Hi Dmitry,
To don't bother normal users I changed to the dev group mailing list.
thx a lot for your detailed feedback. Considering that you are probably
right, that this feature will never be integrated to keycloak, I'll have
to think about my next steps.
Guess I'll follow your advise and catch internal keycloak events for
notifications. Currently it seems like the best solutions. As soon as we
start with this component I'll let you know. Planning to make it open
source but unfortunately can't promise yet.
Thx for all in the meantime
/david
On 13.11.18 00:20, Dmitry Telegin wrote:
Hello David,
Just FYI, you can reach Keycloak developers via keycloak-dev mailing list; this one is
more like a community of independent Keycloak experts. Being a proud member thereof,
I'll put in my two cents with great pleasure :) see answers inline.
TL;DR: the feature seems interesting, but I highly doubt it will be ever made a part of
Keycloak. However, you can implement everything as a Keycloak extension (and that's
what we love about Keycloak).
On Mon, 2018-11-12 at 22:55 +0100, David Monichi wrote:
> Hi,
>
> I'm considering to create a new application and for sure I'll use
> keycloak as user backend. It's really cool stuff what you guys created.
>
> I thought about various solutions for notifications of my application
> and was wondering if you guys already thought about to extend your
> e-mail notification to a more general and flexible system. So that not
> only keycloak e-mails will be sent over keycloak but also other
> applications e-mails and even more notifications can be send over
> keycloak (I'm thinking here of SMS, etc.). Therefore applications would
> need to upload any kind of templates to keycloak and somehow be able to
> manage them. There are 2 reasons for such a step. First of all keycloak
> already provides such basic functionality to sent notifications and so
> extending it could be done with lower overhead. Second, keycloak already
> owns the recipient data, if applications manage users over keycloak.
I'd also add that Keycloak already integrates the Freemarker template engine, which
is used to generate emails (along with login forms and the account UI).
> As additional feature of course a proper monitoring should be placed in
> such a feature, since notifications are really vital to modern applications.
Could you please elaborate what exactly you need to monitor?
> We would be able to provide programming resources for such a feature but
> of course working together, specially for the design phase, with you guys.
>
> The alternative would be to provide a different notification system and
> forward keycloak e-mails to that service (actually the event to sent a
> notification). Don't know if this actually is the way to go ...
>
>
> My motivation for such a feature is, that a single application should be
> responsible for sending notifications of any kind and not be widespread
> over various applications.
>
> Any ideas welcome ;) Eventually I overlooked something in my design ...
My experience says that features like that rarely get incorporated into mainline
Keycloak; the necessary (but not sufficient) condition is that you should be able to
maintain this feature in the future.
However, you can use Keycloak extension points (called Providers [1] in Keycloak's
terms) to implement what you want.
Here's my take on the outline of the solution:
- implement EntityProvider [2] (custom JPA entity + DB table) to store templates;
- implement RealmResourceProvider [3] (custom REST resource) for CRUD-style template
management by the applications;
- implement another one to trigger notification (and potentially track its status);
- implement the actual notification code, i.e. retrieving the template, processing it
with Freemarker and queueing it for delivery;
- most likely, you will need a persistent queue to store pending notifications. For that,
you can employ Keycloak's built-in ActiveMQ Artemis message broker;
- optionally, integrate your system with Keycloak internal events, so that the latter
could trigger your application-managed notifications.
For the reference, I'd recommend the official keycloak examples [4] and my own
BeerCloak project [5].
Good luck, and feel free to ask any questions :)
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail:info@acutus.pro
[
1]https://www.keycloak.org/docs/latest/server_development/index.html#_pro...
[
2]https://www.keycloak.org/docs/latest/server_development/index.html#_ext...
[
3]https://www.keycloak.org/docs/latest/server_development/index.html#_ext...
[
4]https://github.com/keycloak/keycloak/tree/master/examples/providers
[
5]https://github.com/dteleguin/beercloak
> Thx in advance for all your thoughts & all the best
>
> /david
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-user