[keycloak-user] New authenticator with CompletableFuture as the only authenticating factor

Daniel Radzikowski dradzikowski at bluesoft.net.pl
Wed Feb 15 10:59:53 EST 2017


Hi,

I'm trying to implement new authenticator for Mobile Connect. It is a bit
unusual flow, where the first method *void
authenticate(AuthenticationFlowContext context)* before returning a
challenge, calls a REST API, which prompts user mobile phone with 'Click
OK' button. This API call waits until the user clicks OK (or timeouts), so
in order not to block the request, it is wrapped in CompletableFuture and
the login page (with no inputs) is immediately returned to the browser.
(browser should't wait for the API call result).

The problem is when the CompletableFuture is completed and calls a
callback. It's the place where the authentication should occur, but I don't
have any idea how to do it. The only authenticating factor is OK response
from this API. Can I set the authentication somehow bypassing the whole
processor (calling method *action(AuthenticationFlowContext context)* on
its way)? I thought I will eventually call the *action *from the browser
(with ajax) and only check if the session is already created. The only
thing that I can pass to the callback is an AuthenticationFlowContext data
obtained from the first *action(AuthenticationFlowContext context)* call.
Is there any way to do it?

-- 
Pozdrawiam,
Daniel Radzikowski.


More information about the keycloak-user mailing list