libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Merge pull request #967 from mposolda/master

Browse source 
KEYCLOAK-1037 Bad error message on login form in case of expired code
This commit is contained in:
Marek Posolda 2015-02-11 18:49:51 +01:00
commit e63900dac9
6 changed files with 27 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
events/api/src/main/java/org/keycloak/events/Errors.java
View file

@ -27,6 +27,7 @@ public interface Errors {
String INVALID_SIGNATURE = "invalid_signature"; String INVALID_SIGNATURE = "invalid_signature";
String INVALID_REGISTRATION = "invalid_registration"; String INVALID_REGISTRATION = "invalid_registration";
String INVALID_FORM = "invalid_form"; String INVALID_FORM = "invalid_form";
String EXPIRED_CODE = "expired_code";
String REGISTRATION_DISABLED = "registration_disabled"; String REGISTRATION_DISABLED = "registration_disabled";

1
forms/common-themes/src/main/resources/theme/login/base/messages/messages.properties
View file

@ -34,6 +34,7 @@ invalidPassword=Invalid username or password.
invalidEmail=Invalid email address invalidEmail=Invalid email address
accountDisabled=Account is disabled, contact admin accountDisabled=Account is disabled, contact admin
accountTemporarilyDisabled=Account is temporarily disabled, contact admin or try again later accountTemporarilyDisabled=Account is temporarily disabled, contact admin or try again later
expiredCode=Login timeout or unknown action. Please login again
missingFirstName=Please specify first name missingFirstName=Please specify first name
missingLastName=Please specify last name missingLastName=Please specify last name

2
services/src/main/java/org/keycloak/services/messages/Messages.java
View file

@ -39,6 +39,8 @@ public class Messages {
public static final String INVALID_USER = "invalidUser"; public static final String INVALID_USER = "invalidUser";
public static final String EXPIRED_CODE = "expiredCode";
public static final String READ_ONLY_USER = "readOnlyUser"; public static final String READ_ONLY_USER = "readOnlyUser";
public static final String READ_ONLY_PASSWORD = "readOnlyPassword"; public static final String READ_ONLY_PASSWORD = "readOnlyPassword";

4
services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
View file

@ -275,8 +275,8 @@ public class LoginActionsService {
ClientSessionModel clientSession = clientCode.getClientSession(); ClientSessionModel clientSession = clientCode.getClientSession();
if (!clientCode.isValid(ClientSessionModel.Action.AUTHENTICATE) || clientSession.getUserSession() != null) { if (!clientCode.isValid(ClientSessionModel.Action.AUTHENTICATE) || clientSession.getUserSession() != null) {
clientCode.setAction(ClientSessionModel.Action.AUTHENTICATE); clientCode.setAction(ClientSessionModel.Action.AUTHENTICATE);
event.client(clientSession.getClient()).error(Errors.INVALID_CODE); event.client(clientSession.getClient()).error(Errors.EXPIRED_CODE);
return Flows.forms(this.session, realm, clientSession.getClient(), uriInfo).setError(Messages.INVALID_USER) return Flows.forms(this.session, realm, clientSession.getClient(), uriInfo).setError(Messages.EXPIRED_CODE)
.setClientSessionCode(clientCode.getCode()) .setClientSessionCode(clientCode.getCode())
.createLogin(); .createLogin();
} }

19
testsuite/integration/src/test/java/org/keycloak/testsuite/forms/LoginTest.java
View file

@ -42,6 +42,7 @@ import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.rule.KeycloakRule; import org.keycloak.testsuite.rule.KeycloakRule;
import org.keycloak.testsuite.rule.WebResource; import org.keycloak.testsuite.rule.WebResource;
import org.keycloak.testsuite.rule.WebRule; import org.keycloak.testsuite.rule.WebRule;
import org.keycloak.util.Time;
import org.openqa.selenium.WebDriver; import org.openqa.selenium.WebDriver;
import javax.ws.rs.client.Client; import javax.ws.rs.client.Client;
@ -276,4 +277,22 @@ public class LoginTest {
events.expectLogin().error("rejected_by_user").user((String) null).session((String) null).removeDetail(Details.USERNAME).removeDetail(Details.CODE_ID).assertEvent(); events.expectLogin().error("rejected_by_user").user((String) null).session((String) null).removeDetail(Details.USERNAME).removeDetail(Details.CODE_ID).assertEvent();
} }
// KEYCLOAK-1037
@Test
public void loginExpiredCode() {
try {
loginPage.open();
Time.setOffset(5000);
loginPage.login("login@test.com", "password");
loginPage.assertCurrent();
Assert.assertEquals("Login timeout or unknown action. Please login again", loginPage.getError());
events.expectLogin().user((String) null).session((String) null).error("expired_code").clearDetails().assertEvent();
} finally {
Time.setOffset(0);
}
}
} }

4
testsuite/integration/src/test/java/org/keycloak/testsuite/forms/LoginTotpTest.java
View file

@ -164,9 +164,9 @@ public class LoginTotpTest {
loginTotpPage.login(totp.generate("totpSecret")); loginTotpPage.login(totp.generate("totpSecret"));
loginPage.assertCurrent(); loginPage.assertCurrent();
Assert.assertEquals("Invalid username or password.", loginPage.getError()); Assert.assertEquals("Login timeout or unknown action. Please login again", loginPage.getError());
AssertEvents.ExpectedEvent expectedEvent = events.expectLogin().error("invalid_code") AssertEvents.ExpectedEvent expectedEvent = events.expectLogin().error("expired_code")
.user((String)null) .user((String)null)
.clearDetails() .clearDetails()
.session((String) null); .session((String) null);