federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/msad/MSADUserAccountControlStorageMapper.java
+++ b/federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/msad/MSADUserAccountControlStorageMapper.java
@ -89,6 +89,11 @@ public class MSADUserAccountControlStorageMapper extends AbstractLDAPStorageMapp
        updateUserAccountControl(ldapUser, control);
    }

+    @Override
+    public void passwordUpdateFailed(UserModel user, LDAPObject ldapUser, CredentialInput input, ModelException exception) {
+        throw processFailedPasswordUpdateException(exception);
+    }
+
    @Override
    public UserModel proxy(LDAPObject ldapUser, UserModel delegate) {
        return new MSADUserModelDelegate(delegate, ldapUser);
--- a/federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/msadlds/MSADLDSUserAccountControlStorageMapper.java
+++ b/federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/msadlds/MSADLDSUserAccountControlStorageMapper.java
@ -88,6 +88,11 @@ public class MSADLDSUserAccountControlStorageMapper extends AbstractLDAPStorageM
        ldapProvider.getLdapIdentityStore().update(ldapUser);
    }

+    @Override
+    public void passwordUpdateFailed(UserModel user, LDAPObject ldapUser, CredentialInput input, ModelException exception) {
+        throw processFailedPasswordUpdateException(exception);
+    }
+
    @Override
    public UserModel proxy(LDAPObject ldapUser, UserModel delegate) {
        return new MSADUserModelDelegate(delegate, ldapUser);