[keycloak-dev] reset-password-email web service proposal for modification

Stian Thorgersen stian at redhat.com
Fri Jan 2 02:43:48 EST 2015 


----- Original Message -----
> From: "Michael Gerber" <gerbermichi at me.com>
> To: keycloak-dev at lists.jboss.org
> Sent: Thursday, 1 January, 2015 2:26:12 PM
> Subject: [keycloak-dev] reset-password-email web service proposal for	modification
> 
> Hi
> 
> The reset-password-email rest web service sends an email to the user with the
> following content:
> Someone just requested to change your Keycloak account's password. If this
> was you, click on the link below to set a new password:
> http://localhost:8081/auth/realms/master/login-actions/password-reset?code=sI_NFQE1iMBoWhBnuoN674eHyBh5IMi_R2QbQ41X5iY.b1cc4d2a-d02d-4819-8156-17b2dd5e034d
> 
> The link above navigates to a form where the user has to enter his username
> or email address. After that he retrieves an other email with the following
> content:
> Someone just requested to change your Keycloak account's password. If this
> was you, click on the link below to set a new password:
> http://localhost:8081/auth/realms/master/login-actions/password-reset?key=Rhs73F1fSOznR-Z3sliNXSVKNBQeKyY8-4qlXqA5buI.b1cc4d2a-d02d-4819-8156-17b2dd5e034d
> 
> The user can than finally change his password and gets redirected to the
> keycloak account page.

That's not the correct behaviour. The user should just be asked to update password immediately. Please file a jira and do a PR for your fix.

Adding the redirect param is separate, so create another jira issue for that. If you'd like you can send a separate PR for it, but you also would need to specify client_id so Keycloak can verify it's a valid redirect_uri and generate a code that is associated with the correct client.

> 
> I think this process is a bit complicated. Isn’t it possible to send just one
> email? And it would be nice to pass a redirect URI to the web service.
> I implemented the described changes to show you what I mean:
> https://github.com/gerbermichi/keycloak/commit/1a892b70b1e788dfc5565d29f1eeeab80109d070
> 
> Best
> Michael
> 
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

More information about the keycloak-dev mailing list