Prosoft Git

keycloak-uncached

Merge pull request #1142 from stianst/master Improvements

4/15/2015 7:57:42 AM
Stian Thorgersen

Stian Thorgersen

Commit: a19a3f4

Tree: ad8d9e4

Parents: 29ea24c
3f32732

Changes

forms/common-themes/src/main/resources/theme/base/account/messages/messages_de.properties 2(+1 -1)

forms/common-themes/src/main/resources/theme/base/account/messages/messages_en.properties 2(+1 -1)

forms/common-themes/src/main/resources/theme/base/account/messages/messages_pt_BR.properties 2(+1 -1)

forms/common-themes/src/main/resources/theme/base/login/messages/messages_de.properties 2(+1 -1)

forms/common-themes/src/main/resources/theme/base/login/messages/messages_en.properties 2(+1 -1)

forms/common-themes/src/main/resources/theme/base/login/messages/messages_pt_BR.properties 2(+1 -1)

model/api/src/main/java/org/keycloak/models/PasswordPolicy.java 4(+2 -2)

testsuite/integration/src/test/java/org/keycloak/testsuite/account/AccountTest.java 8(+4 -4)

testsuite/integration/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java 82(+39 -43)

testsuite/integration/src/test/java/org/keycloak/testsuite/pages/LoginPasswordUpdatePage.java 7(+7 -0)

Details

forms/common-themes/src/main/resources/theme/base/account/messages/messages_de.properties 2(+1 -1) 

diff --git a/forms/common-themes/src/main/resources/theme/base/account/messages/messages_de.properties b/forms/common-themes/src/main/resources/theme/base/account/messages/messages_de.properties
index 3dbc156..27902dd 100644
--- a/forms/common-themes/src/main/resources/theme/base/account/messages/messages_de.properties
+++ b/forms/common-themes/src/main/resources/theme/base/account/messages/messages_de.properties
@@ -96,7 +96,7 @@ invalidPasswordMinUpperCaseCharsMessage=Ung\u00FCltiges Passwort\: muss mindeste
 invalidPasswordMinSpecialCharsMessage=Ung\u00FCltiges Passwort\: muss mindestens {0} Spezialzeichen beinhalten.
 invalidPasswordNotUsernameMessage=Ung\u00FCltiges Passwort\: darf nicht gleich sein wie Benutzername.
 invalidPasswordRegexPatternMessage=Ung\u00FCltiges Passwort\: nicht Regex-Muster (n) entsprechen.
-invalidPasswordHistoryMessage=Ung\u00FCltiges Passwort {0}: darf nicht gleich einem der letzten Passwortgeschichte.
+invalidPasswordHistoryMessage=Ung\u00FCltiges Passwort: darf nicht gleich einem der letzten {0} Passwortgeschichte.
 
 locale_de=Deutsch
 locale_en=Englisch

forms/common-themes/src/main/resources/theme/base/account/messages/messages_en.properties 2(+1 -1) 

diff --git a/forms/common-themes/src/main/resources/theme/base/account/messages/messages_en.properties b/forms/common-themes/src/main/resources/theme/base/account/messages/messages_en.properties
index 248f2ad..713904b 100755
--- a/forms/common-themes/src/main/resources/theme/base/account/messages/messages_en.properties
+++ b/forms/common-themes/src/main/resources/theme/base/account/messages/messages_en.properties
@@ -95,7 +95,7 @@ invalidPasswordMinUpperCaseCharsMessage=Invalid password: must contain at least 
 invalidPasswordMinSpecialCharsMessage=Invalid password: must contain at least {0} special characters.
 invalidPasswordNotUsernameMessage=Invalid password: must not be equal to the username.
 invalidPasswordRegexPatternMessage=Invalid password: fails to match regex pattern(s).
-invalidPasswordHistoryMessage=Invalid password {0}: must not be equal to any of last password history.
+invalidPasswordHistoryMessage=Invalid password: must not be equal to any of last {0} passwords.
 
