<div dir="ltr">I was thinking about this some more last night and maybe we should add the client uuid to the ClientSessionCode that way it&#39;ll always be available even if the client session is invalidated. It would make the links long though, which I don&#39;t like.</div><div class="gmail_extra"><br><div class="gmail_quote">On 19 January 2016 at 21:05, Travis De Silva <span dir="ltr">&lt;<a href="mailto:traviskds@gmail.com" target="_blank">traviskds@gmail.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Created Jira <a href="https://issues.jboss.org/browse/KEYCLOAK-2359" target="_blank">https://issues.jboss.org/browse/KEYCLOAK-2359</a><div><br></div><div>1.9 would be fantastic :) Thanks a lot. Will resolve a big usability issue for us.</div><div><br></div></div><div class="HOEnZb"><div class="h5"><br><div class="gmail_quote"><div dir="ltr">On Wed, 20 Jan 2016 at 06:46 Stian Thorgersen &lt;<a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a>&gt; wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">IMO this is a usability issue that we should fix for 1.9, so you can create a JIRA. I can&#39;t guarantee that&#39;ll it be done for 1.9 though and may be pushed.</div><div class="gmail_extra"><br><div class="gmail_quote">On 19 January 2016 at 20:15, Travis De Silva <span dir="ltr">&lt;<a href="mailto:traviskds@gmail.com" target="_blank">traviskds@gmail.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">+1 for adding client_id param to the emails. This is an important requirement especially for consumer web applications as once we get a user, we don&#39;t want to lose that user from getting back to the site.<br><div><br></div><div>Shall I create a Jira request for this? </div><div><br></div></div><div><div><br><div class="gmail_quote"><div dir="ltr">On Wed, 20 Jan 2016 at 01:56 Stian Thorgersen &lt;<a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a>&gt; wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Cookie is not always going to work for emails though as the link may be opened in a new browser session (or a different browser)</div><div class="gmail_extra"><br><div class="gmail_quote">On 19 January 2016 at 15:40, Bill Burke <span dir="ltr">&lt;<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div bgcolor="#FFFFFF" text="#000000">
    We already set up a cookie for client session timeouts to hold
    information that can reconstruct the session.  Not sure if we do it
    for reset credentials though.<div><div><br>
    <br>
    <div>On 1/19/2016 8:04 AM, Thomas Raehalme
      wrote:<br>
    </div>
    <blockquote type="cite">
      <div dir="ltr">+1 Sounds like a very good idea!
        <div class="gmail_extra"><br>
          <div class="gmail_quote">On Tue, Jan 19, 2016 at 3:01 PM,
            Stian Thorgersen <span dir="ltr">&lt;<a href="mailto:sthorger@redhat.com" target="_blank"></a><a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a>&gt;</span>
            wrote:<br>
            <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
              <div dir="ltr">We could add a client_id param to the
                emails. Then if it all fails we can use the clients base
                url.</div>
              <div>
                <div>
                  <div class="gmail_extra"><br>
                    <div class="gmail_quote">On 15 January 2016 at
                      21:28, Travis De Silva <span dir="ltr">&lt;<a href="mailto:traviskds@gmail.com" target="_blank"></a><a href="mailto:traviskds@gmail.com" target="_blank">traviskds@gmail.com</a>&gt;</span>
                      wrote:<br>
                      <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                        <div dir="ltr">irrespective of the theme, how
                          would you provide a link to the user to
                          redirect back to the application that they
                          initiated the request in the first place.
                          <div><br>
                          </div>
                          <div>For example, they click on the forgot
                            password link or the register new user link.</div>
                          <div><br>
                          </div>
                          <div>KeyCloak sends them an email with a link.
                            But they don&#39;t click it for awhile and then
                            when they click it, it has expired. So we
                            should be able to display an expired message
                            and redirect them back to the login page.
                            How can we handle this?</div>
                          <div><br>
                          </div>
                          <div><br>
                          </div>
                        </div>
                        <div>
                          <div><br>
                            <div class="gmail_quote">
                              <div dir="ltr">On Sat, 16 Jan 2016 at
                                07:23 Bill Burke &lt;<a href="mailto:bburke@redhat.com" target="_blank"></a><a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>&gt;
                                wrote:<br>
                              </div>
                              <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                                <div bgcolor="#FFFFFF" text="#000000">
                                  NO, you can&#39;t.  This would create an
                                  open redirect probably and the themes
                                  are supposed to be completely
                                  independent of the protocol.</div>
                                <div bgcolor="#FFFFFF" text="#000000"><br>
                                  <br>
                                  <div>On 1/15/2016 3:06 PM, Travis De
                                    Silva wrote:<br>
                                  </div>
                                  <blockquote type="cite">
                                    <div dir="ltr">I can understand
                                      that. But without the client ID,
                                      we cannot redirect them back to
                                      the login screen. 
