[keycloak-user] Get magic link for users to login
Ulrik Lejon
ulrik.lejon at mollyware.se
Wed Apr 19 01:59:06 EDT 2017
Hi
Sounds like a good idea!
Out of curiosity, how do you create the links? Also, will the links ever
expire?
BR,
Ulrik
On Wed, 19 Apr 2017, 04:02 Ilya Korol, <llivezking at gmail.com> wrote:
> Hi recently i implemented almost same feature for our environment. I've
> done it via custom Authenticator implementation. This authenticator is
> injected in browser authentication flow as alternative execution just
> before cookie execution, and check request link whether he should
> authenticate user by this link. Here some snippet:
>
>
> @Override
> public void authenticate(AuthenticationFlowContext context) {
> MultivaluedMap<String, String> queryParams =
> context.getHttpRequest().getUri().getQueryParameters();
>
> // If uri doesn't contain appropriate query params this flow is
> not applicable,
> // so we pass it by to other flow chain
> if (!(queryParams.containsKey("marker") &&
> queryParams.containsKey("userId"))) {
> context.attempted();
> return;
> }
>
> // Extract params from request
> String userId = queryParams.getFirst("userId");
> String marker = queryParams.getFirst("marker");
>
> RealmModel realm = context.getSession().getContext().getRealm();
> UserModel user =
> context.getSession().users().getUserById(userId, realm);
>
> // If user state doesn't match requirements this flow is not
> applicable,
> // so we pass it by to other flow chain
> if (checkConditions(user, marker, otherStruff)) {
>
> // User could be authenticated
>
> context.setUser(user);
> context.success();
> } else {
> context.attempted();
> }
> }
>
>
>
> On 18.04.2017 19:09, Martin Johansson wrote:
> > Hi!
> >
> > We want to achieve the following:
> >
> > Expose a REST endpoint where an authenticated client can retrieve a magic
> > login link for a specific user. We have an ID in the attributes for the
> > user which enables us to get the correct user.
> >
> > The reason for this is that we need to expose the possibility to send
> > e-mails from other systems than Keycloak. We have other ways of composing
> > the e-mails.
> >
> > So wanted final state is that a user can click a link in his e-mail
> client
> > and be redirected to our app and be logged in.
> >
> > BR,
> > Martin
> >
> > ---------- Forwarded message ----------
> >> From: Ilya Korol <llivezking at gmail.com>
> >> To: keycloak-user at lists.jboss.org
> >> Cc:
> >> Bcc:
> >> Date: Fri, 14 Apr 2017 15:59:10 +1000
> >> Subject: Re: [keycloak-user] Get magic link for users to login
> >> Hi, could you explain more detailed what you want to achieve? As for my
> >> team we also implemented custom rest endpoint, which send customized
> emails
> >> to users. Check out org.keycloak.services.resources.admin.UsersResource
> >> for details of default link constructing. (methods:
> resetPasswordEmail(),
> >> executeActionsEmail(), sendVerifyEmail())
> >>
> >>
> >> On 13.04.2017 17:54, Martin Johansson wrote:
> >>
> >>> Is it possible to retrieve the magic link that are sent by e-mail via
> the
> >>> Java
> >>> API? We have implemented an SPI with a REST interface and would like to
> >>> get
> >>> the link for usage in custom e-mails.
> >>> Any hints which provider to be used is much appreciated.
> >>>
> >>> Regards,
> >>> Martin
> >>> _______________________________________________
> >>> keycloak-user mailing list
> >>> keycloak-user at lists.jboss.org
> >>> https://lists.jboss.org/mailman/listinfo/keycloak-user
> >>>
> >> _______________________________________________
> >> keycloak-user mailing list
> >> keycloak-user at lists.jboss.org
> >> https://lists.jboss.org/mailman/listinfo/keycloak-user
> >>
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Ulrik Lejon
Mollyware AB
+46-700-137786
ulrik.lejon at mollyware.se
www.mollyware.se
More information about the keycloak-user
mailing list