Hi everyone,
We recently migrated from KC8 to KC14 but we noticed that when updating an email through the account API, the email verified flag was not reset.
Is this something we are expecting in the recent versions or is it something that was not seen after recent changes to manage some values as attributes?
In order to keep the same behavior as previously, we solved this by just overriding the matching API method (for our needs, we already were extended org.keycloak.services.resources.account.AccountRestService)
@Path("/")
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public
Response
updateAccount(UserRepresentation
rep) {
boolean
emailUpdated =
user
!=
null
&& rep.getEmail() !=
null
&& !rep.getEmail().equalsIgnoreCase(user.getEmail());
Response resp =
super.updateAccount(rep);
if (emailUpdated && resp.getStatus() <
400) {
/**
* EmailVerified is not updatable through KC API in version 14.0
*/
user.setEmailVerified(false);
}
return
resp;
Francis Pérot
ELCA Informatique SA | www.elca.ch
Tour Balexert – Avenue Louis-Casaï 18 | CP | CH - 1211 Genève 28
This message may contain confidential and/or privileged information. If you are neither the addressee nor authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please contact the sender and delete this message. Thank you.
PS: I offered my help at beginning of 2020 to help reducing the technical debt using some static analysis tools. I only checked a little part of the code and I identified some bugs but I had no time to communicate them. Most bugs I identified have been already fixed.