                                      <div><br>
                                      </div>
                                      <div>Is there anyway where the
                                        redirect url can be sent as a
                                        query string together with the
                                        code. That way, we can then pick
                                        the redirect url from the query
                                        string and redirect the user
                                        back to the appropriate login
                                        screen.</div>
                                      <div><br>
                                      </div>
                                    </div>
                                    <br>
                                    <div class="gmail_quote">
                                      <div dir="ltr">On Thu, 14 Jan 2016
                                        at 18:56 Stian Thorgersen &lt;<a href="mailto:sthorger@redhat.com" target="_blank"></a><a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a>&gt;

                                        wrote:<br>
                                      </div>
                                      <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                                        <div dir="ltr">Once the client
                                          session is removed (it&#39;s
                                          deleted at some point after
                                          the login has timed out) the
                                          client id is no longer
                                          available. We have to delete
                                          this session at some point as
                                          otherwise we&#39;d be left with
                                          garbage from abandoned logins</div>
                                        <div class="gmail_extra"><br>
                                        </div>
                                        <div class="gmail_extra">
                                          <div class="gmail_quote">On 13
                                            January 2016 at 21:27,
                                            Travis De Silva <span dir="ltr">&lt;<a href="mailto:traviskds@gmail.com" target="_blank"></a><a href="mailto:traviskds@gmail.com" target="_blank">traviskds@gmail.com</a>&gt;</span>
                                            wrote:<br>
                                          </div>
                                        </div>
                                        <div class="gmail_extra">
                                          <div class="gmail_quote">
                                            <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                                              <div dir="ltr">Hi,
                                                <div><br>
                                                </div>
                                                <div>For theming the
                                                  login for different
                                                  clients within a
                                                  realm, we are
                                                  conditionally checking
                                                  for the client ID in
                                                  the freemarker
                                                  templates and then
                                                  accordingly including
                                                  sub freemarker
                                                  templates. This is
                                                  working perfectly but
                                                  the issue is for
                                                  certain errors, such
                                                  as &quot;You took too long
                                                  to login. Login
                                                  process starting from
                                                  beginning.&quot;, the
                                                  clientid becomes null
                                                  ( (sometimes).</div>
                                                <div><br>
                                                </div>
                                                <div>Is there anything I
                                                  can do from the
                                                  freemarker template to
                                                  identify the client id
                                                  so I can then
                                                  accordingly handle
                                                  these errors?</div>
                                                <div><br>
                                                </div>
                                                <div>Cheers</div>
                                                <div>Travis</div>
                                                <div><br>
                                                </div>
                                                <div><br>
                                                </div>
                                                <div><br>
                                                </div>
                                                <div>
                                                  <p><span>clientId=null</span></p>
                                                </div>
                                              </div>
                                              <br>
                                            </blockquote>
                                          </div>
                                        </div>
                                        <div class="gmail_extra">
                                          <div class="gmail_quote">
                                            <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">_______________________________________________<br>
                                              keycloak-user mailing list<br>
                                              <a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
                                              <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
                                            </blockquote>
                                          </div>
                                          <br>
                                        </div>
                                      </blockquote>
                                    </div>
                                    <br>
                                    <fieldset></fieldset>
                                    <br>
                                    <pre>_______________________________________________
keycloak-user mailing list
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
                                  </blockquote>
                                  <br>
                                </div>
                                <div bgcolor="#FFFFFF" text="#000000">
                                  <pre cols="72">-- 
Bill Burke
JBoss, a division of Red Hat
<a href="http://bill.burkecentral.com" target="_blank">http://bill.burkecentral.com</a></pre>
                                </div>
_______________________________________________<br>
                                keycloak-user mailing list<br>
                                <a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
                                <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></blockquote>
                            </div>
                          </div>
                        </div>
                        <br>
                        _______________________________________________<br>
                        keycloak-user mailing list<br>
                        <a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
                        <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
                      </blockquote>
                    </div>
                    <br>
                  </div>
                </div>
              </div>
              <br>
              _______________________________________________<br>
              keycloak-user mailing list<br>
              <a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
              <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
            </blockquote>
          </div>
          <br>
        </div>
      </div>
      <br>
      <fieldset></fieldset>
      <br>
      <pre>_______________________________________________
keycloak-user mailing list
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
    </blockquote>
    <br>
    <pre cols="72">-- 
Bill Burke
JBoss, a division of Red Hat
<a href="http://bill.burkecentral.com" target="_blank">http://bill.burkecentral.com</a></pre>
  </div></div></div>

<br>_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br></blockquote></div><br></div>
_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></blockquote></div>
</div></div></blockquote></div><br></div>
</blockquote></div>
</div></div></blockquote></div><br></div>