From 370b86141cdabe1aac555c2bc168c74d568aecce Mon Sep 17 00:00:00 2001 From: Stian Thorgersen Date: Wed, 2 Mar 2016 08:08:48 +0100 Subject: [PATCH] KEYCLOAK-2557 Cannot login with email if another user is using this email as username --- .../models/utils/KeycloakModelUtils.java | 13 +++++--- .../keycloak/testsuite/forms/LoginTest.java | 31 ++++++++++++++----- 2 files changed, 32 insertions(+), 12 deletions(-) diff --git a/server-spi/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java b/server-spi/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java index c4906d659e..f3606c9aa1 100755 --- a/server-spi/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java +++ b/server-spi/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java @@ -254,18 +254,21 @@ public final class KeycloakModelUtils { } /** - * Try to find user by given username. If it fails, then fallback to find him by email + * Try to find user by username or email * * @param realm realm * @param username username or email of user * @return found user */ public static UserModel findUserByNameOrEmail(KeycloakSession session, RealmModel realm, String username) { - UserModel user = session.users().getUserByUsername(username, realm); - if (user == null && username.contains("@")) { - user = session.users().getUserByEmail(username, realm); + if (username.indexOf('@') != -1) { + UserModel user = session.users().getUserByEmail(username, realm); + if (user != null) { + return user; + } } - return user; + + return session.users().getUserByUsername(username, realm); } /** diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/LoginTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/LoginTest.java index de3619dc3d..777fd353f6 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/LoginTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/LoginTest.java @@ -25,6 +25,7 @@ import org.keycloak.events.Details; import org.keycloak.events.Event; import org.keycloak.events.EventType; import org.keycloak.models.BrowserSecurityHeaders; +import org.keycloak.models.KeycloakSession; import org.keycloak.models.PasswordPolicy; import org.keycloak.models.RealmModel; import org.keycloak.models.UserCredentialModel; @@ -64,17 +65,13 @@ public class LoginTest { @Override public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) { - UserCredentialModel creds = new UserCredentialModel(); - creds.setType(CredentialRepresentation.PASSWORD); - creds.setValue("password"); - UserModel user = manager.getSession().users().addUser(appRealm, "login-test"); user.setEmail("login@test.com"); user.setEnabled(true); userId = user.getId(); - user.updateCredential(creds); + user.updateCredential(UserCredentialModel.password("password")); UserModel user2 = manager.getSession().users().addUser(appRealm, "login-test2"); user2.setEmail("login2@test.com"); @@ -82,7 +79,7 @@ public class LoginTest { user2Id = user2.getId(); - user2.updateCredential(creds); + user2.updateCredential(UserCredentialModel.password("password")); } }); @@ -303,11 +300,31 @@ public class LoginTest { .assertEvent(); } + @Test + // KEYCLOAK-2557 + public void loginUserWithEmailAsUsername() { + KeycloakSession session = keycloakRule.startSession(); + + UserModel user = session.users().addUser(session.realms().getRealmByName("test"), "login@test.com"); + user.setEnabled(true); + user.updateCredential(UserCredentialModel.password("password")); + + keycloakRule.stopSession(session, true); + + loginPage.open(); + loginPage.login("login@test.com", "password"); + + Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType()); + Assert.assertNotNull(oauth.getCurrentQuery().get(OAuth2Constants.CODE)); + + events.expectLogin().user(userId).detail(Details.USERNAME, "login@test.com").assertEvent(); + } + @Test public void loginSuccess() { loginPage.open(); loginPage.login("login-test", "password"); - + Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType()); Assert.assertNotNull(oauth.getCurrentQuery().get(OAuth2Constants.CODE));