[keycloak-dev] Script based Authenticators
Bill Burke
bburke at redhat.com
Wed Feb 10 00:12:59 EST 2016
This is really cool.
On 2/9/2016 5:48 PM, Thomas Darimont wrote:
> Hello group,
>
> I built a little prototype [0] for script based authenticators
> inspired by a discussion on the keycloak-users mailing list -
> think it was about post broker authentication checks, e.g. if the user
> has an email address that belongs to the google apps domain...
>
> I introduced a ScriptBasedAuthenticator that is bootstraped via a
> ScriptBasedAuthenticatorFactory can be execute a configured script
> via a JSR-223 ScriptEngine against a provided execution context.
>
> I also added a new "script" value type for proper rendering in the UI
> as well as an alias property
> to the AuthFlowExecutionRepresentation in order to be able to
> differentiate multiple instances of an Authenticator
> within the same AuthFlow - this comes pretty close to having Auth0
> like scriptable rules in Keycloak.
>
> For convenient editing I added the AngularJS bindings for the popular
> ACE editor.
>
> Looking forward to your thoughts :)
>
> Cheers,
> Thomas
>
> [0]
> https://github.com/thomasdarimont/keycloak/commit/3f39479e7fa0c75941cd524ba99de5c85db43b62
> [1] https://auth0.com/docs/rules
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160210/fe974591/attachment.html
More information about the keycloak-dev
mailing list