[keycloak-dev] Async authentication example
Stian Thorgersen
sthorger at redhat.com
Tue Jul 11 08:29:18 EDT 2017
I gave it a go and implemented an "async" authentication example. It's
rather simple what happens is:
* User authenticates with username only
* Then a "waiting" page is displayed, which is waiting for some external
callback. This could be an app or whatever that verifies the user then
sends the callback. In the example a CURL command is printed on sysout for
the server which you can run to "simulate" the callback from the app.
* Once the callback is received the user is authenticated without filling
in password or any other credentials in the main browser
https://github.com/stianst/authenticator-example
Check it out here:
https://youtu.be/C09BpNIf4v8
It's a bit hacky in the way it's implemented:
* Using notes for "callback" is a bit strange maybe?
* Had to use custom realm resource for callback endpoint. Is this strange?
* Probably won't work for cross DC, but in 7.2 Hynek has stuff that does
that
* No way to push change to browser, so have to pull every 2 seconds. Maybe
we could add a simple authentication event feature that uses websockets and
a small auth js lib to do the job of notification?
More information about the keycloak-dev
mailing list