Thanks for the answer!
On callback I'm setting the attribute in client session and it works fine.
When submitting the form, *action()* method checks the attribute and
creates user session the way I wanted.
The question now is how to poll to check if the form can be submitted
automatically with JavaScript. Is there any endpoint to see if session
attribute has already been set? Or should I use extensions
http://www.keycloak.org/docs/2.5/server_development_guide/topics/extensio...
and
implement my own endpoint?
Any suggestions appreciated.
2017-02-15 20:43 GMT+01:00 Bill Burke <bburke(a)redhat.com>:
We don't support async HTTP. So you either need to block or have
your
login page poll. If you poll, then your async callback is gonna have to
re-create a KeycloakSession object. I suggest you have your
authenticate() method check to see if a clientSession attribute is set
or not and have the callback locate the clientSession and set this
variable. Hope I'm making sense.
On 2/15/17 10:59 AM, Daniel Radzikowski wrote:
> Hi,
>
> I'm trying to implement new authenticator for Mobile Connect. It is a bit
> unusual flow, where the first method *void
> authenticate(AuthenticationFlowContext context)* before returning a
> challenge, calls a REST API, which prompts user mobile phone with 'Click
> OK' button. This API call waits until the user clicks OK (or timeouts),
so
> in order not to block the request, it is wrapped in CompletableFuture and
> the login page (with no inputs) is immediately returned to the browser.
> (browser should't wait for the API call result).
>
> The problem is when the CompletableFuture is completed and calls a
> callback. It's the place where the authentication should occur, but I
don't
> have any idea how to do it. The only authenticating factor is OK response
> from this API. Can I set the authentication somehow bypassing the whole
> processor (calling method *action(AuthenticationFlowContext context)* on
> its way)? I thought I will eventually call the *action *from the browser
> (with ajax) and only check if the session is already created. The only
> thing that I can pass to the callback is an AuthenticationFlowContext
data
> obtained from the first *action(AuthenticationFlowContext context)*
call.
> Is there any way to do it?
>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Pozdrawiam,
Daniel Radzikowski.