
<div dir="ltr">The config from keycloak-server.json is passed in to init method of the provider factory (<a href="https://github.com/keycloak/keycloak/blob/master/server-spi/src/main/java/org/keycloak/provider/ProviderFactory.java#L41">https://github.com/keycloak/keycloak/blob/master/server-spi/src/main/java/org/keycloak/provider/ProviderFactory.java#L41</a>) and is not available in getAuthenticatorConfig.</div><div class="gmail_extra"><br><div class="gmail_quote">On 16 June 2016 at 18:01, Eric Son 3016 <span dir="ltr">&lt;<a href="mailto:desk3016@live.com" target="_blank">desk3016@live.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">


<div><div dir="ltr">


<p class="MsoNormal"><span style="color:#1f497d">Hi Stian,</span></p><p class="MsoNormal"><span style="color:#1f497d"><br></span></p><p class="MsoNormal"><span style="color:#1f497d">Based on your response, I

changed the configuration to this. But in authenticator, I am not able to

access this config. <br></span></p><p class="MsoNormal"><span style="color:#1f497d">Am I missing something? <br></span></p>


<p class="MsoNormal"><span style="color:#1f497d"><br></span></p><p class="MsoNormal"><span style="color:#1f497d">               

&quot;authenticator&quot;: {</span></p>


<p class="MsoNormal"><span style="color:#1f497d">                               

&quot;xyz-username-password-authenticator&quot;: {</span></p>


<p class="MsoNormal"><span style="color:#1f497d">                                               

&quot;tvUrl&quot;: &quot;<a href="https://192.168.0.11/TokenValidator/TokenValidator.asmx" target="_blank">https://192.168.0.11/TokenValidator/TokenValidator.asmx</a>&quot;,</span></p>


<p class="MsoNormal"><span style="color:#1f497d">                                               

</span></p>


<p class="MsoNormal"><span style="color:#1f497d">                               

}</span></p>


<p class="MsoNormal"><span style="color:#1f497d">               

}</span></p>


<p class="MsoNormal"><span style="color:#1f497d"> </span></p>


<p class="MsoNormal"><span style="color:#1f497d">Here is my authenticator

provider ID and provider configurations, Btw I can see this configuration in

the console with empty value. <br></span></p><p class="MsoNormal"><span style="color:#1f497d"><br></span></p>


<p class="MsoNormal" style="text-autospace:none"><b><span style="font-size:10.0pt;font-family:Consolas;color:#7f0055">    public</span></b><span style="font-size:10.0pt;font-family:Consolas;color:black"> </span><b><span style="font-size:10.0pt;font-family:Consolas;color:#7f0055">static</span></b><span style="font-size:10.0pt;font-family:Consolas;color:black"> </span><b><span style="font-size:10.0pt;font-family:Consolas;color:#7f0055">final</span></b><span style="font-size:10.0pt;font-family:Consolas;color:black"> String </span><b><i><span style="font-size:10.0pt;font-family:Consolas;color:#0000c0">PROVIDER_ID</span></i></b><span style="font-size:10.0pt;font-family:Consolas;color:black"> = </span><span style="font-size:10.0pt;font-family:Consolas;color:#2a00ff">&quot;xyz-username-password-authenticator&quot;</span><span style="font-size:10.0pt;font-family:Consolas;color:black">;</span><span style="font-size:10.0pt;font-family:Consolas"></span></p>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black">    </span><b><span style="font-size:10.0pt;font-family:Consolas;color:#7f0055">public</span></b><span style="font-size:10.0pt;font-family:Consolas;color:black"> String getId() {</span><span style="font-size:10.0pt;font-family:Consolas"></span></p>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black">        </span><b><span style="font-size:10.0pt;font-family:Consolas;color:#7f0055">return</span></b><span style="font-size:10.0pt;font-family:Consolas;color:black"> </span><b><i><span style="font-size:10.0pt;font-family:Consolas;color:#0000c0">PROVIDER_ID</span></i></b><span style="font-size:10.0pt;font-family:Consolas;color:black">;</span><span style="font-size:10.0pt;font-family:Consolas"></span></p>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black">    }</span><span style="font-size:10.0pt;font-family:Consolas"></span></p>


