diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UserStorageProviderResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UserStorageProviderResource.java index 672822b6c0..74962754da 100644 --- a/services/src/main/java/org/keycloak/services/resources/admin/UserStorageProviderResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/UserStorageProviderResource.java @@ -142,8 +142,12 @@ public class UserStorageProviderResource { syncResult = syncManager.syncAllUsers(session.getKeycloakSessionFactory(), realm.getId(), providerModel); } else if ("triggerChangedUsersSync".equals(action)) { syncResult = syncManager.syncChangedUsers(session.getKeycloakSessionFactory(), realm.getId(), providerModel); + } else if (action == null || action == "") { + logger.debug("Missing action"); + throw new BadRequestException("Missing action"); } else { - throw new NotFoundException("Unknown action: " + action); + logger.debug("Unknown action: " + action); + throw new BadRequestException("Unknown action: " + action); } Map eventRep = new HashMap<>(); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPSyncTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPSyncTest.java index 6f56f599cd..2acd075683 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPSyncTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPSyncTest.java @@ -28,6 +28,7 @@ import org.junit.runners.MethodSorters; import org.keycloak.admin.client.resource.UserResource; import org.keycloak.component.ComponentModel; import org.keycloak.representations.idm.ComponentRepresentation; +import org.keycloak.representations.idm.SynchronizationResultRepresentation; import org.keycloak.services.managers.UserStorageSyncManager; import org.keycloak.storage.ldap.idm.model.LDAPObject; import org.keycloak.models.KeycloakSessionFactory; @@ -47,6 +48,8 @@ import org.keycloak.testsuite.util.WaitUtils; import static org.keycloak.testsuite.arquillian.DeploymentTargetModifier.AUTH_SERVER_CURRENT; +import javax.ws.rs.BadRequestException; + /** * @author Marek Posolda */ @@ -355,4 +358,29 @@ public class LDAPSyncTest extends AbstractLDAPTest { }); } + // KEYCLOAK-10770 user-storage/{id}/sync should return 400 instead of 404 + @Test + public void test05SyncRestAPIMissingAction() { + ComponentRepresentation ldapRep = testRealm().components().component(ldapModelId).toRepresentation(); + + try { + SynchronizationResultRepresentation syncResultRep = adminClient.realm("test").userStorage().syncUsers( ldapModelId, null); + Assert.fail("Should throw 400"); + } catch (Exception e) { + Assert.assertTrue(e instanceof BadRequestException); + } + } + + // KEYCLOAK-10770 user-storage/{id}/sync should return 400 instead of 404 + @Test + public void test06SyncRestAPIWrongAction() { + ComponentRepresentation ldapRep = testRealm().components().component(ldapModelId).toRepresentation(); + + try { + SynchronizationResultRepresentation syncResultRep = adminClient.realm("test").userStorage().syncUsers( ldapModelId, "wrong action"); + Assert.fail("Should throw 400"); + } catch (Exception e) { + Assert.assertTrue(e instanceof BadRequestException); + } + } }