From da6c9ab7c108cf6a80294cc67b4dd1a6729f65ed Mon Sep 17 00:00:00 2001 From: Pedro Igor Date: Wed, 10 Jul 2024 18:46:17 -0300 Subject: [PATCH] Bruteforce protector does not work when using organizations Closes #31204 Signed-off-by: Pedro Igor --- .../managers/DefaultBruteForceProtector.java | 8 +++-- .../member/OrganizationBruteForceTest.java | 30 +++++++++++++++++++ 2 files changed, 35 insertions(+), 3 deletions(-) create mode 100644 testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/organization/member/OrganizationBruteForceTest.java diff --git a/services/src/main/java/org/keycloak/services/managers/DefaultBruteForceProtector.java b/services/src/main/java/org/keycloak/services/managers/DefaultBruteForceProtector.java index 7415bac2bc..6d58624e77 100644 --- a/services/src/main/java/org/keycloak/services/managers/DefaultBruteForceProtector.java +++ b/services/src/main/java/org/keycloak/services/managers/DefaultBruteForceProtector.java @@ -181,10 +181,12 @@ public class DefaultBruteForceProtector implements BruteForceProtector { } private void processLogin(RealmModel realm, UserModel user, ClientConnection clientConnection, boolean success) { - KeycloakSession session = factory.create(); - ExecutorsProvider provider = session.getProvider(ExecutorsProvider.class); - ExecutorService executor = provider.getExecutor("bruteforce"); + ExecutorService executor = KeycloakModelUtils.runJobInTransactionWithResult(factory, session -> { + ExecutorsProvider provider = session.getProvider(ExecutorsProvider.class); + return provider.getExecutor("bruteforce"); + }); executor.execute(() -> KeycloakModelUtils.runJobInTransaction(factory, s -> { + s.getContext().setRealm(s.realms().getRealm(realm.getId())); if (success) { success(s, realm, user.getId()); } else { diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/organization/member/OrganizationBruteForceTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/organization/member/OrganizationBruteForceTest.java new file mode 100644 index 0000000000..f6eb45ff67 --- /dev/null +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/organization/member/OrganizationBruteForceTest.java @@ -0,0 +1,30 @@ +/* + * Copyright 2024 Red Hat, Inc. and/or its affiliates + * and other contributors as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.keycloak.testsuite.organization.member; + +import org.keycloak.common.Profile.Feature; +import org.keycloak.testsuite.arquillian.annotation.EnableFeature; +import org.keycloak.testsuite.forms.BruteForceTest; + +/** + * Remove this test class once the {@link Feature#ORGANIZATION} is supported + */ +@EnableFeature(Feature.ORGANIZATION) +public class OrganizationBruteForceTest extends BruteForceTest { + +}