refining some tests, preparing test for session service

Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
2024-09-10 20:53:03 +02:00
parent caa9f07d79
commit f600040c0e
16 changed files with 150 additions and 65 deletions
--- a/de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/UserController.java
+++ b/de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/UserController.java
@@ -298,7 +298,7 @@ public class UserController extends Controller {
 			return sendEmptyResponse(HTTP_FORBIDDEN, ex);
 		}
 		var oldPass = json.getString("oldpass");
-		if (!users.passwordMatches(oldPass, user.hashedPassword())) return badRequest(ex, "wrong password");
+		if (!users.passwordMatches(oldPass, user)) return badRequest(ex, "wrong password");

 		var passwords = json.getJSONArray("newpass");
 		var newPass   = passwords.getString(0);