Re: [keycloak-user] Passing information from custom Authenticator to a Token
Thanks for your reply :)
I think (ab)using user attributes for storing temporary data is not a good
idea, e.g. one would need to take care to clear that information etc.
I'm currently using
context.getClientSession().setUserSessionNote("key","value");
in combination with a user protocol mapper for "user session note".
Cheers,
Thomas
2017-04-21 13:40 GMT+02:00 Король Илья <llivezking(a)gmail.com>:
First thing that came to my head is to populate required data to
attributes of UserModel and use mappers to map attr to AT claim, but
your way also look interesting and i don't see any problems here.
21.04.2017 8:32, Thomas Darimont пишет:
> Hello group,
>
> I need to pass some information form a custom Authenticator to the
> IDToken/AccessToken.
> One way I found to do that is by using UserSessionNotes and a "User
Session
> Note"
> Protocol Mapper defined in a client template which is shared by all
clients.
>
> public void authenticate(AuthenticationFlowContext context) {
> ...
>
> context.getClientSession().getUserSessionNotes().put("
someKey","someValue");
> ...
> }
>
> is this the intended way to do this sort of things?
>
> Cheers,
> Thomas
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user