KEYCLOAK-13566 ValidateUsername should raise USER_NOT_FOUND event if the user lookup fails

This commit is contained in:
Thomas Darimont 2020-03-25 16:51:22 +01:00 committed by Marek Posolda
parent cbab159aa8
commit f9f71039ae
2 changed files with 2 additions and 2 deletions

View file

@ -69,7 +69,7 @@ public class ValidateUsername extends AbstractDirectGrantAuthenticator {
if (user == null) { if (user == null) {
context.getEvent().error(Errors.INVALID_USER_CREDENTIALS); context.getEvent().error(Errors.USER_NOT_FOUND);
Response challengeResponse = errorResponse(Response.Status.UNAUTHORIZED.getStatusCode(), "invalid_grant", "Invalid user credentials"); Response challengeResponse = errorResponse(Response.Status.UNAUTHORIZED.getStatusCode(), "invalid_grant", "Invalid user credentials");
context.failure(AuthenticationFlowError.INVALID_USER, challengeResponse); context.failure(AuthenticationFlowError.INVALID_USER, challengeResponse);
return; return;

View file

@ -600,7 +600,7 @@ public class ResourceOwnerPasswordCredentialsGrantTest extends AbstractKeycloakT
.removeDetail(Details.CODE_ID) .removeDetail(Details.CODE_ID)
.removeDetail(Details.REDIRECT_URI) .removeDetail(Details.REDIRECT_URI)
.removeDetail(Details.CONSENT) .removeDetail(Details.CONSENT)
.error(Errors.INVALID_USER_CREDENTIALS) .error(Errors.USER_NOT_FOUND)
.assertEvent(); .assertEvent();
} }