keycloak-memoizeit
Changes
services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java 2(+2 -0)
Details
diff --git a/forms/common-themes/src/main/resources/theme/base/login/validate-reset-email.ftl b/forms/common-themes/src/main/resources/theme/base/login/validate-reset-email.ftl
index 5217b04..eb23517 100755
--- a/forms/common-themes/src/main/resources/theme/base/login/validate-reset-email.ftl
+++ b/forms/common-themes/src/main/resources/theme/base/login/validate-reset-email.ftl
@@ -16,9 +16,12 @@
</div>
<div class="${properties.kcFormGroupClass!}">
+ <div id="kc-form-options" class="${properties.kcFormOptionsClass!}">
+
+ </div>
<div id="kc-form-buttons" class="${properties.kcFormButtonsClass!}">
- <input class="${properties.kcButtonClass!} ${properties.kcButtonPrimaryClass!} ${properties.kcButtonLargeClass!}" name="login" id="kc-submit" type="submit" value="${msg("doLogIn")}"/>
- <input class="${properties.kcButtonClass!} ${properties.kcButtonDefaultClass!} ${properties.kcButtonLargeClass!}" name="cancel" id="kc-cancel" type="submit" value="${msg("doCancel")}"/>
+ <input class="${properties.kcButtonClass!} ${properties.kcButtonPrimaryClass!} ${properties.kcButtonLargeClass!}" name="login" id="kc-submit" type="submit" value="${msg("doSubmit")}"/>
+ <input class="${properties.kcButtonClass!} ${properties.kcButtonDefaultClass!} ${properties.kcButtonLargeClass!}" name="cancel" id="kc-cancel" type="submit" value="${msg("backToLogin")}"/>
</div>
</div>
</form>
diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java b/services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java
index 062d0ba..1979eb8 100755
--- a/services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java
@@ -137,6 +137,7 @@ public abstract class AbstractUsernameFormAuthenticator extends AbstractFormAuth
if (context.getUser() != null) {
context.getEvent().user(context.getUser());
}
+ logger.info("null password");
context.getEvent().error(Errors.INVALID_USER_CREDENTIALS);
Response challengeResponse = invalidCredentials(context);
context.failureChallenge(AuthenticationFlowError.INVALID_CREDENTIALS, challengeResponse);
@@ -145,6 +146,7 @@ public abstract class AbstractUsernameFormAuthenticator extends AbstractFormAuth
credentials.add(UserCredentialModel.password(password));
boolean valid = context.getSession().users().validCredentials(context.getRealm(), context.getUser(), credentials);
if (!valid) {
+ logger.info("bad password:" + password);
context.getEvent().user(context.getUser());
context.getEvent().error(Errors.INVALID_USER_CREDENTIALS);
Response challengeResponse = invalidCredentials(context);
diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/browser/UsernamePasswordForm.java b/services/src/main/java/org/keycloak/authentication/authenticators/browser/UsernamePasswordForm.java
index e8490ea..70d9fd9 100755
--- a/services/src/main/java/org/keycloak/authentication/authenticators/browser/UsernamePasswordForm.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/browser/UsernamePasswordForm.java
@@ -1,5 +1,6 @@
package org.keycloak.authentication.authenticators.browser;
+import org.jboss.logging.Logger;
import org.jboss.resteasy.specimpl.MultivaluedMapImpl;
import org.keycloak.authentication.AuthenticationFlowContext;
import org.keycloak.authentication.AuthenticationProcessor;
@@ -21,8 +22,9 @@ import javax.ws.rs.core.Response;
* @version $Revision: 1 $
*/
public class UsernamePasswordForm extends AbstractUsernameFormAuthenticator implements Authenticator {
+ protected static Logger logger = Logger.getLogger(UsernamePasswordForm.class);
- @Override
+ @Override
public void action(AuthenticationFlowContext context) {
MultivaluedMap<String, String> formData = context.getHttpRequest().getDecodedFormParameters();
if (formData.containsKey("cancel")) {
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java
index d8ae5fe..c8e8e4c 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java
@@ -21,6 +21,7 @@
*/
package org.keycloak.testsuite.forms;
