[keycloak-user] Get magic link for users to login

Ilya Korol llivezking at gmail.com
Tue Apr 18 21:49:39 EDT 2017 

Hi recently i implemented almost same feature for our environment. I've 
done it via custom Authenticator implementation. This authenticator is 
injected in browser authentication flow as alternative execution just 
before cookie execution, and check request link whether he should 
authenticate user by this link. Here some snippet:


     @Override
     public void authenticate(AuthenticationFlowContext context) {
         MultivaluedMap<String, String> queryParams = 
context.getHttpRequest().getUri().getQueryParameters();

         // If uri doesn't contain appropriate query params this flow is 
not applicable,
         // so we pass it by to other flow chain
         if (!(queryParams.containsKey("marker") && 
queryParams.containsKey("userId"))) {
             context.attempted();
             return;
         }

         // Extract params from request
         String userId = queryParams.getFirst("userId");
         String marker = queryParams.getFirst("marker");

         RealmModel realm = context.getSession().getContext().getRealm();
         UserModel user = 
context.getSession().users().getUserById(userId, realm);

         // If user state doesn't match requirements this flow is not 
applicable,
         // so we pass it by to other flow chain
         if (checkConditions(user, marker, otherStruff)) {

             // User could be authenticated

             context.setUser(user);
             context.success();
         } else {
             context.attempted();
         }
     }



On 18.04.2017 19:09, Martin Johansson wrote:
> Hi!
>
> We want to achieve the following:
>
> Expose a REST endpoint where an authenticated client can retrieve a magic
> login link for a specific user. We have an ID in the attributes for the
> user which enables us to get the correct user.
>
> The reason for this is that we need to expose the possibility to send
> e-mails from other systems than Keycloak. We have other ways of composing
> the e-mails.
>
> So wanted final state is that a user can click a link in his e-mail client
> and be redirected to our app and be logged in.
>
> BR,
> Martin
>
> ---------- Forwarded message ----------
>> From: Ilya Korol <llivezking at gmail.com>
>> To: keycloak-user at lists.jboss.org
>> Cc:
>> Bcc:
>> Date: Fri, 14 Apr 2017 15:59:10 +1000
>> Subject: Re: [keycloak-user] Get magic link for users to login
>> Hi, could you explain more detailed what you want to achieve? As for my
>> team we also implemented custom rest endpoint, which send customized emails
>> to users. Check out org.keycloak.services.resources.admin.UsersResource
>> for details of default link constructing. (methods: resetPasswordEmail(),
>> executeActionsEmail(), sendVerifyEmail())
>>
>>
>> On 13.04.2017 17:54, Martin Johansson wrote:
>>
>>> Is it possible to retrieve the magic link that are sent by e-mail via the
>>> Java
>>> API? We have implemented an SPI with a REST interface and would like to
>>> get
>>> the link for usage in custom e-mails.
>>> Any hints which provider to be used is much appreciated.
>>>
>>> Regards,
>>> Martin
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list