[keycloak-user] "Remember Me" feature on Social Login

Rodrigo Sasaki rodrigopsasaki at gmail.com
Mon Aug 18 13:16:35 EDT 2014 

I found a way I think is correct, please let me know if anything I did is
wrong.

I send the request as POST with the remember_me in the form parameters, if
it comes marked, I create a cookie, and handle all the audit calls just as
it is on the normal login, and I send the remember_me value to the social
provider, and retrieve it on the callback method.

In the callback method, I set whatever comes from the remember_me value on
the last parameter of the createUserSession method.

Is this the correct flow?


On Wed, Aug 13, 2014 at 1:37 PM, Rodrigo Sasaki <rodrigopsasaki at gmail.com>
wrote:

> Should I set another cookie aswell? I tried it, I created the remember me
> cookie correctly when logging in through twitter and it didn't work. Here
> are the steps I took:
>
> 1. Opened browser without any cookies and history. Tried accessing:
> http://localhost:9080/customer-portal/customers/view.jsp
> 2. Server asked for authentication, I proceeded to login using Twitter and
> selecting the remember me checkbox. (KEYCLOAK_REMEMBER_ME cookie was
> created)
> 3. Closed the browser and reopened it. Accessed twitter, and after logging
> in I opened the same url (
> http://localhost:9080/customer-portal/customers/view.jsp)
>
> System asked me to login again, even though the cookie was there. Did I
> miss something?
>
> I see this message being printed on the console:
>
> 13:33:08,603 INFO  [org.keycloak.services.managers.AuthenticationManager]
> (http--127.0.0.1-9080-14) authenticateIdentityCookie
> 13:33:08,603 INFO  [org.keycloak.services.managers.AuthenticationManager]
> (http--127.0.0.1-9080-14) authenticateCookie could not find cookie:
> KEYCLOAK_IDENTITY
>
>
> On Tue, Aug 12, 2014 at 1:08 PM, Rodrigo Sasaki <rodrigopsasaki at gmail.com>
> wrote:
>
>> It's no problem, if I can come up with a suitable solution, I'll submit a
>> PR and you can add it whenever it fits the schedule, I'm just pursuing this
>> because it's one of the few things that we still need before we migrate
>> everything.
>>
>>
>> On Tue, Aug 12, 2014 at 12:27 PM, Stian Thorgersen <stian at redhat.com>
>> wrote:
>>
>>> The login form is:
>>>
>>>   ./forms/common-themes/src/main/resources/theme/login/base/login.ftl
>>>
>>> It's FreeMarker templates. FIY as we're close to releasing 1.0.final we
>>> can't add this to master until after.
>>>
>>> ----- Original Message -----
>>> > From: "Rodrigo Sasaki" <rodrigopsasaki at gmail.com>
>>> > To: "Stian Thorgersen" <stian at redhat.com>
>>> > Cc: keycloak-user at lists.jboss.org
>>> > Sent: Tuesday, 12 August, 2014 2:49:19 PM
>>> > Subject: Re: [keycloak-user] "Remember Me" feature on Social Login
>>> >
>>> > So you're saying I have to change the HTML pages to make it submit a
>>> form?
>>> >
>>> > I really don't understand how the interface works on Keycloak, could
>>> you
>>> > tell me the name of the file that handles the login page, if I
>>> understood
>>> > correctly. And I'll study it on from there.
>>> >
>>> >
>>> > On Tue, Aug 12, 2014 at 10:23 AM, Stian Thorgersen <stian at redhat.com>
>>> wrote:
>>> >
>>> > > Basically what's needed is:
>>> > >
>>> > >   * Add a remember me option for social - this is non-trivial as atm
>>> > > social logins are links so needs to be changed to submitting a form
>>> > >   * Set the login cookie in SocialResource.redirectToProviderAuth if
>>> this
>>> > > remember me check-box is set
>>> > >
>>> > > Reading the cookie is already handled, as it should set the same
>>> cookie as
>>> > > the "regular" login does.
>>> > >
>>> > > If you'd like to do this that would be great :)
>>> > >
>>> > > ----- Original Message -----
>>> > > > From: "Rodrigo Sasaki" <rodrigopsasaki at gmail.com>
>>> > > > To: "Stian Thorgersen" <stian at redhat.com>
>>> > > > Cc: keycloak-user at lists.jboss.org
>>> > > > Sent: Tuesday, 12 August, 2014 1:47:28 PM
>>> > > > Subject: Re: [keycloak-user] "Remember Me" feature on Social Login
>>> > > >
>>> > > > I was wondering, could you give me some pointers so I could try and
>>> > > > implement this myself? I was looking at the mechanics on the
>>> already
>>> > > > implemented feature, for username + password login, and I saw that
>>> I have
>>> > > > to set a cookie, which I'd have todo on
>>> > > > *SocialResource.redirectToProviderAuth*
>>> > > >
>>> > > > But I couldn't figure out how it uses the remember me cookie to
>>> evaluate
>>> > > > and authenticate the user on the next access. I'm looking into it
>>> now,
>>> > > but
>>> > > > anything you can help me with would be great, if it interests you.
>>> > > >
>>> > > >
>>> > > > On Mon, Aug 11, 2014 at 5:24 AM, Stian Thorgersen <
>>> stian at redhat.com>
>>> > > wrote:
>>> > > >
>>> > > > > It won't be until after 1.0.final has been released, but we'll
>>> aim to
>>> > > add
>>> > > > > it for 1.1.
>>> > > > >
>>> > > > > JIRA: https://issues.jboss.org/browse/KEYCLOAK-332
>>> > > > >
>>> > > > > ----- Original Message -----
>>> > > > > > From: "Rodrigo Sasaki" <rodrigopsasaki at gmail.com>
>>> > > > > > To: "Stian Thorgersen" <stian at redhat.com>
>>> > > > > > Cc: keycloak-user at lists.jboss.org
>>> > > > > > Sent: Tuesday, 5 August, 2014 12:38:33 PM
>>> > > > > > Subject: Re: [keycloak-user] "Remember Me" feature on Social
>>> Login
>>> > > > > >
>>> > > > > > Hi, just wondering, is there any prediction on when this
>>> feature
>>> > > will be
>>> > > > > > implemented?
>>> > > > > >
>>> > > > > >
>>> > > > > > On Tue, Jul 29, 2014 at 8:55 AM, Stian Thorgersen <
>>> stian at redhat.com>
>>> > > > > wrote:
>>> > > > > >
>>> > > > > > > It's planned just not implemented yet.
>>> > > > > > >
>>> > > > > > > One of the reasons was that we couldn't figure out an elegant
>>> > > placement
>>> > > > > > > for the remember-me checkbox.
>>> > > > > > >
>>> > > > > > > ----- Original Message -----
>>> > > > > > > > From: "Rodrigo Sasaki" <rodrigopsasaki at gmail.com>
>>> > > > > > > > To: keycloak-user at lists.jboss.org
>>> > > > > > > > Sent: Tuesday, 29 July, 2014 12:15:15 PM
>>> > > > > > > > Subject: [keycloak-user] "Remember Me" feature on Social
>>> Login
>>> > > > > > > >
>>> > > > > > > > Hi,
>>> > > > > > > >
>>> > > > > > > > I know this doesn't exist now, but I was wondering if it is
>>> > > something
>>> > > > > > > that is
>>> > > > > > > > planned to be implemented, or if there's a particular
>>> reason why
>>> > > it
>>> > > > > > > isn't.
>>> > > > > > > >
>>> > > > > > > > Thanks!
>>> > > > > > > >
>>> > > > > > > > --
>>> > > > > > > > Rodrigo Sasaki
>>> > > > > > > >
>>> > > > > > > > _______________________________________________
>>> > > > > > > > keycloak-user mailing list
>>> > > > > > > > keycloak-user at lists.jboss.org
>>> > > > > > > > https://lists.jboss.org/mailman/listinfo/keycloak-user
>>> > > > > > >
>>> > > > > >
>>> > > > > >
>>> > > > > >
>>> > > > > > --
>>> > > > > > Rodrigo Sasaki
>>> > > > > >
>>> > > > >
>>> > > >
>>> > > >
>>> > > >
>>> > > > --
>>> > > > Rodrigo Sasaki
>>> > > >
>>> > >
>>> >
>>> >
>>> >
>>> > --
>>> > Rodrigo Sasaki
>>> >
>>>
>>
>>
>>
>> --
>> Rodrigo Sasaki
>>
>
>
>
> --
> Rodrigo Sasaki
>



-- 
Rodrigo Sasaki
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20140818/566aae71/attachment-0001.html

More information about the keycloak-user mailing list