Hi Stian, thanks for this :-)
AuthenticationFlowContext & UserSessionProvider no longer have methods to get the
ClientSessionModel to lookup the user session, any suggestion on how to get this in
4.0.0.Final? I was looking at AuthenticationSessionProvider?
I agree with you wrt to your points 1 & 2, websocket callback is something I'm
working on separately, but only as a method of telling the waiting page to refresh instead
of polling; just need a distributed Pub/sub & filter (so only the specific sessions
get called.)
Regards James
Stian Thorgersen wrote on 27/06/2018 07:25:
Hi,
Take a look at
https://github.com/stianst/authenticator-example. It's just a POC, but
it does pretty much what you're after with regards to an out of bands authenticator.
Now to make it nice there's two aspects that needs to be worked on:
1. Support for additional multi factor mechanisms - users should be able to choose between
available means, pluggable support including configuration, etc.. I hope this is something
we'll be working on soon.
2. Push based out of bands - we need some concept of authentication events that the
authenticator web page can wait for. I would assume this would use websockets.
For Google prompt it would be nice to have that available OOTB, but it does depend on #1
to allow us to properly support more than one multi factor in a realm.
On Mon, 25 Jun 2018 at 11:23, James Holland
<james.holland@outlook.com<mailto:james.holland@outlook.com>> wrote:
I've added the feature request
https://issues.jboss.org/browse/KEYCLOAK-7675 for this.
_______________________________________________
keycloak-dev mailing list
keycloak-dev@lists.jboss.org<mailto:keycloak-dev@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-dev