keycloak: check if old password matches, if so change to another one
Question
Java with maven dependency "keycloak-admin-cli"
I have this code:
keycloakService.findUserByEmailOrUsername( user.getKeycloakUsername() )
.ifPresent( userRepresentation -> {
//Check for old password
if ( userRepresentation.getCredentials() != null ) {
for (CredentialRepresentation c : userRepresentation.getCredentials()) {
if ( CredentialRepresentation.PASSWORD.equals( c.getType() ) ) {
if ( userDTO.getOldpassword().equals( c.getValue() ) ) {
//Das alte Passwort stimmt mit dem in der Datenbank überein. Wir können updaten
//Neues Passwort setzen
CredentialRepresentation credential = new CredentialRepresentation();
credential.setType( CredentialRepresentation.PASSWORD );
credential.setValue( userDTO.getPassword() );
credential.setTemporary( false );
userRepresentation.setCredentials( Collections.singletonList( credential ) );
} else {
throw new RuntimeException( "Your current password does not match", null );
}
}
}
}
} );
I checked with the debugger and I get the correct user. "userRepresentation" is not null. But the credentials of the user are always null.
Also if I only want to set a new password for the user, it does not update:
keycloakService.findUserByEmailOrUsername( user.getKeycloakUsername() )
.ifPresent( userRepresentation -> {
CredentialRepresentation credential = new CredentialRepresentation();
credential.setType( CredentialRepresentation.PASSWORD );
credential.setValue( userDTO.getPassword() );
credential.setTemporary( false );
userRepresentation.setCredentials( Collections.singletonList( credential ) );
} );
I don't get an error message, keycloak just doesn't update.
Can anyone show me an example how I can check the old password and change it to another one? thx
2 answers
solution1
1 2020-11-10 09:38:11
For the updating the password use :
userRessource.get(userId).resetPassword(credential);
see this example : https://gist.github.com/thomasdarimont/0c136d0b8d339b997928e9bef225f941
But for checking the actual credential, I didn't manage to check if there's one, as you say userRepresentation.getCredentials() is always null, even after reseting a new password.
solution2
1 2021-07-26 05:35:02
Try using the UserResource instead of the UserRepresentation.
userResource.get(userId).credentials() instead of userRepresentation.getCredentials() should work, but it does feel more like a workaround.
As of 7/26/2021 getCredentials keeps always returning null.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.