+import org.junit.Before;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
@@ -58,6 +59,8 @@ import javax.mail.internet.MimeMessage;
import java.io.IOException;
import java.util.Collections;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
import static org.junit.Assert.*;
@@ -125,6 +128,21 @@ public class ResetPasswordTest {
@Rule
public AssertEvents events = new AssertEvents(keycloakRule);
+ @Before
+ public void resetPasswordToOriginal() {
+ keycloakRule.configure(new KeycloakRule.KeycloakSetup() {
+ @Override
+ public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
+ UserModel user = session.users().getUserByUsername("login-test", appRealm);
+ UserCredentialModel creds = new UserCredentialModel();
+ creds.setType(CredentialRepresentation.PASSWORD);
+ creds.setValue("password");
+
+ user.updateCredential(creds);
+ }
+ });
+ }
+
@Test
public void resetPassword() throws IOException, MessagingException {
resetPassword("login-test");
@@ -151,6 +169,11 @@ public class ResetPasswordTest {
loginPage.login("login-test", "password");
+ String currentUrl = driver.getCurrentUrl();
+ String src = driver.getPageSource();
+
+ System.out.println("currentUrl: " + currentUrl);
+
events.expectLogin().user(userId).detail(Details.USERNAME, "login-test").assertEvent();
assertEquals(1, greenMail.getReceivedMessages().length);
@@ -381,7 +404,7 @@ public class ResetPasswordTest {
String changePasswordUrl = getPasswordResetEmailLink(message);
- Time.setOffset(1800+23);
+ Time.setOffset(1800 + 23);
driver.navigate().to(changePasswordUrl.trim());
@@ -603,6 +626,81 @@ public class ResetPasswordTest {
}
}
+ @Test
+ public void resetPasswordByCode() throws IOException, MessagingException {
+ try {
+ String username = "login@test.com";
+ loginPage.open();
+ loginPage.resetPassword();
+
+ resetPasswordPage.assertCurrent();
+
+ resetPasswordPage.changePassword(username);
+
+ validateResetPage.assertCurrent();
+
+ events.expectRequiredAction(EventType.SEND_RESET_PASSWORD)
+ .user(userId)
+ .detail(Details.USERNAME, username)
+ .detail(Details.EMAIL, "login@test.com")
+ .session((String) null)
+ .assertEvent();
+
+ assertEquals("You should receive an email shortly with further instructions.", resetPasswordPage.getSuccessMessage());
+
+ assertEquals(1, greenMail.getReceivedMessages().length);
+
+ MimeMessage message = greenMail.getReceivedMessages()[0];
+
+ String code = getTemporaryCode(message);
+
+ validateResetPage.submitCode(code);
+
+ updatePasswordPage.assertCurrent();
+
+ updatePasswordPage.changePassword("resetPassword", "resetPassword");
+
+ String sessionId = events.expectRequiredAction(EventType.UPDATE_PASSWORD).user(userId).detail(Details.USERNAME, username).assertEvent().getSessionId();
+
+ assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
+
+ events.expectLogin().user(userId).detail(Details.USERNAME, username).session(sessionId).assertEvent();
+
+ oauth.openLogout();
+
+ events.expectLogout(sessionId).user(userId).session(sessionId).assertEvent();
+
+ loginPage.open();
+
+ loginPage.login("login-test", "resetPassword");
+
+ events.expectLogin().user(userId).detail(Details.USERNAME, "login-test").assertEvent();
+
+ assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
+
+ } finally {
+
+ }
+ }
+
+
+ private String getTemporaryCode(MimeMessage message) throws IOException, MessagingException {
+ Multipart multipart = (Multipart) message.getContent();
+
+ final String textContentType = multipart.getBodyPart(0).getContentType();
+
+ assertEquals("text/plain; charset=UTF-8", textContentType);
+
+ final String textBody = (String) multipart.getBodyPart(0).getContent();
+ Pattern pattern = Pattern.compile("Temporary Code: ([^\\s]*)");
+ Matcher matcher = pattern.matcher(textBody);
+ if (matcher.find()) {
+ return matcher.group(1);
+ }
+ return null;
+ }
+
+
private String getPasswordResetEmailLink(MimeMessage message) throws IOException, MessagingException {
Multipart multipart = (Multipart) message.getContent();