<p class="MsoNormal"><span style="color:#1f497d"> </span></p>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black">    </span><b><span style="font-size:10.0pt;font-family:Consolas;color:#7f0055">private</span></b><span style="font-size:10.0pt;font-family:Consolas;color:black"> </span><b><span style="font-size:10.0pt;font-family:Consolas;color:#7f0055">static</span></b><span style="font-size:10.0pt;font-family:Consolas;color:black"> </span><b><span style="font-size:10.0pt;font-family:Consolas;color:#7f0055">final</span></b><span style="font-size:10.0pt;font-family:Consolas;color:black">

List&lt;ProviderConfigProperty&gt; </span><b><i><span style="font-size:10.0pt;font-family:Consolas;color:#0000c0">configProperties</span></i></b><span style="font-size:10.0pt;font-family:Consolas;color:black"> = </span><b><span style="font-size:10.0pt;font-family:Consolas;color:#7f0055">new</span></b><span style="font-size:10.0pt;font-family:Consolas;color:black">

ArrayList&lt;ProviderConfigProperty&gt;();</span><span style="font-size:10.0pt;font-family:Consolas"></span></p>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas"> </span></p>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black">    </span><b><span style="font-size:10.0pt;font-family:Consolas;color:#7f0055">static</span></b><span style="font-size:10.0pt;font-family:Consolas;color:black"> {</span><span style="font-size:10.0pt;font-family:Consolas"></span></p>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black">       

ProviderConfigProperty </span><span style="font-size:10.0pt;font-family:Consolas;color:#6a3e3e">property</span><span style="font-size:10.0pt;font-family:Consolas;color:black">;</span><span style="font-size:10.0pt;font-family:Consolas"></span></p>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black">        </span><span style="font-size:10.0pt;font-family:Consolas;color:#6a3e3e">property</span><span style="font-size:10.0pt;font-family:Consolas;color:black"> = </span><b><span style="font-size:10.0pt;font-family:Consolas;color:#7f0055">new</span></b><span style="font-size:10.0pt;font-family:Consolas;color:black">

ProviderConfigProperty();</span><span style="font-size:10.0pt;font-family:Consolas"></span></p>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black">        </span><span style="font-size:10.0pt;font-family:Consolas;color:#6a3e3e">property</span><span style="font-size:10.0pt;font-family:Consolas;color:black">.setName(</span><span style="font-size:10.0pt;font-family:Consolas;color:#2a00ff">&quot;tvUrl&quot;</span><span style="font-size:10.0pt;font-family:Consolas;color:black">);</span><span style="font-size:10.0pt;font-family:Consolas"></span></p>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black">        </span><span style="font-size:10.0pt;font-family:Consolas;color:#6a3e3e">property</span><span style="font-size:10.0pt;font-family:Consolas;color:black">.setLabel(</span><span style="font-size:10.0pt;font-family:Consolas;color:#2a00ff">&quot;Token

Validator URL&quot;</span><span style="font-size:10.0pt;font-family:Consolas;color:black">);</span><span style="font-size:10.0pt;font-family:Consolas"></span></p>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black">        </span><span style="font-size:10.0pt;font-family:Consolas;color:#6a3e3e">property</span><span style="font-size:10.0pt;font-family:Consolas;color:black">.setType(ProviderConfigProperty.</span><b><i><span style="font-size:10.0pt;font-family:Consolas;color:#0000c0">STRING_TYPE</span></i></b><span style="font-size:10.0pt;font-family:Consolas;color:black">);</span><span style="font-size:10.0pt;font-family:Consolas"></span></p>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black">        </span><span style="font-size:10.0pt;font-family:Consolas;color:#6a3e3e">property</span><span style="font-size:10.0pt;font-family:Consolas;color:black">.setHelpText(</span><span style="font-size:10.0pt;font-family:Consolas;color:#2a00ff">&quot;Token

Validator URL.&quot;</span><span style="font-size:10.0pt;font-family:Consolas;color:black">);</span><span style="font-size:10.0pt;font-family:Consolas"></span></p>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black">        </span><b><i><span style="font-size:10.0pt;font-family:Consolas;color:#0000c0">configProperties</span></i></b><span style="font-size:10.0pt;font-family:Consolas;color:black">.add(</span><span style="font-size:10.0pt;font-family:Consolas;color:#6a3e3e">property</span><span style="font-size:10.0pt;font-family:Consolas;color:black">);</span><span style="font-size:10.0pt;font-family:Consolas"></span></p>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black">    }</span><span style="font-size:10.0pt;font-family:Consolas"></span></p><span style="color:#1f497d"><br>In my authenticator, I am

accessing config like this, but it doesn’t have value for this config.</span>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black"><br></span></p><p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black">       </span><b><span style="font-size:10.0pt;font-family:Consolas;color:#7f0055">if</span></b><span style="font-size:10.0pt;font-family:Consolas;color:black">(</span><span style="font-size:10.0pt;font-family:Consolas;color:#6a3e3e">context</span><span style="font-size:10.0pt;font-family:Consolas;color:black">.getAuthenticatorConfig().getConfig()

