[keycloak-dev] Config File for token validator endpoints url in keycloak?

Stian Thorgersen sthorger at redhat.com
Fri Jun 17 01:42:10 EDT 2016


The config from keycloak-server.json is passed in to init method of the
provider factory (
https://github.com/keycloak/keycloak/blob/master/server-spi/src/main/java/org/keycloak/provider/ProviderFactory.java#L41)
and is not available in getAuthenticatorConfig.

On 16 June 2016 at 18:01, Eric Son 3016 <desk3016 at live.com> wrote:

> Hi Stian,
>
>
> Based on your response, I changed the configuration to this. But in
> authenticator, I am not able to access this config.
>
> Am I missing something?
>
>
>                 "authenticator": {
>
>                                 "xyz-username-password-authenticator": {
>
>                                                 "tvUrl": "
> https://192.168.0.11/TokenValidator/TokenValidator.asmx",
>
>
>
>                                 }
>
>                 }
>
>
>
> Here is my authenticator provider ID and provider configurations, Btw I
> can see this configuration in the console with empty value.
>
>
> *    public* *static* *final* String *PROVIDER_ID* =
> "xyz-username-password-authenticator";
>
>     *public* String getId() {
>
>         *return* *PROVIDER_ID*;
>
>     }
>
>
>
>     *private* *static* *final* List<ProviderConfigProperty>
> *configProperties* = *new* ArrayList<ProviderConfigProperty>();
>
>
>
>     *static* {
>
>         ProviderConfigProperty property;
>
>         property = *new* ProviderConfigProperty();
>
>         property.setName("tvUrl");
>
>         property.setLabel("Token Validator URL");
>
>         property.setType(ProviderConfigProperty.*STRING_TYPE*);
>
>         property.setHelpText("Token Validator URL.");
>
>         *configProperties*.add(property);
>
>     }
>
> In my authenticator, I am accessing config like this, but it doesn’t have
> value for this config.
>
>
>        *if*(context.getAuthenticatorConfig().getConfig() != *null*) {
>
>               *for* (String key : context.getAuthenticatorConfig().getConfig().keySet())
> {
>
>                      *log*.info("Config Key: " + key + ", Value: " +
> context.getAuthenticatorConfig().getConfig().get(key));
>
>               }
>
>        }
>
> Did you see what I have missed, any? Thanks!
>
> Best Regards,
>
> WJ
>
> ------------------------------
> Date: Thu, 16 Jun 2016 04:57:59 +0200
>
> Subject: Re: [keycloak-dev] Config File for token validator endpoints url
> in keycloak?
> From: sthorger at redhat.com
> To: desk3016 at live.com
> CC: keycloak-dev at lists.jboss.org
>
> The SPI is called "authenticator", not "authentication", so it should be:
>
> "authenticator": {
>
>                                 "xyz-username-password-authenticator": {
>
>                                                 "tvUrl": "
> https://192.168.0.11/TokenValidator/TokenValidator.asmx"
>
>                                 }
>
>                 }
>
>
> Assuming "xyz-username-password-authenticator" is what's returned by your
> factories getId method.
>
> On 16 June 2016 at 04:26, Eric Son 3016 <desk3016 at live.com> wrote:
>
> Hi Stian,
>
>
> For elaborating previous question, I am creating a authentication
> provider, which needs to call an external API.
>
> The payloads needs be encrypted with a key before calling the API.
>
>
> I want API URL and Path of the Key to be configurable, so that Ops team
> can tweak that based on each environment.
>
>
> I’ll be using KeyCloak in multi-tenant environment, so rather than
> configuring it at authenticator level for each relam, we want to configure
> these settings at system level.
>
>
>
> I came across this link
> http://keycloak.github.io/docs/userguide/keycloak-server/html/providers.html#d4e559
> which shows how you can pass configuration to providers.
>
>
> I tried to do the same thing for my authentication provider but that
> didn’t work. Not Sure if it matters but I am using KeyCloak version 1.9.3.
>
>
>
> This is what I put in keycloak-server.json. Here
> “xyz-username-password-authenticator” is my provider ID.
>
>
>
> "authentication": {
>
>                                 "xyz-username-password-authenticator": {
>
>                                                 "tvUrl": "
> https://192.168.0.11/TokenValidator/TokenValidator.asmx"
>
>                                 }
>
>                 }
>
> I also tried it by putting following configuration i.e. by removing the
> “authentication” element from above config.
>
>
>
> "xyz-username-password-authenticator": {
>
> "tvUrl": "https://192.168.0.11/TokenValidator/TokenValidator.asmx"
>
>                 }
>
>
>
> Can you please guide me how can I pass these configurations to my
> authentication providers?
>
>
> Thanks!
>
>
> Best Regards,
>
>
> WJ
>
>
> ------------------------------
> Date: Mon, 6 Jun 2016 08:00:07 +0200
> Subject: Re: [keycloak-dev] Config File for token validator endpoints url
> in keycloak?
> From: sthorger at redhat.com
> To: desk3016 at live.com
> CC: keycloak-dev at lists.jboss.org
>
>
> Please elaborate on what your use-case is.
>
> On 3 June 2016 at 19:09, Eric Son 3016 <desk3016 at live.com> wrote:
>
> Hi,
>
> I would like to use external token validator with the keycloak.
>  Is there any existing configuration file for storing token validator API
> endpoints url and its public key info?
> I want to set them up in "System level" rather than the "Execution level"
> in the code.
>
> Thanks for the help!
>
> Best Regards,
>
> WJ
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160617/a827f3e1/attachment-0001.html 


More information about the keycloak-dev mailing list