Before reporting an issue

• I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

login/ui

Describe the bug

When having a minimum number of uppercase and lowercase characters required for new passwords, they're not correctly validated during registration.

The code doesn't check if there are enough characters of the required type, but if the amount of characters of all other types is bigger than the set minimum.

Uppercase:
value.split("").filter((char) => char !== char.toUpperCase()).length > policy.value

Lowercase:
value.split("").filter((char) => char !== char.toLowerCase()).length > policy.value

Version

26.0.0

Regression

• The issue is a regression

Expected behavior

No error messages are shown if the password contains the minimum amount of uppercase and lowercase characters.

Actual behavior

Error messages are shown despite the password containing the minimum amount of uppercase and lowercase characters.

How to Reproduce?

• Use any realm with registration enabled
• Go to Authentication -> Policies -> Password policy and enable uppercase chars & lowercase chars and click on Save
• Go to the registration page of the realm
• Type TEst in the password field and leave it to let the JavaScript code validate it with the policies
  • It results in error messages
• Type 1234 in the password field and leave it to let the JavaScript code validate it with the policies
  • It results in no errors at all

Anything else?

No response