[keycloak-dev] Support for passing custom attributes from authenticators to login pages
Thomas Darimont
thomas.darimont at googlemail.com
Mon Apr 10 16:16:53 EDT 2017
Hi Marek,
I totally missed that - thanks a ton :)
Cheers,
Thomas
2017-04-10 21:32 GMT+02:00 Marek Posolda <mposolda at redhat.com>:
> Hi Thomas,
>
> the LoginFormsProvider has method "setAttribute" . I think that in the
> authenticator, you can use something like
>
> context.form().setAttribute("foo", "bar");
>
> when "context" is AuthenticationFlowContext passed to the authenticator.
> Then in the template, the attribute "foo" can be directly referenced. Does
> it working for you?
>
> Marek
>
>
> On 10/04/17 17:35, Thomas Darimont wrote:
>
>> FYI my current solution (ab)uses the attributes of the current
>> HttpServletRequest to pass custom
>> data down to the templates with a (small) adjustment of
>> FreeMarkerLoginFormsProvider as shown below.
>>
>> This is quite hacky but does it's job until I find a better way to do
>> this.
>>
>> Within my custom Authenticator:
>>
>> private static final String MY_CUSTOM_ATTRIBUTE="my_custom_attribute";
>>
>> @Override
>> public void authenticate(AuthenticationFlowContext context) {
>> HttpServletRequest request =
>> context.getSession().getContext().getContextObject(HttpServl
>> etRequest.class);
>> try {
>> request.setAttribute(MY_CUSTOM_ATTRIBUTE, "bubu");
>> super.authenticate(context);
>> } finally {
>> request.removeAttribute(MY_CUSTOM_ATTRIBUTE);
>> }
>> }
>>
>> Small extension to the FreeMarkerLoginFormsProvider in "private Response
>> createResponse(LoginFormsPages page)":
>> ...
>> HttpServletRequest currentHttpRequest =
>> session.getContext().getContextObject(HttpServletRequest.class);
>> if (currentHttpRequest != null) {
>> attributes.put("currentRequestAttributes", new
>> HttpServletRequestAttributesBean(currentHttpRequest));
>> }
>> ...
>>
>> public static class HttpServletRequestAttributesBean {
>>
>> private final HttpServletRequest request;
>>
>> public HttpServletRequestAttributesBean(HttpServletRequest request){
>> this.request = request;
>> }
>>
>> public Object getAttribute(String name){
>> return this.request.getAttribute(name);
>> }
>>
>> public Map<String,Object> getAttributes(){
>>
>> Map<String,Object> attributes = new HashMap<>();
>> for(String name : Collections.list(request.getAttributeNames())){
>> attributes.put(name, request.getAttribute(name));
>> }
>>
>> return attributes;
>> }
>> }
>>
>> In my template login-totp.ftl:
>> <span>Custom value:
>> ${currentRequestAttributes.getAttribute('my_custom_attribute
>> ')!'default'}</span>
>>
>> 2017-04-10 16:04 GMT+02:00 Thomas Darimont <thomas.darimont at googlemail.co
>> m>:
>>
>> Hello group,
>>>
>>> are there any plans to support custom attributes to be passed from
>>> authenticators to (login-) forms?
>>>
>>> Concrete use-case is that I want to pass information
>>> from a custom OTP authenticator down to the login-totp.ftl template.
>>>
>>> Would be helpful if it were possible to pass custom attributes to the
>>> create*Page(..) methods in org.keycloak.forms.login.LoginFormsProvider.
>>>
>>> This would really ease customizations.
>>>
>>> Other alternatives to pass data are:
>>> - use some ThreadLocal storage within an Authenticator (set and clear) -
>>> but this feels more like a hack
>>> - custom page template and population logic in in a custom
>>> FreeMarkerLoginFormsProvider (quite involved...)
>>>
>>> Cheers,
>>> Thomas
>>>
>>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>
>
>
More information about the keycloak-dev
mailing list