Prosoft Git

keycloak-uncached

KEYCLOAK-541 Create session after resetting password through

6/27/2014 8:20:32 AM
Stian Thorgersen

Stian Thorgersen

Commit: 26eac39

Tree: 013ecfa

Parents: 93c896b

Changes

services/src/main/java/org/keycloak/services/resources/flows/OAuthFlows.java 1(+1 -0)

services/src/main/java/org/keycloak/services/resources/RequiredActionsService.java 12(+8 -4)

Details

services/src/main/java/org/keycloak/services/resources/flows/OAuthFlows.java 1(+1 -0) 

diff --git a/services/src/main/java/org/keycloak/services/resources/flows/OAuthFlows.java b/services/src/main/java/org/keycloak/services/resources/flows/OAuthFlows.java
index 6571037..9591e6f 100755
--- a/services/src/main/java/org/keycloak/services/resources/flows/OAuthFlows.java
+++ b/services/src/main/java/org/keycloak/services/resources/flows/OAuthFlows.java
@@ -42,6 +42,7 @@ import org.keycloak.representations.idm.CredentialRepresentation;
 import org.keycloak.services.managers.AccessCodeEntry;
 import org.keycloak.services.managers.AuthenticationManager;
 import org.keycloak.services.managers.TokenManager;
+import org.keycloak.services.util.CookieHelper;
 
 import javax.ws.rs.core.Cookie;
 import javax.ws.rs.core.MultivaluedMap;

services/src/main/java/org/keycloak/services/resources/RequiredActionsService.java 12(+8 -4) 

diff --git a/services/src/main/java/org/keycloak/services/resources/RequiredActionsService.java b/services/src/main/java/org/keycloak/services/resources/RequiredActionsService.java
index 0247410..269fa51 100755
--- a/services/src/main/java/org/keycloak/services/resources/RequiredActionsService.java
+++ b/services/src/main/java/org/keycloak/services/resources/RequiredActionsService.java
@@ -224,6 +224,13 @@ public class RequiredActionsService {
 
         audit.clone().event(EventType.UPDATE_PASSWORD).success();
 
+        // Password reset through email won't have an associated session
+        if (accessCode.getSessionState() == null) {
+            UserSessionModel userSession = realm.createUserSession(realm.getUserById(accessCode.getUser().getId()), clientConnection.getRemoteAddr());
+            accessCode.getToken().setSessionState(userSession.getId());
+            audit.session(userSession);
+        }
+
         return redirectOauth(user, accessCode);
     }
 
@@ -322,10 +329,7 @@ public class RequiredActionsService {
             Set<RequiredAction> requiredActions = new HashSet<RequiredAction>(user.getRequiredActions());
             requiredActions.add(RequiredAction.UPDATE_PASSWORD);
 
-            UserSessionModel session = realm.createUserSession(user, clientConnection.getRemoteAddr());
-            audit.session(session);
-
-            AccessCodeEntry accessCode = tokenManager.createAccessCode(scopeParam, state, redirect, realm, client, user, session);
+            AccessCodeEntry accessCode = tokenManager.createAccessCode(scopeParam, state, redirect, realm, client, user, null);
             accessCode.setRequiredActions(requiredActions);
             accessCode.setAuthMethod("form");
             accessCode.setUsernameUsed(username);

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github