libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KEYCLOAK-13566 ValidateUsername should raise USER_NOT_FOUND event if the user lookup fails

Browse source
This commit is contained in:
Thomas Darimont 2020-03-25 16:51:22 +01:00 committed by Marek Posolda
parent cbab159aa8
commit f9f71039ae
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
services/src/main/java/org/keycloak/authentication/authenticators/directgrant/ValidateUsername.java
View file

@ -69,7 +69,7 @@ public class ValidateUsername extends AbstractDirectGrantAuthenticator {
if (user == null) { if (user == null) {
context.getEvent().error(Errors.INVALID_USER_CREDENTIALS); context.getEvent().error(Errors.USER_NOT_FOUND);
Response challengeResponse = errorResponse(Response.Status.UNAUTHORIZED.getStatusCode(), "invalid_grant", "Invalid user credentials"); Response challengeResponse = errorResponse(Response.Status.UNAUTHORIZED.getStatusCode(), "invalid_grant", "Invalid user credentials");
context.failure(AuthenticationFlowError.INVALID_USER, challengeResponse); context.failure(AuthenticationFlowError.INVALID_USER, challengeResponse);
return; return;

2
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ResourceOwnerPasswordCredentialsGrantTest.java
View file

@ -600,7 +600,7 @@ public class ResourceOwnerPasswordCredentialsGrantTest extends AbstractKeycloakT
.removeDetail(Details.CODE_ID) .removeDetail(Details.CODE_ID)
.removeDetail(Details.REDIRECT_URI) .removeDetail(Details.REDIRECT_URI)
.removeDetail(Details.CONSENT) .removeDetail(Details.CONSENT)
.error(Errors.INVALID_USER_CREDENTIALS) .error(Errors.USER_NOT_FOUND)
.assertEvent(); .assertEvent();
} }