[keycloak-user] Send additional parameter on keycloak login
Vignesh S
vignesh at dataphilabs.com
Tue Sep 25 05:01:37 EDT 2018
On Tue, Sep 25, 2018 at 12:46 PM Marek Posolda <mposolda at redhat.com> wrote:
> Hi,
>
> I think that in the federation layer, you have access to current
> KeycloakSession. So you can probably use something like:
>
> org.jboss.resteasy.spi.HttpRequest req = session.getContext().getContextObject(HttpRequest.class);
> String myParam = req.getFormPArameters().get("my-param");
>
> This worked! Thank you so much Marek.
> No guarantee that it works :) Also question is, whether it's not more proper way to handle this at the Authenticator level, which will delegate to proper userStorage. UserStorage in theory shouldn't be
> interested about request params etc, but just make sure to CRUD user objects. But not sure about your use-case, and maybe handle at userStorage is the easiest option for you..
>
> The legacy system has one login API that behaves differently based on the
parameters passed. So I was in need of it in this layer to pass it on.
> Marek
>
>
>
> On 25/09/18 08:07, Vignesh S wrote:
>
> Hello All,
>
> After having received so many good reviews about Keycloak, We are
> implementing Keycloak as the access management system to our client
> organization. Thanks to all the contributors.
>
> I am stuck in getting the login complete with the User Federation SPI. I am
> in need of sending an additional parameter from the client during login
> which I wanted to be available in the User Federation layer. So that based
> on that parameter, I shall make an appropriate request to our legacy system
> for validating the password.
>
> Currently, I do this,
>
> curl -X POST \
> http://localhost:8080/auth/realms/<realm-name>/protocol/openid-connect/token
> \
> -H 'Accept: application/json' \
> -H 'Cache-Control: no-cache' \
> -H 'Content-Type: application/x-www-form-urlencoded' \
> -d
> 'username=<username>&password=<password>&grant_type=password&client_id=<client-id>'
>
> How can I add one another custom param to the body and make it available in
> the federation layer before making the login request to the legacy system?
>
> Any help will be much appreciated.
>
> Thanks,
> Vignesh
> _______________________________________________
> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
More information about the keycloak-user
mailing list