 locale_de=German
 locale_en=English

forms/common-themes/src/main/resources/theme/base/account/messages/messages_pt_BR.properties 2(+1 -1) 

diff --git a/forms/common-themes/src/main/resources/theme/base/account/messages/messages_pt_BR.properties b/forms/common-themes/src/main/resources/theme/base/account/messages/messages_pt_BR.properties
index 5e38774..52e0f4d 100644
--- a/forms/common-themes/src/main/resources/theme/base/account/messages/messages_pt_BR.properties
+++ b/forms/common-themes/src/main/resources/theme/base/account/messages/messages_pt_BR.properties
@@ -96,7 +96,7 @@ invalidPasswordMinUpperCaseCharsMessage=Senha inv\u00E1lida\: deve conter pelo m
 invalidPasswordMinSpecialCharsMessage=Senha inv\u00E1lida\: deve conter pelo menos {0} caracteres especiais
 invalidPasswordNotUsernameMessage=Senha inv\u00E1lida\: n\u00E3o deve ser igual ao nome de usu\u00E1rio
 invalidPasswordRegexPatternMessage=Senha inv\u00E1lida\: n\u00E3o correspondem ao padr\u00E3o regex(s).
-invalidPasswordHistoryMessage=Senha inv\u00E1lida {0}\: n\u00E3o deve ser igual a qualquer uma \u00FAltima hist\u00F3ria senha.
+invalidPasswordHistoryMessage=Senha inv\u00E1lida\: n\u00E3o deve ser igual a qualquer uma {0} \u00FAltima hist\u00F3ria senha.
 
 locale_de=Deutsch
 locale_en=English

forms/common-themes/src/main/resources/theme/base/login/messages/messages_de.properties 2(+1 -1) 

diff --git a/forms/common-themes/src/main/resources/theme/base/login/messages/messages_de.properties b/forms/common-themes/src/main/resources/theme/base/login/messages/messages_de.properties
index 3ed399d..9de1c21 100644
--- a/forms/common-themes/src/main/resources/theme/base/login/messages/messages_de.properties
+++ b/forms/common-themes/src/main/resources/theme/base/login/messages/messages_de.properties
@@ -132,7 +132,7 @@ invalidPasswordMinUpperCaseCharsMessage=Ung\u00FCltiges Passwort\: muss mindeste
 invalidPasswordMinSpecialCharsMessage=Ung\u00FCltiges Passwort\: muss mindestens {0} Spezialzeichen beinhalten.
 invalidPasswordNotUsernameMessage=Ung\u00FCltiges Passwort\: darf nicht gleich sein wie Benutzername.
 invalidPasswordRegexPatternMessage=Ung\u00FCltiges Passwort\: nicht Regex-Muster (n) entsprechen.
-invalidPasswordHistoryMessage=Ung\u00FCltiges Passwort {0}\: darf nicht gleich einem der letzten Passwortgeschichte.
+invalidPasswordHistoryMessage=Ung\u00FCltiges Passwort\: darf nicht gleich einem der letzten {0} Passwortgeschichte.
 
 failedToProcessResponseMessage=Konnte Response nicht verarbeiten.
 httpsRequiredMessage=HTTPS erforderlich.

forms/common-themes/src/main/resources/theme/base/login/messages/messages_en.properties 2(+1 -1) 

diff --git a/forms/common-themes/src/main/resources/theme/base/login/messages/messages_en.properties b/forms/common-themes/src/main/resources/theme/base/login/messages/messages_en.properties
index ea61f5f..6d34f4e 100755
--- a/forms/common-themes/src/main/resources/theme/base/login/messages/messages_en.properties
+++ b/forms/common-themes/src/main/resources/theme/base/login/messages/messages_en.properties
@@ -129,7 +129,7 @@ invalidPasswordMinUpperCaseCharsMessage=Invalid password: must contain at least 
 invalidPasswordMinSpecialCharsMessage=Invalid password: must contain at least {0} special characters.
 invalidPasswordNotUsernameMessage=Invalid password: must not be equal to the username.
 invalidPasswordRegexPatternMessage=Invalid password: fails to match regex pattern(s).
-invalidPasswordHistoryMessage=Invalid password {0}: must not be equal to any of last password history.
+invalidPasswordHistoryMessage=Invalid password: must not be equal to any of last {0} passwords.
 
 failedToProcessResponseMessage=Failed to process response
 httpsRequiredMessage=HTTPS required

forms/common-themes/src/main/resources/theme/base/login/messages/messages_pt_BR.properties 2(+1 -1) 

diff --git a/forms/common-themes/src/main/resources/theme/base/login/messages/messages_pt_BR.properties b/forms/common-themes/src/main/resources/theme/base/login/messages/messages_pt_BR.properties
index e011159..e33f5aa 100644
--- a/forms/common-themes/src/main/resources/theme/base/login/messages/messages_pt_BR.properties
+++ b/forms/common-themes/src/main/resources/theme/base/login/messages/messages_pt_BR.properties
@@ -129,7 +129,7 @@ invalidPasswordMinUpperCaseCharsMessage=Senha inv\u00E1lida\: deve conter pelo m
 invalidPasswordMinSpecialCharsMessage=Senha inv\u00E1lida\: deve conter pelo menos {0} caracteres especiais
 invalidPasswordNotUsernameMessage=Senha inv\u00E1lida\: n\u00E3o deve ser igual ao nome de usu\u00E1rio
 invalidPasswordRegexPatternMessage=Senha inv\u00E1lida\: n\u00E3o correspondem ao padr\u00E3o regex(s).
-invalidPasswordHistoryMessage=Senha inv\u00E1lida {0}\: n\u00E3o deve ser igual a qualquer uma \u00FAltima hist\u00F3ria senha.
+invalidPasswordHistoryMessage=Senha inv\u00E1lida\: n\u00E3o deve ser igual a qualquer uma {0} \u00FAltima hist\u00F3ria senha.
 
