[keycloak-dev] Support for passing custom attributes from authenticators to login pages

Mon Apr 10 15:32:06 EDT 2017

Hi Thomas,

the LoginFormsProvider has method "setAttribute" . I think that in the 
authenticator, you can use something like

context.form().setAttribute("foo", "bar");

when "context" is AuthenticationFlowContext passed to the authenticator. 
Then in the template, the attribute "foo" can be directly referenced. 
Does it working for you?

Marek

On 10/04/17 17:35, Thomas Darimont wrote:
> FYI my current solution (ab)uses the attributes of the current
> HttpServletRequest to pass custom
> data down to the templates with a (small) adjustment of
> FreeMarkerLoginFormsProvider as shown below.
>
> This is quite hacky but does it's job until I find a better way to do this.
>
> Within my custom Authenticator:
>
> private static final String MY_CUSTOM_ATTRIBUTE="my_custom_attribute";
>
> @Override
> public void authenticate(AuthenticationFlowContext context) {
>     HttpServletRequest request =
> context.getSession().getContext().getContextObject(HttpServletRequest.class);
>     try {
>         request.setAttribute(MY_CUSTOM_ATTRIBUTE, "bubu");
>         super.authenticate(context);
>     } finally {
>         request.removeAttribute(MY_CUSTOM_ATTRIBUTE);
>     }
> }
>
> Small extension to the FreeMarkerLoginFormsProvider in "private Response
> createResponse(LoginFormsPages page)":
> ...
> HttpServletRequest currentHttpRequest =
> session.getContext().getContextObject(HttpServletRequest.class);
> if (currentHttpRequest != null) {
>     attributes.put("currentRequestAttributes", new
> HttpServletRequestAttributesBean(currentHttpRequest));
> }
> ...
>
> public static class HttpServletRequestAttributesBean {
>
>     private final HttpServletRequest request;
>
>     public HttpServletRequestAttributesBean(HttpServletRequest request){
>         this.request = request;
>     }
>
>     public Object getAttribute(String name){
>         return this.request.getAttribute(name);
>     }
>
>     public Map<String,Object> getAttributes(){
>
>         Map<String,Object> attributes = new HashMap<>();
>         for(String name : Collections.list(request.getAttributeNames())){
>             attributes.put(name, request.getAttribute(name));
>         }
>
>         return attributes;
>     }
> }
>
> In my template login-totp.ftl:
> <span>Custom value:
> ${currentRequestAttributes.getAttribute('my_custom_attribute')!'default'}</span>
>
> 2017-04-10 16:04 GMT+02:00 Thomas Darimont <thomas.darimont at googlemail.com>:
>
>> Hello group,
>>
>> are there any plans to support custom attributes to be passed from
>> authenticators to (login-) forms?
>>
>> Concrete use-case is that I want to pass information
>> from a custom OTP authenticator down to the login-totp.ftl template.
>>
>> Would be helpful if it were possible to pass custom attributes to the
>> create*Page(..) methods in org.keycloak.forms.login.LoginFormsProvider.
>>
>> This would really ease customizations.
>>
>> Other alternatives to pass data are:
>> - use some ThreadLocal storage within an Authenticator (set and clear) -
>> but this feels more like a hack
>> - custom page template and population logic in in a custom
>> FreeMarkerLoginFormsProvider (quite involved...)
>>
>> Cheers,
>> Thomas
>>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev