KEYCLOAK-4116 Trim username on recover password page
This commit is contained in:
parent
d217b23719
commit
f2ee9df600
2 changed files with 10 additions and 3 deletions
|
@ -80,6 +80,8 @@ public class ResetCredentialChooseUser implements Authenticator, AuthenticatorFa
|
|||
context.failureChallenge(AuthenticationFlowError.INVALID_USER, challenge);
|
||||
return;
|
||||
}
|
||||
|
||||
username = username.trim();
|
||||
|
||||
RealmModel realm = context.getRealm();
|
||||
UserModel user = context.getSession().users().getUserByUsername(username, realm);
|
||||
|
|
|
@ -177,6 +177,11 @@ public class ResetPasswordTest extends AbstractTestRealmKeycloakTest {
|
|||
resetPassword("login-test");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void resetPasswordWithSpacesInUsername() throws IOException, MessagingException {
|
||||
resetPassword(" login-test ");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void resetPasswordCancelChangeUser() throws IOException, MessagingException {
|
||||
loginPage.open();
|
||||
|
@ -224,7 +229,7 @@ public class ResetPasswordTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
events.expectRequiredAction(EventType.SEND_RESET_PASSWORD)
|
||||
.user(userId)
|
||||
.detail(Details.USERNAME, username)
|
||||
.detail(Details.USERNAME, username.trim())
|
||||
.detail(Details.EMAIL, "login@test.com")
|
||||
.session((String)null)
|
||||
.assertEvent();
|
||||
|
@ -241,11 +246,11 @@ public class ResetPasswordTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
updatePasswordPage.changePassword("resetPassword", "resetPassword");
|
||||
|
||||
String sessionId = events.expectRequiredAction(EventType.UPDATE_PASSWORD).user(userId).detail(Details.USERNAME, username).assertEvent().getSessionId();
|
||||
String sessionId = events.expectRequiredAction(EventType.UPDATE_PASSWORD).user(userId).detail(Details.USERNAME, username.trim()).assertEvent().getSessionId();
|
||||
|
||||
assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
|
||||
|
||||
events.expectLogin().user(userId).detail(Details.USERNAME, username).session(sessionId).assertEvent();
|
||||
events.expectLogin().user(userId).detail(Details.USERNAME, username.trim()).session(sessionId).assertEvent();
|
||||
|
||||
oauth.openLogout();
|
||||
|
||||
|
|
Loading…
Reference in a new issue