 failedToProcessResponseMessage=Falha ao processar a resposta
 httpsRequiredMessage=HTTPS requerido

model/api/src/main/java/org/keycloak/models/PasswordPolicy.java 4(+2 -2) 

diff --git a/model/api/src/main/java/org/keycloak/models/PasswordPolicy.java b/model/api/src/main/java/org/keycloak/models/PasswordPolicy.java
index a47aa9b..59d2877 100755
--- a/model/api/src/main/java/org/keycloak/models/PasswordPolicy.java
+++ b/model/api/src/main/java/org/keycloak/models/PasswordPolicy.java
@@ -365,7 +365,7 @@ public class PasswordPolicy {
                 UserCredentialValueModel cred = getCredentialValueModel(user, UserCredentialModel.PASSWORD);
                 if (cred != null) {
                     if(new Pbkdf2PasswordEncoder(cred.getSalt()).verify(password, cred.getValue(), cred.getHashIterations())) {
-                        return new Error(INVALID_PASSWORD_HISTORY, password);
+                        return new Error(INVALID_PASSWORD_HISTORY, passwordHistoryPolicyValue);
                     }
                 }
 
@@ -373,7 +373,7 @@ public class PasswordPolicy {
                         UserCredentialModel.PASSWORD_HISTORY);
                 for (UserCredentialValueModel credential : passwordExpiredCredentials) {
                     if (new Pbkdf2PasswordEncoder(credential.getSalt()).verify(password, credential.getValue(), credential.getHashIterations())) {
-                        return new Error(INVALID_PASSWORD_HISTORY, password);
+                        return new Error(INVALID_PASSWORD_HISTORY, passwordHistoryPolicyValue);
                     }
                 }
             }

testsuite/integration/src/test/java/org/keycloak/testsuite/account/AccountTest.java 8(+4 -4) 

diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/account/AccountTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/account/AccountTest.java
index 77a4687..91ced7f 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/account/AccountTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/account/AccountTest.java
@@ -280,7 +280,7 @@ public class AccountTest {
 
             changePasswordPage.changePassword("password", "password", "password");
 
-            Assert.assertEquals("Invalid password password: must not be equal to any of last password history.", profilePage.getError());
+            Assert.assertEquals("Invalid password: must not be equal to any of last 2 passwords.", profilePage.getError());
 
             changePasswordPage.changePassword("password", "password1", "password1");
 
@@ -290,11 +290,11 @@ public class AccountTest {
             
             changePasswordPage.changePassword("password1", "password", "password");
 
-            Assert.assertEquals("Invalid password password: must not be equal to any of last password history.", profilePage.getError());
-            
+            Assert.assertEquals("Invalid password: must not be equal to any of last 2 passwords.", profilePage.getError());
+
             changePasswordPage.changePassword("password1", "password1", "password1");
 
-            Assert.assertEquals("Invalid password password1: must not be equal to any of last password history.", profilePage.getError());
+            Assert.assertEquals("Invalid password: must not be equal to any of last 2 passwords.", profilePage.getError());
             
             changePasswordPage.changePassword("password1", "password2", "password2");

testsuite/integration/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java 82(+39 -43) 

diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java
index fb2a3fe..f4e2c93 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java
@@ -277,6 +277,36 @@ public class ResetPasswordTest {
         events.expectLogout(sessionId).user(userId).session(sessionId).assertEvent();
     }
 
