Merge pull request #262 from alihdev/keycloak-user-update-passowrd

Synchronize Password Updates with Keycloak

services/identity/src/EShopOnAbp.IdentityService.Application/BackgroundJobs/Users/KeycloakUserUpdatingJob.cs

@@ -92,6 +92,11 @@ await _keycloakService.AddRealmRolesToUserAsync(keycloakUser.Id,
                     _logger.LogInformation($"Keycloak user with the username:{args.UserName} has been updated.");
                 }
             }
+
+            if (!args.Password.IsNullOrEmpty() && keycloakUser != null)
+            {
+                await _keycloakService.SetNewPassword(keycloakUser.UserName, args.Password);
+            }
         }
         catch (Exception e)
         {
@@ -116,6 +121,7 @@ public class IdentityUserUpdatingArgs
     public bool OldIsActive { get; init; }
     public string[] RoleNames { get; init; }
     public string[] OldRoleNames { get; init; }
+    public string Password { get; init; }
 
     public IEnumerable<FieldChange> GetDifferentFields()
     {

services/identity/src/EShopOnAbp.IdentityService.Application/Identity/EShopIdentityUserAppService.cs

@@ -73,7 +73,7 @@ private async Task<IdentityUserUpdatingArgs> CreateIdentityUserUpdatingArgsAsync
     {
         var userRoles = existingUser.Roles.Select(q => q.RoleId).ToList();
         var roles = await _roleRepository.GetListAsync();
-        
+
         var args = new IdentityUserUpdatingArgs
         {
             Email = input.Email,
@@ -87,7 +87,8 @@ private async Task<IdentityUserUpdatingArgs> CreateIdentityUserUpdatingArgsAsync
             IsActive = input.IsActive,
             OldIsActive = existingUser.IsActive,
             RoleNames = input.RoleNames,
-            OldRoleNames = roles.Where(q => userRoles.Contains(q.Id)).Select(q => q.Name).ToArray()
+            OldRoleNames = roles.Where(q => userRoles.Contains(q.Id)).Select(q => q.Name).ToArray(),
+            Password = input.Password
         };
 
         return args;

services/identity/src/EShopOnAbp.IdentityService.Application/Keycloak/Service/IKeycloakService.cs

@@ -33,4 +33,6 @@ public interface IKeycloakService : ITransientDependency
     Task<bool> DeleteRoleByIdAsync(string id, CancellationToken cancellationToken = default);
 
     Task<bool> UpdateRoleAsync(string id, Role role, CancellationToken cancellationToken = default);
+
+    Task<bool> SetNewPassword(string username, string newPassword, CancellationToken cancellationToken = default);
 }

services/identity/src/EShopOnAbp.IdentityService.Application/Keycloak/Service/KeycloakService.cs

@@ -158,4 +158,29 @@ public async Task<bool> UpdateRoleAsync(string id, Role role, CancellationToken
 
         return result;
     }
+
+    public async Task<bool> SetNewPassword(string username, string newPassword, CancellationToken cancellationToken = default)
+    {
+        var users = await _keycloakClient.GetUsersAsync(_keycloakOptions.RealmName, username: username, cancellationToken: cancellationToken);
+
+        if (!users.Any()) return false;
+
+        var user = users.First();
+
+        var newCredentials = new Credentials
+        {
+            Type = "password",
+            Value = newPassword,
+            Temporary = false
+        };
+
+        var isSuccessReset = await _keycloakClient.ResetUserPasswordAsync(
+            realm: _keycloakOptions.RealmName,
+            userId: user.Id,
+            credentials: newCredentials,
+            cancellationToken: cancellationToken
+        );
+
+        return isSuccessReset;
+    }
 }

services/identity/src/EShopOnAbp.IdentityService.HttpApi.Host/EShopOnAbp.IdentityService.HttpApi.Host.csproj

@@ -7,7 +7,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Keycloak.Net.Core" Version="1.0.22" />
+    <PackageReference Include="Keycloak.Net.Core" Version="1.0.20" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="8.0.5">
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>