<html>

  <head>

    <meta content="text/html; charset=windows-1252"

      http-equiv="Content-Type">

  </head>

  <body bgcolor="#FFFFFF" text="#000000">

    This is really cool.<br>

    <br>

    <div class="moz-cite-prefix">On 2/9/2016 5:48 PM, Thomas Darimont

      wrote:<br>

    </div>

    <blockquote

cite="mid:CAK-7U1gPhv8O-Fzicsu0_6n2-+v2W_Qnw+m+0WL32iAw0Zokkg@mail.gmail.com"

      type="cite">

      <div dir="ltr">Hello group,

        <div><br>

        </div>

        <div>I built a little prototype [0] for script based

          authenticators inspired by a discussion on the keycloak-users

          mailing list - </div>

        <div>think it was about post broker authentication checks, e.g.

          if the user has an email address that belongs to the google

          apps domain...</div>

        <div><br>

        </div>

        <div>

          <div>I introduced a ScriptBasedAuthenticator that is

            bootstraped via a</div>

          <div>ScriptBasedAuthenticatorFactory can be execute a

            configured script</div>

          <div>via a JSR-223 ScriptEngine against a provided execution

            context.</div>

          <div><br>

          </div>

          <div>I also added a new "script" value type for proper

            rendering in the UI as well as an alias property </div>

          <div>to the AuthFlowExecutionRepresentation in order to be

            able to differentiate multiple instances of an Authenticator</div>

          <div>within the same AuthFlow - this comes pretty close to

            having Auth0  like scriptable rules in Keycloak.</div>

          <div><br>

          </div>

          <div>For convenient editing I added the AngularJS bindings for

            the popular ACE editor.</div>

        </div>

        <div><br>

        </div>

        <div>Looking forward to your thoughts :)</div>

        <div><br>

        </div>

        <div>Cheers,</div>

        <div>Thomas</div>

        <div><br>

        </div>

        <div>[0] <a moz-do-not-send="true"

href="https://github.com/thomasdarimont/keycloak/commit/3f39479e7fa0c75941cd524ba99de5c85db43b62">https://github.com/thomasdarimont/keycloak/commit/3f39479e7fa0c75941cd524ba99de5c85db43b62</a></div>

        <div>[1] <a moz-do-not-send="true"

            href="https://auth0.com/docs/rules">https://auth0.com/docs/rules</a></div>

      </div>

      <br>

      <fieldset class="mimeAttachmentHeader"></fieldset>

      <br>

      <pre wrap="">_______________________________________________

keycloak-dev mailing list

<a class="moz-txt-link-abbreviated" href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a>

<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-dev">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a></pre>

    </blockquote>

    <br>

    <pre class="moz-signature" cols="72">-- 

Bill Burke

JBoss, a division of Red Hat

<a class="moz-txt-link-freetext" href="http://bill.burkecentral.com">http://bill.burkecentral.com</a></pre>

  </body>

</html>