!= </span><b><span style="font-size:10.0pt;font-family:Consolas;color:#7f0055">null</span></b><span style="font-size:10.0pt;font-family:Consolas;color:black">) {</span><span style="font-size:10.0pt;font-family:Consolas"></span></p>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black">             

</span><b><span style="font-size:10.0pt;font-family:Consolas;color:#7f0055">for</span></b><span style="font-size:10.0pt;font-family:Consolas;color:black"> (String </span><span style="font-size:10.0pt;font-family:Consolas;color:#6a3e3e">key</span><span style="font-size:10.0pt;font-family:Consolas;color:black"> : </span><span style="font-size:10.0pt;font-family:Consolas;color:#6a3e3e">context</span><span style="font-size:10.0pt;font-family:Consolas;color:black">.getAuthenticatorConfig().getConfig().keySet())

{</span><span style="font-size:10.0pt;font-family:Consolas"></span></p>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black">      

              </span><i><span style="font-size:10.0pt;font-family:Consolas;color:#0000c0">log</span></i><span style="font-size:10.0pt;font-family:Consolas;color:black">.info(</span><span style="font-size:10.0pt;font-family:Consolas;color:#2a00ff">&quot;Config Key:

&quot;</span><span style="font-size:10.0pt;font-family:Consolas;color:black"> +

</span><span style="font-size:10.0pt;font-family:Consolas;color:#6a3e3e">key</span><span style="font-size:10.0pt;font-family:Consolas;color:black"> + </span><span style="font-size:10.0pt;font-family:Consolas;color:#2a00ff">&quot;, Value:

&quot;</span><span style="font-size:10.0pt;font-family:Consolas;color:black"> +

</span><span style="font-size:10.0pt;font-family:Consolas;color:#6a3e3e">context</span><span style="font-size:10.0pt;font-family:Consolas;color:black">.getAuthenticatorConfig().getConfig().get(</span><span style="font-size:10.0pt;font-family:Consolas;color:#6a3e3e">key</span><span style="font-size:10.0pt;font-family:Consolas;color:black">));</span><span style="font-size:10.0pt;font-family:Consolas"></span></p>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black">             

}</span><span style="font-size:10.0pt;font-family:Consolas"></span></p>


<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:Consolas;color:black">       }</span><span style="font-size:10.0pt;font-family:Consolas"></span></p>


<br><span style="color:#1f497d">Did you see what I have missed, any? Thanks!</span><br><br><p class="MsoNormal"><span style="color:#1f497d">Best Regards,</span></p><p class="MsoNormal"><span style="color:#1f497d">WJ<br></span></p>


<span style="color:#1f497d"></span><br><div><hr>Date: Thu, 16 Jun 2016 04:57:59 +0200<div><div class="h5"><br>Subject: Re: [keycloak-dev] Config File for token validator endpoints url in keycloak?<br>From: <a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a><br>To: <a href="mailto:desk3016@live.com" target="_blank">desk3016@live.com</a><br>CC: <a href="mailto:keycloak-dev@lists.jboss.org" target="_blank">keycloak-dev@lists.jboss.org</a><br><br><div dir="ltr">The SPI is called &quot;authenticator&quot;, not &quot;authentication&quot;, so it should be:<div><br></div><div><p style="font-size:12.8px;text-indent:0.5in">&quot;<span style="font-size:small;text-indent:0px">authenticator</span>&quot;: {</p><p style="font-size:12.8px">                                &quot;xyz-username-password-authenticator&quot;: {</p><p style="font-size:12.8px">                                                &quot;tvUrl&quot;: &quot;<a href="https://192.168.0.11/TokenValidator/TokenValidator.asmx" target="_blank">https://192.168.0.11/TokenValidator/TokenValidator.asmx</a>&quot;</p><p style="font-size:12.8px">                                }</p><p style="font-size:12.8px">                }</p><p style="font-size:12.8px"><br></p><p style="font-size:12.8px">Assuming <span style="font-size:12.8px">&quot;xyz-username-password-</span><span style="font-size:12.8px">authenticator&quot; is what&#39;s returned by your factories getId method.</span></p></div></div><div><br><div>On 16 June 2016 at 04:26, Eric Son 3016 <span dir="ltr">&lt;<a href="mailto:desk3016@live.com" target="_blank">desk3016@live.com</a>&gt;</span> wrote:<br><blockquote style="border-left:1px #ccc solid;padding-left:1ex">


