Add validation for username field to be dns compatible (#444)

Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2020-09-16 12:26:09 +03:00 · 2020-09-16 12:26:09 +03:00 · c824447348
parent ef0a2fa705
commit c824447348
1 changed files with 7 additions and 1 deletions
--- a/pkg/deploy/deployment_keycloak.go
+++ b/pkg/deploy/deployment_keycloak.go
@ -476,7 +476,13 @@ func getSpecKeycloakDeployment(
 		" && /opt/jboss/docker-entrypoint.sh -b 0.0.0.0 -c standalone.xml"
 	command += " -Dkeycloak.profile.feature.token_exchange=enabled -Dkeycloak.profile.feature.admin_fine_grained_authz=enabled"
 	if cheFlavor == "codeready" {
-		command = addCertToTrustStoreCommand + addProxyCliCommand + applyProxyCliCommand +
+		addUsernameValidationForKeycloakTheme := "sed -i  's|id=\"username\" name=\"username\"|" +
+			"id=\"username\" " +
+			"pattern=\"[a-z]([-a-z0-9]{0,61}[a-z0-9])?\" " +
+			"title=\"Username has to comply with the DNS naming convention. An alphanumeric (a-z, and 0-9) string, with a maximum length of 63 characters, with the '-' character allowed anywhere except the first or last character.\" " +
+			"name=\"username\"|g' " +
+			"/opt/eap/themes/base/login/login-update-profile.ftl"
+		command = addUsernameValidationForKeycloakTheme + " && " + addCertToTrustStoreCommand + addProxyCliCommand + applyProxyCliCommand +
 			" && echo \"feature.token_exchange=enabled\nfeature.admin_fine_grained_authz=enabled\" > /opt/eap/standalone/configuration/profile.properties  " +
 			" && sed -i 's/WILDCARD/ANY/g' /opt/eap/bin/launch/keycloak-spi.sh && /opt/eap/bin/openshift-launch.sh -b 0.0.0.0"
 	}