[keycloak-user] register new user; redirect to specific client url
Marek Posolda
mposolda at redhat.com
Thu Sep 26 03:30:42 EDT 2019
Hi John,
On 25. 09. 19 17:57, John Norris wrote:
> Hi Marek,
> am I asking for something unusual here?
Yes, to be honest :) Or at least I can't recall any other similar
request in the past. I think most applications don't care if user is
brand new user, who was just registered or if it is the old keycloak
user. In OIDC protocol, there is "redirect_uri" sent in the initial
request and that is always where the Keycloak will redirect regardless
of whether there was user registered or just existing user
authenticated. I understand your use-case, however I don't think it's
very common.
To your particular problem, there should be solution as I mentioned
already. Either the event listener or parse the token in your
application and then decide if it's new user or existing user based on
"createdDate" claim. For more hints, I suggest to take a look at Spring
Boot 2 applications and our adapter quickstarts. There should be
something to show how to obtain token in your app and parse it. Adding
"createdDate" claim or something like this should be also possible.
Marek
> It seems that if Keycloak is going to give "register new user"
> functionality then there should be an easy straightforward way for the
> application of knowing that is what has happened and taking any
> necessary action.
> My application is built on Spring Boot 2. You mentioned previously
> about java filters. Looking at
> https://www.keycloak.org/docs/latest/securing_apps/index.html#_servlet_filter_adapter,
> and that has a code example of
>
> |<filter-mapping> <filter-name>Keycloak Filter</filter-name>
> <url-pattern>/keycloak/*</url-pattern>
> <url-pattern>/protected/*</url-pattern> </filter-mapping>|
> Spring Boot 2 has a Keycloak adapter so would adding a
> @GetMapping("/keycloak/**") mean that keycloak would return from
> registration to here? This is where an extra field for user
> registration would be useful to have a url it could return to.
>
> Regards,
> John
More information about the keycloak-user
mailing list