[keycloak-user] Legacy none email username updated when editing account and "Email as username" is enabled

[Bart Lievens]

Hello,

I noticed the following behaviour using Keycloak 4.6.0.Final  and not sure it’s a bug or the intended behaviour.

I am migrating a legacy application user database to keycloak (using User Storage SPI and Import strategy)
The legacy user database has old usernames that are not emails and at some point in time the choice was made to only allow emails addresses for logins.

As a result I end up with still active usernames that are no emails, but I turned on the "Email as username”  which I was expecting to only influence new users as tooltip says  :
"If enabled then username field is hidden from registration form and email is used as username for new user.” 

With this setup I encountered the case where  a legacy user (without email username) goes to his account page and wants to update for example his First name but also his  username gets changed to the email field.
The user might not even see this because the username is no longer displayed.
But because of the username being changed, the next time he/she tries log with the usual username and password this is no longer possible as username being used is no longer valdi.

This seems like a bug, but I found this was requested in  https://issues.jboss.org/browse/KEYCLOAK-3685 <https://issues.jboss.org/browse/KEYCLOAK-3685>  

Any thoughts on how I can work around this or if there is already a issue related to this  or should I create a new JIRA issue to fix  the problem/bug ?

Thanks