Hello Geoffrey,
I was right about to click Send when I finally noticed that statement in parentheses :-D
you were 100% right, what else can I say :)
Here we go, try this snippet:
SerializedBrokeredIdentityContext =
Java.type("org.keycloak.authentication.authenticators.broker.util.SerializedBrokeredIdentityContext");
AbstractIdpAuthenticator =
Java.type("org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator");
function authenticate(context) {
var serializedCtx =
SerializedBrokeredIdentityContext.readFromAuthenticationSession(authenticationSession,
AbstractIdpAuthenticator.BROKERED_CONTEXT_NOTE);
var biCtx = serializedCtx.deserialize(session, authenticationSession);
LOG.info(biCtx.username);
LOG.info(biCtx.idpConfig.alias);
context.success();
}
Also take a look at org.keycloak.broker.provider.BrokeredIdentityContext to figure out
what else you can obtain from that object.
Good luck :)
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info(a)acutus.pro
On Thu, 2018-12-13 at 14:31 +0100, Geoffrey Cleaves wrote:
Hello. I have a simple JS execution which denies access as the first
step
of the first broker login flow. I would like to access some of the
attributes that Keycloak writes out to the log when executing this flow
(see below)
What objects or variables must my JS execution load in order to get the
identity_provider_identity attribute listed below?
20:29:56,588 WARN [org.keycloak.events] (default task-527)
type=IDENTITY_PROVIDER_FIRST_LOGIN_ERROR, realmId=re, clientId=tblic,
userId=null, ipAddress=90., error=user_not_found, identity_provider=google,
auth_method=openid-connect, redirect_uri=http://localhost:8222?clientid=tic,
identity_provider_identity=user(a)gmail.com, code_id=b07317fdb
Thanks in advance!
Geoff
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user