Merge pull request #885 from myunggi-jung/fix_infinite_loop_for_keycloak

fix infinite loop for keycloak

pkg/provider/keycloak/keycloak.go

@@ -101,7 +101,7 @@ func (kc *Client) doAuthenticate(authCtx *authContext, loginDetails *creds.Login
 	}
 
 	samlResponse, err := extractSamlResponse(doc)
-	if err != nil && authCtx.authenticatorIndexValid {
+	if err != nil && authCtx.authenticatorIndexValid && passwordValid(doc) {
 		return kc.doAuthenticate(authCtx, loginDetails)
 	}
 	return samlResponse, err
@@ -352,6 +352,18 @@ func extractSamlResponse(doc *goquery.Document) (string, error) {
 	return samlAssertion, err
 }
 
+func passwordValid(doc *goquery.Document) bool {
+	var valid = true
+	doc.Find("span#input-error").Each(func(i int, s *goquery.Selection) {
+		text := s.Text()
+		if strings.Contains(text, "Invalid username or password.") {
+			valid = false
+			return
+		}
+	})
+	return valid
+}
+
 func containsTotpForm(doc *goquery.Document) bool {
 	// search totp field at Keycloak < 8.0.1
 	totpIndex := doc.Find("input#totp").Index()