<div><div dir="ltr">


<div dir="ltr">


<p>Hi Stian,</p><p><br></p><p>For elaborating previous question, I am creating a authentication provider, which needs to

call an external API. </p><p><span style="font-size:12pt">The payloads needs be encrypted with a key before calling

the API. </span></p><p><span style="font-size:12pt"><br></span></p><p><span style="font-size:12pt">I want API URL and Path of the Key to be configurable, so that Ops

team can tweak that based on each environment. </span></p><p><span style="font-size:12pt"><br></span></p><p><span style="font-size:12pt">I’ll be using KeyCloak in

multi-tenant environment, so rather than configuring it at authenticator level

for each relam, we want to configure these settings at system level.</span></p>


<p> </p>


<p>I came across this link <a href="http://keycloak.github.io/docs/userguide/keycloak-server/html/providers.html#d4e559" target="_blank">http://keycloak.github.io/docs/userguide/keycloak-server/html/providers.html#d4e559</a>

which shows how you can pass configuration to providers. </p><p><br></p><p>I tried to do the same

thing for my authentication provider but that didn’t work. Not Sure if it

matters but I am using KeyCloak version 1.9.3.</p>


<p> </p>


<p>This is what I put in keycloak-server.json. Here

“xyz-username-password-authenticator” is my provider ID. </p>


<p> </p>


<p style="text-indent:.5in">&quot;authentication&quot;: {</p>


<p>                               

&quot;xyz-username-password-authenticator&quot;: {</p>


<p>                                               

&quot;tvUrl&quot;: &quot;<a href="https://192.168.0.11/TokenValidator/TokenValidator.asmx" target="_blank">https://192.168.0.11/TokenValidator/TokenValidator.asmx</a>&quot;</p>


<p>                               

}</p>


<p>               

}</p>


<p>I also tried it by putting following configuration i.e. by

removing the “authentication” element from above config.</p>


<p style="text-indent:.5in"> </p>


<p style="text-indent:.5in">&quot;xyz-username-password-authenticator&quot;:

{</p>


<p style="text-indent:.5in">&quot;tvUrl&quot;:

&quot;<a href="https://192.168.0.11/TokenValidator/TokenValidator.asmx" target="_blank">https://192.168.0.11/TokenValidator/TokenValidator.asmx</a>&quot;</p>


<p>               

}</p>


<p> </p>


<p>Can you please guide me how can I pass these configurations

to my authentication providers?</p><p><br></p><p>Thanks!</p><p><br></p><p>Best Regards,</p><p><br></p><p>WJ</p>


<br><br><div><hr>Date: Mon, 6 Jun 2016 08:00:07 +0200<br>Subject: Re: [keycloak-dev] Config File for token validator endpoints url in keycloak?<br>From: <a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a><br>To: <a href="mailto:desk3016@live.com" target="_blank">desk3016@live.com</a><br>CC: <a href="mailto:keycloak-dev@lists.jboss.org" target="_blank">keycloak-dev@lists.jboss.org</a><div><div><br><br><div dir="ltr">Please elaborate on what your use-case is.</div><div><br><div>On 3 June 2016 at 19:09, Eric Son 3016 <span dir="ltr">&lt;<a href="mailto:desk3016@live.com" target="_blank">desk3016@live.com</a>&gt;</span> wrote:<br><blockquote style="border-left:1px #ccc solid;padding-left:1ex">


<div><div dir="ltr">Hi, <br><br>I would like to use external token validator with the keycloak.<br> Is there any existing configuration file for storing token validator API endpoints url and its public key info?<br>I want to set them up in &quot;System level&quot; rather than the &quot;Execution level&quot; in the code.<br><br>Thanks for the help!<br><br>Best Regards,<br><br>WJ<br><br>                                               </div></div>

<br>_______________________________________________<br>

keycloak-dev mailing list<br>

<a href="mailto:keycloak-dev@lists.jboss.org" target="_blank">keycloak-dev@lists.jboss.org</a><br>

<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br></blockquote></div><br></div></div></div></div></div>

                                               </div></div>

</blockquote></div><br></div></div></div></div>                                               </div></div>

</blockquote></div><br></div>