diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java
index 0be38da..4df22ec 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java
@@ -52,6 +52,7 @@ import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.ModelToRepresentation;
+import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
import org.keycloak.protocol.oidc.utils.RedirectUtils;
import org.keycloak.provider.ProviderFactory;
@@ -169,6 +170,7 @@ public class UserResource {
}
updateUserFromRep(user, rep, attrsToRemove, realm, session, true);
+ RepresentationToModel.createCredentials(rep, session, realm, user, true);
adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success();
if (session.getTransactionManager().isActive()) {
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserTest.java
index cb8b6b3..2ea2122 100755
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserTest.java
@@ -1219,7 +1219,45 @@ public class UserTest extends AbstractAdminTest {
switchEditUsernameAllowedOn(false);
}
}
-
+
+ @Test
+ public void updateUserWithRawCredentials() {
+ UserRepresentation user = new UserRepresentation();
+ user.setUsername("user_rawpw");
+ user.setEmail("email.raw@localhost");
+
+ CredentialRepresentation rawPassword = new CredentialRepresentation();
+ rawPassword.setValue("ABCD");
+ rawPassword.setType(CredentialRepresentation.PASSWORD);
+ user.setCredentials(Arrays.asList(rawPassword));
+
+ String id = createUser(user);
+
+ CredentialModel credential = fetchCredentials("user_rawpw");
+ assertNotNull("Expecting credential", credential);
+ assertEquals(PasswordPolicy.HASH_ALGORITHM_DEFAULT, credential.getAlgorithm());
+ assertEquals(PasswordPolicy.HASH_ITERATIONS_DEFAULT, credential.getHashIterations());
+ assertNotEquals("ABCD", credential.getValue());
+ assertEquals(CredentialRepresentation.PASSWORD, credential.getType());
+
+ UserResource userResource = realm.users().get(id);
+ UserRepresentation userRep = userResource.toRepresentation();
+
+ CredentialRepresentation rawPasswordForUpdate = new CredentialRepresentation();
+ rawPasswordForUpdate.setValue("EFGH");
+ rawPasswordForUpdate.setType(CredentialRepresentation.PASSWORD);
+ userRep.setCredentials(Arrays.asList(rawPasswordForUpdate));
+
+ updateUser(userResource, userRep);
+
+ CredentialModel updatedCredential = fetchCredentials("user_rawpw");
+ assertNotNull("Expecting credential", updatedCredential);
+ assertEquals(PasswordPolicy.HASH_ALGORITHM_DEFAULT, updatedCredential.getAlgorithm());
+ assertEquals(PasswordPolicy.HASH_ITERATIONS_DEFAULT, updatedCredential.getHashIterations());
+ assertNotEquals("EFGH", updatedCredential.getValue());
+ assertEquals(CredentialRepresentation.PASSWORD, updatedCredential.getType());
+ }
+
@Test
public void resetUserPassword() {
String userId = createUser("user1", "user1@localhost");
