[keycloak-user] Facebook login + Remember me

Marek Posolda mposolda at redhat.com
Fri Dec 9 06:50:58 EST 2016 

Yes, by "redirect to Facebook" I meant the flow like:
- Redirect will be done by your Keycloak authenticator to the Facebook
- Once Facebook authenticates, it returns back to Keycloak and Keycloak 
will establish userSession based on the identityProvider Facebook login
- Keycloak will redirect back to the application

Basically what will happen, should be the same like when user clicks on 
the button "Login with Facebook" on Keycloak login form. The only 
difference is, that user won't need to click, but it will happen 
automatically.

You can take a look at IdentityProviderAuthenticator.redirect, which is 
similar and is doing automatic redirect to identityProvider based on the 
"kc_idp_hint" parameter. Your Authenticator will probably do the same 
though, it will just use the cookie, not the "kc_idp_hint" parameter.

Marek

On 09/12/16 11:42, Mariusz Chruscielewski - Info.nl wrote:
> Hi Marek, one additional question.
>
> You mentioned "redirect to Facebook", is there any way to redirect to facebook keycloak flow? Like when I detect that cookie exist, to run facebook authentication flow and let KC do the rest in standard way?
>
> Thanks
> Mariusz
>
> -----Original Message-----
> From: keycloak-user-bounces at lists.jboss.org [mailto:keycloak-user-bounces at lists.jboss.org] On Behalf Of Mariusz Chruscielewski - Info.nl
> Sent: donderdag 8 december 2016 13:32
> To: Marek Posolda <mposolda at redhat.com>; keycloak-user at lists.jboss.org
> Subject: Re: [keycloak-user] Facebook login + Remember me
>
> This sender failed our fraud detection checks and may not be who they appear to be. Learn about spoofing at http://aka.ms/LearnAboutSpoofing
>
> Thanks for your answer, I will try to implement that.
>
> Regards
> Mariusz
>
> -----Original Message-----
> From: Marek Posolda [mailto:mposolda at redhat.com]
> Sent: donderdag 8 december 2016 13:29
> To: Mariusz Chruscielewski - Info.nl <mariusz at info.nl>; keycloak-user at lists.jboss.org
> Subject: Re: [keycloak-user] Facebook login + Remember me
>
> RememberMe is used just for the Keycloak own login form.
>
> I can see the possibility that:
> - You will create authenticator implementation, which will setup some cookie once you successfully login with Facebook. You will need to use this authenticator in post-broker login flow, which will be setup for Facebook.
>
> - Then you will create another authenticator implementation, which will be used in "browser" flow instead before the login form is shown. This authenticator will check for the existence of the cookie above and automatically redirects to Facebook if present.
>
> Marek
>
>
> On 07/12/16 17:32, Mariusz Chruscielewski - Info.nl wrote:
>> Hi, is it possible to set remember me cookie and identity cookie from Keycloak when we use Facebook Login Provider?
>>
>> I did debug, and I found that in AuthenticationManager.java#createLoginCookie check:
>>
>> if(session.isRememberMe())  returns false.
>>
>> Is there a way to setup this somewhere (remember all facebook logins?)
>>
>> I tried to create my own custom Authenticator but I can't set remember me from there. Is there any way to build that?
>>
>> Thanks in advance
>> Mariusz Chruścielewski
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list