[keycloak-dev] generic cli sso utility

Marek Posolda mposolda at redhat.com
Fri Aug 4 04:09:31 EDT 2017

I wonder if it's possible to have CLI utility, which is able to read 
HTML with the form and challenge user based on that? For example once it 
receives the HTML like this:

   Username: <input name="username" />
   Password: <input name="password" type="password" />

Then in command line, user will be challenged for username and password.

I am not sure if it's doable in practice and how much work it is. Sounds 
like re-implementing browser in command line. But maybe something like 
this exists already?

BTV. Some things will never work in CLI in my opinion. For example:
- Registration with captcha
- TOTP setup
- Broker login (but hopefully some brokers offer alternatives)


On 28/07/17 22:36, Bill Burke wrote:
> I've developed a small command line utility around Keycloak Installed.
> The idea is that this utility performs a login with keycloak to obtain
> an access token.  This utility saves the access and refresh token in a
> file (similar to how ssh does in .ssh). Then bash scripts can be used to
> export the access token as an environment variable so it can be used by
> other command line utilities.
> https://github.com/patriot1burke/keycloak/blob/master/adapters/oidc/installed/src/main/java/org/keycloak/adapters/installed/KeycloakCliSso.java
> https://github.com/patriot1burke/keycloak/tree/master/adapters/oidc/cli-sso
> Eventually I'm thinking of creating a text/plain protocol with Keycloak
> server so that launching a browser or cutting/pasting between the
> command line window and browser isn't a requirement. It woudl be a plain
> text challenge response protocol.  This would require a bit more work as
> it would require reworking all of our built in authenticators and
> required action plugins.
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

More information about the keycloak-dev mailing list