+    private void resetPasswordInvalidPassword(String username, String password, String error) throws IOException, MessagingException {
+        loginPage.open();
+        loginPage.resetPassword();
+
+        resetPasswordPage.assertCurrent();
+
+        resetPasswordPage.changePassword(username);
+
+        resetPasswordPage.assertCurrent();
+
+        events.expectRequiredAction(EventType.SEND_RESET_PASSWORD).user(userId)
+                .detail(Details.USERNAME, username).detail(Details.EMAIL, "login@test.com").assertEvent().getSessionId();
+
+        assertEquals("You should receive an email shortly with further instructions.", resetPasswordPage.getSuccessMessage());
+
+        MimeMessage message = greenMail.getReceivedMessages()[greenMail.getReceivedMessages().length - 1];
+
+        String body = (String) message.getContent();
+        String changePasswordUrl = MailUtil.getLink(body);
+
+        driver.navigate().to(changePasswordUrl.trim());
+
+        updatePasswordPage.assertCurrent();
+
+        updatePasswordPage.changePassword(password, password);
+
+        assertTrue(updatePasswordPage.isCurrent());
+        assertEquals(error, updatePasswordPage.getError());
+    }
+
     @Test
     public void resetPasswordWrongEmail() throws IOException, MessagingException, InterruptedException {
         loginPage.open();
@@ -508,53 +538,19 @@ public class ResetPasswordTest {
             }
         });
         
-        // try-catch blocks have been commented out to reduce execution time for this test case(30s->15s).
-        // TODO : Comment out any other piece of code, if applicable, in order to reduce execution time.
-
         resetPassword("login-test", "password1");
-        /*try {
-            resetPassword("login-test", "password1");
-            fail("Expected NullPointerException: Block passwords that are equal to previous passwords.");
-        } catch (Exception e) {
-            // Expected NPE as "password1" matches with password history
-        }*/
-        
+        resetPasswordInvalidPassword("login-test", "password1", "Invalid password: must not be equal to any of last 3 passwords.");
+
         resetPassword("login-test", "password2");
-        /*try {
-            resetPassword("login-test", "password1");
-            fail("Expected NullPointerException: Block passwords that are equal to previous passwords.");
-        } catch (Exception e) {
-            // Expected NPE as "password1" matches with password history
-        }
-        try {
-            resetPassword("login-test", "password2");
-            fail("Expected NullPointerException: Block passwords that are equal to previous passwords.");
-        } catch (Exception e) {
-            // Expected NPE as "password2" matches with password history
-        }*/
-        
+        resetPasswordInvalidPassword("login-test", "password1", "Invalid password: must not be equal to any of last 3 passwords.");
+        resetPasswordInvalidPassword("login-test", "password2", "Invalid password: must not be equal to any of last 3 passwords.");
+
         resetPassword("login-test", "password3");
-        try {
-            resetPassword("login-test", "password1");
-            fail("Expected NullPointerException: Block passwords that are equal to previous passwords.");
-        } catch (Exception e) {
-            // Expected NPE as "password1" matches with password history
-        }
-        try {
-            resetPassword("login-test", "password2");
-            fail("Expected NullPointerException: Block passwords that are equal to previous passwords.");
-        } catch (Exception e) {
-            // Expected NPE as "password2" matches with password history
-        }
-        try {
-            resetPassword("login-test", "password3");
-            fail("Expected NullPointerException: Block passwords that are equal to previous passwords.");
-        } catch (Exception e) {
-            // Expected NPE as "password3" matches with password history
-        }
-        
-        resetPassword("login-test", "password");
+        resetPasswordInvalidPassword("login-test", "password1", "Invalid password: must not be equal to any of last 3 passwords.");
+        resetPasswordInvalidPassword("login-test", "password2", "Invalid password: must not be equal to any of last 3 passwords.");
+        resetPasswordInvalidPassword("login-test", "password3", "Invalid password: must not be equal to any of last 3 passwords.");
 
+        resetPassword("login-test", "password");
     }
 
     @Test

testsuite/integration/src/test/java/org/keycloak/testsuite/pages/LoginPasswordUpdatePage.java 7(+7 -0) 

diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/pages/LoginPasswordUpdatePage.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/pages/LoginPasswordUpdatePage.java
index be5df8c..d8adea4 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/pages/LoginPasswordUpdatePage.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/pages/LoginPasswordUpdatePage.java
@@ -38,6 +38,9 @@ public class LoginPasswordUpdatePage extends AbstractPage {
     @FindBy(css = "input[type=\"submit\"]")
     private WebElement submitButton;
 
+    @FindBy(className = "feedback-error")
+    private WebElement loginErrorMessage;
+
     public void changePassword(String newPassword, String passwordConfirm) {
         newPasswordInput.sendKeys(newPassword);
         passwordConfirmInput.sendKeys(passwordConfirm);
@@ -53,4 +56,8 @@ public class LoginPasswordUpdatePage extends AbstractPage {
         throw new UnsupportedOperationException();
     }
 
+    public String getError() {
+        return loginErrorMessage != null ? loginErrorMessage.getText() : null;
+    }
+
 }

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github