Hello group, are there any plans to support custom attributes to be passed from authenticators to (login-) forms? Concrete use-case is that I want to pass information from a custom OTP authenticator down to the login-totp.ftl template. Would be helpful if it were possible to pass custom attributes to the create*Page(..) methods in org.keycloak.forms.login.LoginFormsProvider. This would really ease customizations. Other alternatives to pass data are: - use some ThreadLocal storage within an Authenticator (set and clear) - but this feels more like a hack - custom page template and population logic in in a custom FreeMarkerLoginFormsProvider (quite involved...) Cheers, Thomas

Hi Thomas, the LoginFormsProvider has method "setAttribute" . I think that in the authenticator, you can use something like context.form().setAttribute("foo", "bar"); when "context" is AuthenticationFlowContext passed to the authenticator. Then in the template, the attribute "foo" can be directly referenced. Does it working for you? Marek On 10/04/17 17:35, Thomas Darimont wrote: > FYI my current solution (ab)uses the attributes of the current > HttpServletRequest to pass custom > data down to the templates with a (small) adjustment of > FreeMarkerLoginFormsProvider as shown below. > > This is quite hacky but does it's job until I find a better way to do > this. > > Within my custom Authenticator: > > private static final String MY_CUSTOM_ATTRIBUTE="my_custom_attribute"; > > @Override > public void authenticate(AuthenticationFlowContext context) { > HttpServletRequest request = > context.getSession().getContext().getContextObject(HttpServl > etRequest.class); > try { > request.setAttribute(MY_CUSTOM_ATTRIBUTE, "bubu"); > super.authenticate(context); > } finally { > request.removeAttribute(MY_CUSTOM_ATTRIBUTE); > } > } > > Small extension to the FreeMarkerLoginFormsProvider in "private Response > createResponse(LoginFormsPages page)": > ... > HttpServletRequest currentHttpRequest = > session.getContext().getContextObject(HttpServletRequest.class); > if (currentHttpRequest != null) { > attributes.put("currentRequestAttributes", new > HttpServletRequestAttributesBean(currentHttpRequest)); > } > ... > > public static class HttpServletRequestAttributesBean { > > private final HttpServletRequest request; > > public HttpServletRequestAttributesBean(HttpServletRequest request){ > this.request = request; > } > > public Object getAttribute(String name){ > return this.request.getAttribute(name); > } > > public Map<String,Object> getAttributes(){ > > Map<String,Object> attributes = new HashMap<>(); > for(String name : Collections.list(request.getAttributeNames())){ > attributes.put(name, request.getAttribute(name)); > } > > return attributes; > } > } > > In my template login-totp.ftl: > <span>Custom value: > ${currentRequestAttributes.getAttribute('my_custom_attribute > ')!'default'}</span> > > 2017-04-10 16:04 GMT+02:00 Thomas Darimont <thomas.darimont(a)googlemail.co > m>: > > Hello group, >> >> are there any plans to support custom attributes to be passed from >> authenticators to (login-) forms? >> >> Concrete use-case is that I want to pass information >> from a custom OTP authenticator down to the login-totp.ftl template. >> >> Would be helpful if it were possible to pass custom attributes to the >> create*Page(..) methods in org.keycloak.forms.login.LoginFormsProvider. >> >> This would really ease customizations. >> >> Other alternatives to pass data are: >> - use some ThreadLocal storage within an Authenticator (set and clear) - >> but this feels more like a hack >> - custom page template and population logic in in a custom >> FreeMarkerLoginFormsProvider (quite involved...) >> >> Cheers, >> Thomas >> >> _______________________________________________ > keycloak-dev mailing list > keycloak-dev(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-dev >