[keycloak-user] Authenticator flows alternative processing - Keycloak 4.8.3
Cliff MAURY
cliff.maury at gmail.com
Thu Sep 26 11:25:19 EDT 2019
Hello,
We have to implement an authenticator flow to handle the following
scenarios :
- EITHER user fills in the login form, he/she can be log into the app
(Username Password Form)
- OR users click on a new link 'First connection ?' on the login page,
he/she sould be redirected to a flow with 'Choose User' and 'Send Email
Validation' (custom authentificator).
Here is the configuration of the custom browser flow :
- Cookie : ALTERNATIVE
- Custom Browser : ALTERNATIVE
- Custom Username Password : REQUIRED
- First Connection : ALTERNATIVE
- Choose User : REQUIRED
- Send Validation Email (custom authentificator) : REQUIRED
We tried to override UsernamePasswordForm:action() (in a custom new class)
in order to do context.attempted() and so ignore this step and go into the
First Connection flow (ie display the "Choose User" Form) but it doesn't
work at this time.
We are lost into DefaultAuthenticationFlow (processFlow(),
processAction()...) especially with processResult() (case ATTEMPTED) that
throws an AuthenticationFlowException when execution is REQUIRED (line 278
/ keycloak 4.8.3.Final)
Does someone see what we can do please ?
Regards,
Cliff MAURY
More information about the keycloak-user
mailing list