[keycloak-dev] Direct link to registration/forgot-credentials

[Sebastian Rose]

Hi all,

i have a requirement to provide an external link for register account and forgot-credentials.

I learned from KEYCLOAK-1904 that using .../openid-connect/registrations?client_id=.... instead auf /openid-connect/auth?client_id=... works for the register account part. KEYCLOAK-1904 brought this to the js-adapter and provided it as an example to js-console. While testing that KEYCLOAK-1910 was created due to a problem with the bean-initialization.

For having the same with forgot-credentials i added simmilar code to make .../openid-connect/forgot-credentials?client_id=... work. This change is described in KEYCLOAK-1927.

My first approach was not considering the Authorization SPI (thanks Stian). Second approach uses the class AuthenticationProcessor  which is already used for .../openid-connect/auth to make KEYCLOAK-1910 and KEYCLOAK-1927 work. I am not sure if i understood completely and any hint/help is appreciated. With some manual tests it worked fine (please see https://github.com/keycloak/keycloak/pull/1686)

Please let me know what you think:
1) .../openid-connect/forgot-credentials is something you can live with/find it usefull
2) Is using class AuthenticationProcessor the correct approach . Anything there to consider after the call of .authenticate? There is a lot more code in place for the auth-case, which deals with variants. They don't seem to be useful for the two other cases.
3) I would like to add .../openid-connect/forgot-credentials to the js-adapter and js-console as well.

Best Regards,
Sebastian​