External-Mirrors/keycloak
2
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-09 23:12:06 -03:30
Code Issues Packages Projects Releases Wiki Activity

Realign source code examples in auth-spi doc

Browse Source 
closes #43757

Signed-off-by: olympus5 <erwan.iquel@gmail.com>
This commit is contained in:
olympus5 2025-10-25 10:42:09 +02:00 committed by Marek Posolda
parent 12d4146eb9
commit ffed84194e
1 changed files with 24 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
docs/documentation/server_development/topics/auth-spi.adoc
View File

@ -453,7 +453,7 @@ public boolean isValid(RealmModel realm, UserModel user, CredentialInput input)
if (challengeResponse == null) { if (challengeResponse == null) {
return false; return false;
} }
CredentialModel credentialModel = getCredentialStore().getStoredCredentialById(realm, user, input.getCredentialId()); CredentialModel credentialModel = user.credentialManager().getStoredCredentialById(input.getCredentialId());
SecretQuestionCredentialModel sqcm = getCredentialFromModel(credentialModel); SecretQuestionCredentialModel sqcm = getCredentialFromModel(credentialModel);
return sqcm.getSecretQuestionSecretData().getAnswer().equals(challengeResponse); return sqcm.getSecretQuestionSecretData().getAnswer().equals(challengeResponse);
} }
@ -473,7 +473,7 @@ public boolean supportsCredentialType(String credentialType) {
@Override @Override
public boolean isConfiguredFor(RealmModel realm, UserModel user, String credentialType) { public boolean isConfiguredFor(RealmModel realm, UserModel user, String credentialType) {
if (!supportsCredentialType(credentialType)) return false; if (!supportsCredentialType(credentialType)) return false;
return !getCredentialStore().getStoredCredentialsByType(realm, user, credentialType).isEmpty(); return user.credentialManager().getStoredCredentialsByTypeStream(credentialType).findAny().isPresent();
} }
---- ----
@ -519,7 +519,7 @@ Here is the implementation of the setRequiredActions() method.
---- ----
@Override @Override
public void setRequiredActions(KeycloakSession session, RealmModel realm, UserModel user) { public void setRequiredActions(KeycloakSession session, RealmModel realm, UserModel user) {
user.addRequiredAction("SECRET_QUESTION_CONFIG"); user.addRequiredAction(SecretQuestionRequiredAction.PROVIDER_ID);
} }
---- ----
@ -631,11 +631,13 @@ protected void setCookie(AuthenticationFlowContext context) {
} }
URI uri = context.getUriInfo().getBaseUriBuilder().path("realms").path(context.getRealm().getName()).build(); URI uri = context.getUriInfo().getBaseUriBuilder().path("realms").path(context.getRealm().getName()).build();
addCookie(context, "SECRET_QUESTION_ANSWERED", "true",
uri.getRawPath(), NewCookie newCookie = new NewCookie.Builder("SECRET_QUESTION_ANSWERED").value("true")
null, null, .path(uri.getRawPath())
maxCookieAge, .maxAge(maxCookieAge)
false, true); .secure(false)
.build();
context.getSession().getContext().getHttpResponse().setCookieIfAbsent(newCookie);
} }
---- ----
@ -647,7 +649,7 @@ The config values can be defined within the Admin Console if you set up config d
[source,java] [source,java]
---- ----
@Override @Override
public CredentialTypeMetadata getCredentialTypeMetadata(CredentialTypeMetadataContext metadataContext) { public CredentialTypeMetadata getCredentialTypeMetadata(CredentialTypeMetadataContext metadataContext) {
return CredentialTypeMetadata.builder() return CredentialTypeMetadata.builder()
.type(getType()) .type(getType())
.category(CredentialTypeMetadata.Category.TWO_FACTOR) .category(CredentialTypeMetadata.Category.TWO_FACTOR)
@ -656,7 +658,7 @@ The config values can be defined within the Admin Console if you set up config d
.createAction(SecretQuestionAuthenticatorFactory.PROVIDER_ID) .createAction(SecretQuestionAuthenticatorFactory.PROVIDER_ID)
.removeable(false) .removeable(false)
.build(session); .build(session);
} }
---- ----
The last method to implement in the SecretQuestionCredentialProvider class is getCredentialTypeMetadata(CredentialTypeMetadataContext metadataContext), which is an abstract method of the CredentialProvider interface. Each Credential provider has to provide and implement this method. The method returns an instance of CredentialTypeMetadata, The last method to implement in the SecretQuestionCredentialProvider class is getCredentialTypeMetadata(CredentialTypeMetadataContext metadataContext), which is an abstract method of the CredentialProvider interface. Each Credential provider has to provide and implement this method. The method returns an instance of CredentialTypeMetadata,
@ -805,16 +807,6 @@ When you call AuthenticationFlowContext.form() this gives you a LoginFormsProvid
If you called, `LoginFormsProvider.setAttribute("foo", "bar")`, the value of "foo" would be available for reference in your form as `${foo}`. If you called, `LoginFormsProvider.setAttribute("foo", "bar")`, the value of "foo" would be available for reference in your form as `${foo}`.
The value of an attribute can be any Java bean as well. The value of an attribute can be any Java bean as well.
If you look at the top of the file, you'll see that we are importing a template:
[source,xml]
----
<#import "select.ftl" as layout>
----
Importing this template, instead of the standard `template.ftl` allows {project_name} to display a dropdown box that allows the user to select
a different credential or execution.
[[_adding_authenticator]] [[_adding_authenticator]]
==== Adding an authenticator to a flow ==== Adding an authenticator to a flow
@ -860,7 +852,7 @@ This method is responsible for rendering the HTML form that will drive the requi
@Override @Override
public void requiredActionChallenge(RequiredActionContext context) { public void requiredActionChallenge(RequiredActionContext context) {
Response challenge = context.form().createForm("secret_question_config.ftl"); Response challenge = context.form().createForm("secret-question-config.ftl");
context.challenge(challenge); context.challenge(challenge);
} }
@ -882,11 +874,9 @@ The action URL of the form will be routed to the RequiredActionProvider.processA
@Override @Override
public void processAction(RequiredActionContext context) { public void processAction(RequiredActionContext context) {
String answer = (context.getHttpRequest().getDecodedFormParameters().getFirst("answer")); String answer = (context.getHttpRequest().getDecodedFormParameters().getFirst("secret_answer"));
UserCredentialValueModel model = new UserCredentialValueModel(); SecretQuestionCredentialProvider sqcp = (SecretQuestionCredentialProvider) context.getSession().getProvider(CredentialProvider.class, "secret-question");
model.setValue(answer); sqcp.createCredential(context.getRealm(), context.getUser(), SecretQuestionCredentialModel.createSecretQuestion("What is your mom's first name?", answer));
model.setType(SecretQuestionAuthenticator.CREDENTIAL_TYPE);
context.getUser().updateCredentialDirectly(model);
context.success(); context.success();
} }
---- ----