diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetCredentialChooseUser.java b/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetCredentialChooseUser.java
index 19edea6..46097a0 100755
--- a/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetCredentialChooseUser.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetCredentialChooseUser.java
@@ -80,6 +80,8 @@ public class ResetCredentialChooseUser implements Authenticator, AuthenticatorFa
context.failureChallenge(AuthenticationFlowError.INVALID_USER, challenge);
return;
}
+
+ username = username.trim();
RealmModel realm = context.getRealm();
UserModel user = context.getSession().users().getUserByUsername(username, realm);
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java
index e23d51e..8ecfa13 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java
@@ -178,6 +178,11 @@ public class ResetPasswordTest extends AbstractTestRealmKeycloakTest {
}
@Test
+ public void resetPasswordWithSpacesInUsername() throws IOException, MessagingException {
+ resetPassword(" login-test ");
+ }
+
+ @Test
public void resetPasswordCancelChangeUser() throws IOException, MessagingException {
loginPage.open();
loginPage.resetPassword();
@@ -224,7 +229,7 @@ public class ResetPasswordTest extends AbstractTestRealmKeycloakTest {
events.expectRequiredAction(EventType.SEND_RESET_PASSWORD)
.user(userId)
- .detail(Details.USERNAME, username)
+ .detail(Details.USERNAME, username.trim())
.detail(Details.EMAIL, "login@test.com")
.session((String)null)
.assertEvent();
@@ -241,11 +246,11 @@ public class ResetPasswordTest extends AbstractTestRealmKeycloakTest {
updatePasswordPage.changePassword("resetPassword", "resetPassword");
- String sessionId = events.expectRequiredAction(EventType.UPDATE_PASSWORD).user(userId).detail(Details.USERNAME, username).assertEvent().getSessionId();
+ String sessionId = events.expectRequiredAction(EventType.UPDATE_PASSWORD).user(userId).detail(Details.USERNAME, username.trim()).assertEvent().getSessionId();
assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
- events.expectLogin().user(userId).detail(Details.USERNAME, username).session(sessionId).assertEvent();
+ events.expectLogin().user(userId).detail(Details.USERNAME, username.trim()).session(sessionId).assertEvent();
oauth.openLogout();
