javakeycloakkeycloak-gatekeeper

Keycloak custom login provider


I'm trying to create a custom Keycloak provider that will add something to login logic. I've read how providers (or plugins) are being created for Keycloak and there's already one in the project I'm working with, but I don't know much about them.

I need to add custom logic for users authentication/authorization: I want to be able to check some fields in the internal database to validate the persons account. But I didn't find any guides or good articles about similar situations. Can someone provide me some links on what to start with? What interface and what methods I need to override in my custom provider in order to achieve something like this? I've read something about "openid" and "keycloak" in general, as well with keycloak providers, but there's too much information and no specific examples.

Username and password are being sent through web-form and "openid" is the protocol, if it wil help somehow.


Solution

  • Hope I understood your correctly. You probably need a plugin for your authorization flow, an additional step where you validate your data.

    Have a look here: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_development/topics/auth-spi.html