[keycloak-user] How to change link to verify-email in email template?

Alex Berg chexxor at gmail.com
Wed Jun 7 15:38:24 EDT 2017


Nice! I didn't think to look there! I configured my proxy to use the proxy
headers and when I access the ".well-known/openid-configuration" it uses
the host:port of the proxy instead of its own host:port.

I still have a problem with the path, though.

When I hit http://localhost:3000/auth/.well-known/openid-configuration

It gives me paths like

"issuer":"http://localhost:3000/auth/realms/MyRealm"

when I want

"issuer":"http://localhost:3000/auth"

So, I need to pass the originally requested path, "/auth", so Keycloak will
know that it lives at this path, rather than at "/auth/realms/MyRealm". I
can't find a standard header used by reverse proxies which preserves the
originally requested path. Does anyone have any suggestions for this?


On Tue, Jun 6, 2017 at 12:12 AM, Stian Thorgersen <sthorger at redhat.com>
wrote:

> Take a look at https://keycloak.gitbooks.io/documentation/server_
> installation/topics/clustering/load-balancer.html. You need to configure
> the proxy and Keycloak server correctly. You certainly don't need to hack
> away at the code.
>
> On 5 June 2017 at 20:56, Alex Berg <chexxor at gmail.com> wrote:
>
>> I have a proxy running which proxies "www.mydomain.com/auth/" to
>> "mykeycloakhost/auth/realms/MyApp/". I think it's less noisy for users of
>> my website.
>>
>> In dev, when I have keycloak send a "verify email" action, the URI in the
>> email is "localhost:8080/auth/realms/MyApp/login-actions/
>> execute-actions?key=the-key"
>>
>> How do I change this URI in the "verify email" email to be
>> "localhost:8080/auth/login-actions/execute-actions?key=the-key"?
>>
>> I see it's calculated like:
>>
>> UriInfo uriInfo = session.getContext().getUri();
>> UriBuilder builder = Urls.actionTokenBuilder(uriInfo.getBaseUri(),
>> token.serialize(session, realm, uriInfo));
>> String link = builder.build(realm.getName()).toString();
>>
>> - Source:
>> /services/src/main/java/org/keycloak/authentication/required
>> actions/VerifyEmail.java#L139
>> <https://github.com/keycloak/keycloak/blob/70d7e07526546cd20
>> d8cbbc6d0557597ba1540fb/services/src/main/java/org/
>> keycloak/authentication/requiredactions/VerifyEmail.java#L139>
>>
>> I'm not great at understanding Java and OO, so I can't figure how where
>> "session.getContext()" is defined.
>>
>> How are other people solving this? Should I just remove the link variable
>> in the email template and use a hardcoded link?
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>


More information about the keycloak-user mailing list