Move realm name availability check before user search and adding blan…

…k check.
wso2-extensions · Jan 31, 2024 · 6e10a48 · 6e10a48
1 parent 2087dc9
commit 6e10a48
Showing 1 changed file with 6 additions and 5 deletions.
diff --git a/...n/java/org/wso2/carbon/identity/recovery/endpoint/impl/RecoverPasswordApiServiceImpl.java b/...n/java/org/wso2/carbon/identity/recovery/endpoint/impl/RecoverPasswordApiServiceImpl.java
@@ -21,6 +21,7 @@
 import org.wso2.carbon.identity.recovery.internal.IdentityRecoveryServiceDataHolder;
 import org.wso2.carbon.identity.recovery.password.NotificationPasswordRecoveryManager;
 import org.wso2.carbon.identity.recovery.util.Utils;
+import org.wso2.carbon.user.core.util.UserCoreUtil;
 
 import javax.ws.rs.core.Response;
 
@@ -51,18 +52,18 @@ public Response recoverPasswordPost(RecoveryInitiatingRequestDTO recoveryInitiat
             // If multi attribute login is enabled, resolve the user before sending recovery notification sending.
             if (IdentityRecoveryServiceDataHolder.getInstance().getMultiAttributeLoginService()
                     .isEnabled(user.getTenantDomain())) {
+                if (StringUtils.isNotBlank(user.getRealm())) {
+                    String userDomainQualifiedUsername = UserCoreUtil.addDomainToName(user.getUsername(), user.getRealm());
+                    user.setUsername(userDomainQualifiedUsername);
+                }
                 ResolvedUserResult resolvedUserResult =
                         IdentityRecoveryServiceDataHolder.getInstance().getMultiAttributeLoginService()
                                 .resolveUser(user.getUsername(), user.getTenantDomain());
                 if (resolvedUserResult != null && ResolvedUserResult.UserResolvedStatus.SUCCESS.
                         equals(resolvedUserResult.getResolvedStatus())) {
                     User resolvedUser = new User();
                     resolvedUser.setUserName(resolvedUserResult.getUser().getUsername());
-                    if (StringUtils.isBlank(user.getRealm())) {
-                        resolvedUser.setUserStoreDomain(resolvedUserResult.getUser().getUserStoreDomain());
-                    } else {
-                        resolvedUser.setUserStoreDomain(user.getRealm());
-                    }
+                    resolvedUser.setUserStoreDomain(resolvedUserResult.getUser().getUserStoreDomain());
                     resolvedUser.setTenantDomain(resolvedUserResult.getUser().getTenantDomain());
                     notificationResponseBean =
                             notificationPasswordRecoveryManager.sendRecoveryNotification(resolvedUser, type, notify,