From 7b8dcb42eabcbfe92332b034ef3ecaa57b30bf65 Mon Sep 17 00:00:00 2001 From: Daniele Martinoli <86618610+dmartinol@users.noreply.github.com> Date: Fri, 7 Jul 2023 15:27:16 +0200 Subject: [PATCH] Using "Account is disabled" message (and also added new test case) --- .../resources/LoginActionsServiceChecks.java | 2 +- .../testsuite/forms/ResetPasswordTest.java | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/services/src/main/java/org/keycloak/services/resources/LoginActionsServiceChecks.java b/services/src/main/java/org/keycloak/services/resources/LoginActionsServiceChecks.java index 8d2d98d75e0..f7fb1684926 100644 --- a/services/src/main/java/org/keycloak/services/resources/LoginActionsServiceChecks.java +++ b/services/src/main/java/org/keycloak/services/resources/LoginActionsServiceChecks.java @@ -153,7 +153,7 @@ public class LoginActionsServiceChecks { } if (! user.isEnabled()) { - throw new ExplainedVerificationException(Errors.USER_DISABLED, Messages.INVALID_USER); + throw new ExplainedVerificationException(Errors.USER_DISABLED, Messages.ACCOUNT_DISABLED); } if (userSetter != null) { diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java index c112223f423..6f82c4b4e34 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ResetPasswordTest.java @@ -958,6 +958,25 @@ public class ResetPasswordTest extends AbstractTestRealmKeycloakTest { events.expectLogin().user(userId).detail(Details.USERNAME, "login-test").assertEvent(); } + @Test + public void resetPasswordBeforeUserIsDisabled() throws IOException, MessagingException { + initiateResetPasswordFromResetPasswordPage("login-test"); + + assertEquals(1, greenMail.getReceivedMessages().length); + MimeMessage message = greenMail.getReceivedMessages()[0]; + String changePasswordUrl = MailUtils.getPasswordResetEmailLink(message); + events.expectRequiredAction(EventType.SEND_RESET_PASSWORD).session((String)null).user(userId).detail(Details.USERNAME, "login-test").detail(Details.EMAIL, "login@test.com").assertEvent(); + + UserRepresentation user = findUser("login-test"); + user.setEnabled(false); + updateUser(user); + + driver.navigate().to(changePasswordUrl.trim()); + + errorPage.assertCurrent(); + assertEquals("Account is disabled, contact your administrator.", errorPage.getError()); + } + @Test public void resetPasswordWithPasswordHistoryPolicy() throws IOException, MessagingException { //Block passwords that are equal to previous passwords. Default value is 3.