[keycloak-dev] Script based Authenticators
Stian Thorgersen
sthorger at redhat.com
Wed Feb 10 03:45:20 EST 2016
+1 This is very nice
We can't accept this for 1.9.x, but would love to include it in 2.0 if you
can complete the work. We'll create a branch for 1.9.x very soon, once
that's done we can start accepting PRs for 2.0.
Would be great if you carry on work on this feature and do a PR. We'd need
tests as well as documentation, it would also be good with some examples.
BTW could you give us some step-by-step instructions on how to try it out?
I'm to lazy/busy to figure it out on my own.
On 10 February 2016 at 06:12, Bill Burke <bburke at redhat.com> wrote:
> This is really cool.
>
>
> On 2/9/2016 5:48 PM, Thomas Darimont wrote:
>
> Hello group,
>
> I built a little prototype [0] for script based authenticators inspired by
> a discussion on the keycloak-users mailing list -
> think it was about post broker authentication checks, e.g. if the user has
> an email address that belongs to the google apps domain...
>
> I introduced a ScriptBasedAuthenticator that is bootstraped via a
> ScriptBasedAuthenticatorFactory can be execute a configured script
> via a JSR-223 ScriptEngine against a provided execution context.
>
> I also added a new "script" value type for proper rendering in the UI as
> well as an alias property
> to the AuthFlowExecutionRepresentation in order to be able to
> differentiate multiple instances of an Authenticator
> within the same AuthFlow - this comes pretty close to having Auth0 like
> scriptable rules in Keycloak.
>
> For convenient editing I added the AngularJS bindings for the popular ACE
> editor.
>
> Looking forward to your thoughts :)
>
> Cheers,
> Thomas
>
> [0]
> https://github.com/thomasdarimont/keycloak/commit/3f39479e7fa0c75941cd524ba99de5c85db43b62
> [1] https://auth0.com/docs/rules
>
>
> _______________________________________________
> keycloak-dev mailing listkeycloak-dev at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>
> --
> Bill Burke
> JBoss, a division of Red Hathttp://bill.burkecentral.com
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160210/5d2ba538/attachment.html
More information about the keycloak-dev
mailing list