Prosoft Git

keycloak-memoizeit

KEYCLOAK-3096 Remove leading/trailing spaces from login

7/8/2016 3:35:05 PM
Martin Kanis

Martin Kanis

Commit: c67d834

Tree: f4b2ec7

Parents: 8bdfd57

Changes

services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java 4(+4 -0)

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java 22(+22 -0)

Details

services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java 4(+4 -0) 

diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java b/services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java
index 5046534..ad4bb0b 100755
--- a/services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java
@@ -119,6 +119,10 @@ public abstract class AbstractUsernameFormAuthenticator extends AbstractFormAuth
             context.failureChallenge(AuthenticationFlowError.INVALID_USER, challengeResponse);
             return false;
         }
+
+        // remove leading and trailing whitespace
+        username = username.trim();
+
         context.getEvent().detail(Details.USERNAME, username);
         context.getClientSession().setNote(AbstractUsernameFormAuthenticator.ATTEMPTED_USERNAME, username);

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java 22(+22 -0) 

diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java
index ae84f89..f3ed5f6 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java
@@ -306,6 +306,28 @@ public class LoginTest extends TestRealmKeycloakTest {
     }
 
     @Test
+    public void loginWithWhitespaceSuccess() {
+        loginPage.open();
+        loginPage.login(" login-test \t ", "password");
+
+        Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
+        Assert.assertNotNull(oauth.getCurrentQuery().get(OAuth2Constants.CODE));
+
+        events.expectLogin().user(userId).detail(Details.USERNAME, "login-test").assertEvent();
+    }
+
+    @Test
+    public void loginWithEmailWhitespaceSuccess() {
+        loginPage.open();
+        loginPage.login("    login@test.com    ", "password");
+
+        Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
+        Assert.assertNotNull(oauth.getCurrentQuery().get(OAuth2Constants.CODE));
+
+        events.expectLogin().user(userId).assertEvent();
+    }
+
+    @Test
     public void loginPromptNone() {
         driver.navigate().to(oauth.getLoginFormUrl().toString() + "&prompt=none");

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github