Skip to content

Commit

Permalink
Don't supply credentials if there are none
Browse files Browse the repository at this point in the history 
Signed-off-by: John Gomersall <thegoms@gmail.com>
  • Loading branch information
@john-gom
john-gom committed Dec 20, 2024
1 parent 9278b69 commit 5dc8d2b
Showing 1 changed file with 8 additions and 3 deletions.
11 changes: 8 additions & 3 deletions scripts/migrate_users_to_keycloak.pl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,7 @@ ($user_file, $anonymize)
}

my $credential
= $anonymize ? {} : convert_scrypt_password_to_keycloak_credentials($user_ref->{'encrypted_password'}) // {};
= $anonymize ? undef : convert_scrypt_password_to_keycloak_credentials($user_ref->{'encrypted_password'});
my $userid = $user_ref->{userid};
my $name = ($anonymize ? $userid : $user_ref->{name});
# Inverted expression from: https://github.com/keycloak/keycloak/blob/2eae68010877c6807b6a454c2d54e0d1852ed1c0/services/src/main/java/org/keycloak/userprofile/validator/PersonNameProhibitedCharactersValidator.java#L42C63-L42C114
Expand All @@ -127,18 +127,20 @@ ($user_file, $anonymize)
my $keycloak_user_ref = {
enabled => $JSON::PP::true,
username => $userid,
credentials => [$credential],
attributes => {
# Truncate name more than 255 because of UTF-8 encoding. Could do this more precisely...
name => substr($name, 0, 128),
locale => $user_ref->{initial_lc},
country => $user_ref->{initial_cc},
registered => 'registered', # The prevents welcome emails from being sent
registered => 'registered', # The prevents welcome emails from being sent
importTimestamp => time(),
importSourceChangedTimestamp => (stat($user_file))[9]
},
createdTimestamp => ($user_ref->{registered_t} // time()) * 1000
};
if (defined $credential) {
$keycloak_user_ref->{credentials} = [$credential];
}

my $email = sanitise_email($user_ref->{email});
my $email_status = $user_emails->{$email};
Expand Down Expand Up @@ -192,6 +194,9 @@ ($hashed_password)
$credential->{credentialData} = encode_json($credential_data);
$credential->{temporary} = $JSON::false;
}
else {
return;
}

return $credential;
}
Expand Down

0 comments on commit 5dc8d2b

Please sign in to comment.