Merge OpenOLAT 12.1 to OpenOLAT default branch with c7a6039e75ddaf7553a3bfb61d312c41fe8d6b55

src/main/java/org/olat/login/auth/OLATAuthManager.java

@@ -64,8 +64,6 @@ import org.olat.user.UserManager;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
-import com.thoughtworks.xstream.XStream;
-
 /**
  * Initial Date:  26.09.2007 <br>
  * @author Felix Jost, http://www.goodsolutions.ch
@@ -157,22 +155,22 @@ public class OLATAuthManager extends BasicManager implements AuthenticationSPI {
 	}
 
 	private Identity findIdentInChangingEmailWorkflow(String login){
-		XStream xml = XStreamHelper.createXStreamInstance();
-		
 		List<TemporaryKey> tk = registrationManager.loadTemporaryKeyByAction(RegistrationManager.EMAIL_CHANGE);
 		if (tk != null) {
 			for (TemporaryKey temporaryKey : tk) {
 				@SuppressWarnings("unchecked")
-				Map<String, String> mails = (Map<String, String>)xml.fromXML(temporaryKey.getEmailAddress());
-				if (login.equals(mails.get("changedEMail"))) {
-					return securityManager.findIdentityByName(mails.get("currentEMail"));
+				Map<String, String> mails = (Map<String, String>)XStreamHelper.createXStreamInstance()
+					.fromXML(temporaryKey.getEmailAddress());
+				String currentEmail = mails.get("currentEMail");
+				String changedEmail = mails.get("changedEMail");
+				if (login.equals(changedEmail) && StringHelper.containsNonWhitespace(currentEmail)) {
+					return securityManager.findIdentityByName(currentEmail);
 				}
 			}
 		}
 		return null;		
 	}
 	
-	
 	/**
 	 * Change the password of an identity. if the given identity is a LDAP-User,
 	 * the pw-change is propagated to LDAP (according to config) NOTE: caller of