[keycloak-user] Get magic link for users to login

Wed Apr 19 01:59:06 EDT 2017

Hi

Sounds like a good idea!
Out of curiosity, how do you create the links? Also, will the links ever
expire?

BR,
Ulrik

On Wed, 19 Apr 2017, 04:02 Ilya Korol, <llivezking at gmail.com> wrote:

> Hi recently i implemented almost same feature for our environment. I've
> done it via custom Authenticator implementation. This authenticator is
> injected in browser authentication flow as alternative execution just
> before cookie execution, and check request link whether he should
> authenticate user by this link. Here some snippet:
>
>
>      @Override
>      public void authenticate(AuthenticationFlowContext context) {
>          MultivaluedMap<String, String> queryParams =
> context.getHttpRequest().getUri().getQueryParameters();
>
>          // If uri doesn't contain appropriate query params this flow is
> not applicable,
>          // so we pass it by to other flow chain
>          if (!(queryParams.containsKey("marker") &&
> queryParams.containsKey("userId"))) {
>              context.attempted();
>              return;
>          }
>
>          // Extract params from request
>          String userId = queryParams.getFirst("userId");
>          String marker = queryParams.getFirst("marker");
>
>          RealmModel realm = context.getSession().getContext().getRealm();
>          UserModel user =
> context.getSession().users().getUserById(userId, realm);
>
>          // If user state doesn't match requirements this flow is not
> applicable,
>          // so we pass it by to other flow chain
>          if (checkConditions(user, marker, otherStruff)) {
>
>              // User could be authenticated
>
>              context.setUser(user);
>              context.success();
>          } else {
>              context.attempted();
>          }
>      }
>
>
>
> On 18.04.2017 19:09, Martin Johansson wrote:
> > Hi!
> >
> > We want to achieve the following:
> >
> > Expose a REST endpoint where an authenticated client can retrieve a magic
> > login link for a specific user. We have an ID in the attributes for the
> > user which enables us to get the correct user.
> >
> > The reason for this is that we need to expose the possibility to send
> > e-mails from other systems than Keycloak. We have other ways of composing
> > the e-mails.
> >
> > So wanted final state is that a user can click a link in his e-mail
> client
> > and be redirected to our app and be logged in.
> >
> > BR,
> > Martin
> >
> > ---------- Forwarded message ----------
> >> From: Ilya Korol <llivezking at gmail.com>
> >> To: keycloak-user at lists.jboss.org
> >> Cc:
> >> Bcc:
> >> Date: Fri, 14 Apr 2017 15:59:10 +1000
> >> Subject: Re: [keycloak-user] Get magic link for users to login
> >> Hi, could you explain more detailed what you want to achieve? As for my
> >> team we also implemented custom rest endpoint, which send customized
> emails
> >> to users. Check out org.keycloak.services.resources.admin.UsersResource
> >> for details of default link constructing. (methods:
> resetPasswordEmail(),
> >> executeActionsEmail(), sendVerifyEmail())
> >>
> >>
> >> On 13.04.2017 17:54, Martin Johansson wrote:
> >>
> >>> Is it possible to retrieve the magic link that are sent by e-mail via
> the
> >>> Java
> >>> API? We have implemented an SPI with a REST interface and would like to
> >>> get
> >>> the link for usage in custom e-mails.
> >>> Any hints which provider to be used is much appreciated.
> >>>
> >>> Regards,
> >>> Martin
> >>> _______________________________________________
> >>> keycloak-user mailing list
> >>> keycloak-user at lists.jboss.org
> >>> https://lists.jboss.org/mailman/listinfo/keycloak-user
> >>>
> >> _______________________________________________
> >> keycloak-user mailing list
> >> keycloak-user at lists.jboss.org
> >> https://lists.jboss.org/mailman/listinfo/keycloak-user
> >>
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-- 
Ulrik Lejon
Mollyware AB

+46-700-137786
ulrik.lejon at mollyware.se
www.mollyware.se