[keycloak-user] password forgotten - override UpdatePasswd required action (v 1.7.0)
Adrian Matei
adrianmatei at gmail.com
Mon Feb 1 11:25:34 EST 2016
Hi guys,
in the UpdatePassword class we need to modify the string values that come
from formData
so that there are not "password-new" but "passwordNew" (JS conform as we've
build the GUI with AngularJS on top of Freemarker actions):
https://github.com/keycloak/keycloak/blob/de472dbd43dd2767afb3436835f77924a78e9f82/services/src/main/java/org/keycloak/authentication/requiredactions/UpdatePassword.java#L67
We've created our own CustomUpdatePassword (similar with the class above
except the two lines and own id -UPDATE_PASSWORD_CUSTOM) and tried to hook
it in our own custom ResetPassword class:
@Override
public void authenticate(AuthenticationFlowContext context) {
if (context.getExecution().isRequired() ||
(context.getExecution().isOptional() &&
configuredFor(context))) {
context.getClientSession().addRequiredAction(CustomUpdatePassword.UPDATE_PASSWORD_CUSTOM);
}
context.success();
}
The custom classes are registered in META-INF services and everything, and
we can add the custom reset password execution in the Reset Credentials
workflow...
The result is a NPE in AuthenticationManager by trying to get the
providerId from the model
RequiredActionProviderModel model =
realm.getRequiredActionProviderByAlias(action);
RequiredActionFactory factory =
(RequiredActionFactory)session.getKeycloakSessionFactory().getProviderFactory(RequiredActionProvider.class,
model.getProviderId());
I am tired and cannot look through anymore, so your advice is more than
welcomed...
Thanks,
Adrian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160201/6e306a09/attachment-0001.html
More information about the keycloak-user
mailing list