Update auth-spi.adoc
Some fixes and minimal methods to follow the example
This commit is contained in:
parent
f3b2913ad3
commit
f56285424a
1 changed files with 22 additions and 3 deletions
|
@ -170,7 +170,7 @@ In our case we are storing this information, hashed, within a UserCredentialValu
|
|||
----
|
||||
@Override
|
||||
public boolean configuredFor(KeycloakSession session, RealmModel realm, UserModel user) {
|
||||
return session.users().configuredForCredentialType("secret_question", realm, user);
|
||||
return session.userCredentialManager().isConfiguredFor(realm, user, "SECRET_QUESTION");
|
||||
}
|
||||
----
|
||||
|
||||
|
@ -204,9 +204,18 @@ Its sole purpose is to render the page or to continue the flow.
|
|||
context.success();
|
||||
return;
|
||||
}
|
||||
Response challenge = loginForm(context).createForm("secret_question.ftl");
|
||||
Response challenge = context.form().createForm("secret-question.ftl");
|
||||
context.challenge(challenge);
|
||||
}
|
||||
|
||||
protected boolean hasCookie(AuthenticationFlowContext context) {
|
||||
Cookie cookie = context.getHttpRequest().getHttpHeaders().getCookies().get("SECRET_QUESTION_ANSWERED");
|
||||
boolean result = cookie != null;
|
||||
if (result) {
|
||||
System.out.println("Bypassing secret question because cookie is set");
|
||||
}
|
||||
return result;
|
||||
}
|
||||
----
|
||||
|
||||
The hasCookie() method checks to see if there is already a cookie set on the browser which indicates that the secret question has already been answered.
|
||||
|
@ -243,6 +252,15 @@ The flow will end up invoking the action() method of our Authenticator implement
|
|||
setCookie(context);
|
||||
context.success();
|
||||
}
|
||||
|
||||
protected boolean validateAnswer(AuthenticationFlowContext context) {
|
||||
MultivaluedMap<String, String> formData = context.getHttpRequest().getDecodedFormParameters();
|
||||
String secret = formData.getFirst("secret_answer");
|
||||
UserCredentialModel input = new UserCredentialModel();
|
||||
input.setType("SECRET_QUESTION");
|
||||
input.setValue(secret);
|
||||
return context.getSession().userCredentialManager().isValid(context.getRealm(), context.getUser(), input);
|
||||
}
|
||||
----
|
||||
|
||||
If the answer is not valid, we rebuild the HTML Form with an additional error message.
|
||||
|
@ -392,6 +410,7 @@ Let's take a bigger look at secret-question.ftl Here's a small code snippet:
|
|||
<input id="totp" name="secret_answer" type="text" class="${properties.kcInputClass!}" />
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
----
|
||||
|
||||
Any piece of text enclosed in `${}` corresponds to an attribute or template funtion.
|
||||
|
|
Loading…
Reference in a new issue