[keycloak-user] How do I set a field for idToken when implementing custom Provider / Authenticator?

Dominik Guhr pinguwien at gmail.com
Wed Mar 7 07:58:45 EST 2018 

So, after further investigation I got it working by now. For future ppl 
who don't want to search around:

As said, I implemented a custom loginform based on 
AbstractUsernameFormAuthenticator. There, in method 
validateUsernameAndPassword, where in the end the context gets set by 
context.setUser(user);

So, I was particularly interested in the "builtin" field locale, which I 
added to the client mappers.

First try was to add this line:
user.setAttribute(UserModel.LOCALE, 
Collections.singletonList(context.getHttpRequest().getHttpHeaders().getCookies().get("KEYCLOAK_LOCALE").getValue()));

BUT: This only seems to work in Firefox, for some reason (didnt 
investigate further), the KEYCLOAK_LOCALE - Cookie wasn't set in Chrome.

So, to make it work I had to add a custom cookie to my custom theme via 
js, which was pretty straightforward. Now this is working and I get the 
locale-field populated with the previously chosen value of locale 
dropdown when internationalization is enabled. Pretty hard way to go 
before I found all this little things out. Actually, I thought the 
locale would've been set internally for the user who logs in when 
logging in, based on the value of the dropdown, so that I could just add 
the mapper and... works. :)

Best regards,
Dominik

Am 07.03.18 um 11:03 schrieb Dominik Guhr:
> Hi all,
> 
> so I create3d a custom Provider for my legacy db and a custom 
> authenticator due to special requirements.
> 
> Now when I debug in validatePassword in 
> AbstractUsernameFormAuthenticator.java, I get the user entity with all 
> the fields I need.
> 
> Now my conrecete question is: How do I map these fields to the idtoken 
> to use them in my application?
> 
> I tried adding a User Attribute Mapper to my client directly, but this 
> gives me a nullpointerexception.
> Also, in Admin Interface, the Field "Mappers" is missing from my custom 
> Provider. Perhaps this is the fault? Did I forget to implement one 
> thing? I used the storage-jpa example.
> 
> Any hints would be highly appreciated. If some code is needed, just ask :-)
> 
> Best regards,
> Dominik

More information about the keycloak-user mailing list