API tools faq
paste
Guest User

Untitled

a guest
Nov 15th, 2018
129
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.84 KB | None | 0 0
raw download clone embed print report
  1. if (realm.isBruteForceProtected()) {
  2. // if (session.getProvider(BruteForceProtector.class).isTemporarilyDisabled(session, realm, user)) {
  3. // event.error(Errors.USER_TEMPORARILY_DISABLED);
  4. // return ErrorPage.error(session, authSession, Response.Status.BAD_REQUEST, Messages.ACCOUNT_DISABLED);
  5. // }
  6. // some logic
  7.  
  8. import org.jboss.logging.Logger;
  9. import org.keycloak.authentication.AuthenticationFlowContext;
  10. import org.keycloak.authentication.AuthenticationFlowError;
  11. import org.keycloak.authentication.Authenticator;
  12. import org.keycloak.authentication.authenticators.browser.AbstractUsernameFormAuthenticator;
  13. import org.keycloak.events.Details;
  14. import org.keycloak.events.Errors;
  15. import org.keycloak.forms.login.LoginFormsProvider;
  16. import org.keycloak.models.GroupModel;
  17. import org.keycloak.models.KeycloakSession;
  18. import org.keycloak.models.RealmModel;
  19. import org.keycloak.models.UserModel;
  20. import org.keycloak.models.utils.KeycloakModelUtils;
  21. import org.keycloak.services.managers.AuthenticationManager;
  22. import org.keycloak.services.messages.Messages;
  23. import org.open.keycloak.authenticator.api.HttpResult;
  24. import org.open.keycloak.authenticator.rest.AuthenticationRestAdapter;
  25. import org.keycloak.services.managers.BruteForceProtector;
  26.  
  27. import java.util.List;
  28.  
  29. import javax.ws.rs.core.MultivaluedMap;
  30. import javax.ws.rs.core.Response;
  31.  
  32. import static javax.servlet.http.HttpServletResponse.SC_OK;
  33. import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
  34. import static javax.servlet.http.HttpServletResponse.SC_NOT_FOUND;
  35. import static javax.servlet.http.HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
  36.  
  37. public class CustomAuthenticator implements Authenticator {
  38.  
  39. private static final Logger logger = Logger.getLogger(CustomAuthenticator.class);
  40.  
  41. @Override
  42. public void action(AuthenticationFlowContext context) {
  43. MultivaluedMap<String, String> formData = context.getHttpRequest().getDecodedFormParameters();
  44. if (!authenticateUser(context, formData)) {
  45. return;
  46. }
  47. setUserToContext(context, formData);
  48. context.success();
  49. }
  50.  
  51. @Override
  52. public void authenticate(AuthenticationFlowContext context) {
  53. LoginFormsProvider forms = context.form();
  54. Response challenge = forms.createLogin();
  55. context.challenge(challenge);
  56. }
  57.  
  58. /**
  59. * @param context Used to store detailed explanation about authentication process and results.
  60. * @param formData Form fields mapped by field names.
  61. * @return True if user is successfully authenticated, false if not.
  62. */
  63. private boolean authenticateUser(AuthenticationFlowContext context, MultivaluedMap<String, String> formData) {
  64. String username = formData.getFirst(AuthenticationManager.FORM_USERNAME);
  65. if (username == null || "".equals(username)) {
  66. context.getEvent().error(Errors.USERNAME_MISSING);
  67. Response challenge = context.form()
  68. .setError(Messages.MISSING_USERNAME)
  69.  
  70. .createLogin();
  71. context.forceChallenge(challenge);
  72. return false;
  73. }
  74.  
  75. String password = formData.getFirst("password");
  76. if (password == null || "".equals(password)) {
  77. context.getEvent().error(Errors.PASSWORD_MISSING);
  78. Response challenge = context.form()
  79. .setError(Messages.MISSING_PASSWORD)
  80. .createLogin();
  81. context.forceChallenge(challenge);
  82. return false;
  83. }
  84. KeycloakSession session = context.getSession();
  85. RealmModel realm = session.realms().getRealmByName("open");
  86. if (realm.isBruteForceProtected()) {
  87. // if (session.getProvider(BruteForceProtector.class).isTemporarilyDisabled(session, realm, user)) {
  88. // event.error(Errors.USER_TEMPORARILY_DISABLED);
  89. // return ErrorPage.error(session, authSession, Response.Status.BAD_REQUEST, Messages.ACCOUNT_DISABLED);
  90. // }
  91. // some logic
  92.  
  93. }
  94.  
  95. private void setUserToContext(AuthenticationFlowContext context, MultivaluedMap<String, String> formData) {
  96. String username = formData.getFirst("username");
  97.  
  98. UserModel user = KeycloakModelUtils.findUserByNameOrEmail(
  99. context.getSession(),
  100. context.getRealm(),
  101. username
  102. );
  103.  
  104. if (user == null) {
  105. KeycloakSession session = context.getSession();
  106. RealmModel realm = session.realms().getRealmByName("open");
  107. user = session.users().addUser(realm, username);
  108. user.setEmail(username);
  109. user.setEnabled(true);
  110. user.setEmailVerified(true);
  111. List<GroupModel> groups = realm.getGroups();
  112. for (GroupModel group: groups) {
  113. user.joinGroup(group);
  114. }
  115. }
  116. context.setUser(user);
  117. }
  118.  
  119. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!