fx-hao / keycloak-phone-authenticator Goto Github PK
View Code? Open in Web Editor NEWObtain token and reset password via SMS
Obtain token and reset password via SMS
I don't understand this part of the instruction:
Configuration
Configure your REALM to use the phone number and verification code Authentication. First create a new REALM (or select a previously created REALM).
Under Authentication > Flows:
Copy the 'Direct Grant' flow to 'Direct grant with phone' flow
Click on 'Actions > Add execution' on the 'Provide Phone Number' line
Click on 'Actions > Add execution' on the 'Provide Verification Code' line
Set both of 'Provide Phone Number' and 'Provide Verification Code' to 'REQUIRED'
There are no Provide Phone Number' line or 'Provide Verification Code' line, so how should I set up the direct grant flow?
Hi, thanks for this package, I am using it currently to enable OTP flow, I was wondering where this Verification Code
table might be. I am using an external PGSQL DB for all keycloak data storage, do I need to do some changes in the code so that this table is also created in the same DB? Or would this table be just added to the existing Keycloak DB? Thanks in advance.
I am using Keycloak version 13.0.1. I added the following classes to the project to implement my own SMS provider with AWS SNS:
(In package com.hfx.keycloak.spi.impl)
public class SmsServiceImpl implements SmsService<Object> {
private final KeycloakSession session;
public SmsServiceImpl(KeycloakSession session) {
this.session = session;
}
@Override
public void close() {
}
@Override
public boolean send(String phoneNumber, Map<String, ? super Object> params) throws SmsException {
String templateId = (String) params.get("templateId");
String accessKey = "...";
String secretKey = "...";
BasicAWSCredentials awsCreds = new BasicAWSCredentials(accessKey, secretKey);
AmazonSNS snsClient = AmazonSNSClient
.builder()
.withRegion(Regions.AP_SOUTHEAST_1)
.withCredentials(new AWSStaticCredentialsProvider(awsCreds))
.build();
String SMSMessage = templateId;
snsClient.publish(new PublishRequest()
.withMessage(SMSMessage)
.withPhoneNumber(phoneNumber));
return true;
}
@Override
public boolean sendVerificationCode(VerificationCodeRepresentation rep, Map<String, ? super Object> params)
throws SmsException {
String code = rep.getCode();
String accessKey = "...";
String secretKey = "...";
BasicAWSCredentials awsCreds = new BasicAWSCredentials(accessKey, secretKey);
AmazonSNS snsClient = AmazonSNSClient
.builder()
.withRegion(Regions.AP_SOUTHEAST_1)
.withCredentials(new AWSStaticCredentialsProvider(awsCreds))
.build();
String SMSMessage = code;
snsClient.publish(new PublishRequest()
.withMessage(SMSMessage)
.withPhoneNumber(rep.getPhoneNumber()));
return true;
}
}
(In package com.hfx.keycloak.spi.impl)
public class SmsServiceProviderFactoryImpl implements SmsServiceProviderFactory {
@Override
public SmsService create(KeycloakSession session) {
return new SmsServiceImpl(session);
}
@Override
public void init(Config.Scope config) {
}
@Override
public void postInit(KeycloakSessionFactory factory) {
}
@Override
public void close() {
}
@Override
public String getId() {
return "SmsServiceProviderFactoryImpl";
}
}
I also added the following service file to META-INF/services, called com.hfx.keycloak.spi.SmsServiceProviderFactory, with the following content:
com.hfx.keycloak.spi.impl.SmsServiceProviderFactoryImpl
The only dependency I added to the pom.xml is this:
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk</artifactId>
<version>1.11.1030</version>
</dependency>
However, adding the jar to standalone/deployments and deploying, I still get the following error:
{"WFLYCTL0080: Failed services" => {"jboss.deployment.unit."keycloak-phone-authenticator-1.0.0-SNAPSHOT.jar".POST_MODULE" => "WFLYSRV0153: Failed to process phase POST_MODULE of deployment "keycloak-phone-authenticator-1.0.0-SNAPSHOT.jar"
Caused by: java.lang.NoClassDefFoundError: Failed to link com/hfx/keycloak/spi/ResetCredentialWithPhone (Module "deployment.keycloak-phone-authenticator-1.0.0-SNAPSHOT.jar" from Service Module Loader): org/keycloak/authentication/authenticators/resetcred/ResetCredentialChooseUser"}}
which is the same error as that faced in issue #1. May I know if there is an issue with the way I added the SMS service implementation?
Hi,
Need help with the error below during Keycloak server startup
javax.persistence.PersistenceException: [PersistenceUnit: keycloak-default] Unable to build Hibernate SessionFactory
I have executed these steps:
I can see the table "verification_code" is created in my postgres database but during startup getting the error mentioned
Thanks
Code is not running throwing following error
Build step org.keycloak.quarkus.deployment.KeycloakProcessor#configureKeycloakSessionFactory threw an exception: java.lang.NoClassDefFoundError: org/keycloak/authentication/DisplayTypeAuthenticatorFactory
你好:
curl -X POST
http://localhost:8081/auth/realms/$YOUR_REALM/protocol/openid-connect/token
-H 'authorization: Basic c2h1bmRhby1hZG1pbjoxODc3MGYxMi02NjE4LTQwOTctYThmYi1kMjA0Mzg0Mzg4OTk='
-H 'content-type: application/x-www-form-urlencoded'
-d 'grant_type=password&phone_number=$PHONE_NUMBER&code=$VERIFICATION_CODE'
此例中 authorization 是什么? 是怎么得来的?
另外参数中没有指定 client_id ?
是要把 client 的 Access Type 设置为 confidential , 先取得client 的 token 再运行这个吗?
ERROR [org.jboss.as.controller.management-operation] (DeploymentScanner-threads - 1) WFLYCTL0013: Operation ("deploy") failed - address: ([("deployment" => "keycloak-phone-authenticator-1.0.0-SNAPSHOT.jar")]) - failure description: {"WFLYCTL0080: Failed services" => {"jboss.deployment.unit."keycloak-phone-authenticator-1.0.0-SNAPSHOT.jar".POST_MODULE" => "WFLYSRV0153: Failed to process phase POST_MODULE of deployment "keycloak-phone-authenticator-1.0.0-SNAPSHOT.jar"
Caused by: java.lang.NoClassDefFoundError: Failed to link com/hfx/keycloak/spi/ResetCredentialWithPhone (Module "deployment.keycloak-phone-authenticator-1.0.0-SNAPSHOT.jar" from Service Module Loader): org/keycloak/authentication/authenticators/resetcred/ResetCredentialChooseUser"}}
Hi, apologies for my vague title but there are a couple of problem statements that I'm trying to solve here. I have no coding experience in Java, so please bear with me if they are quite elementary. I have already deployed this SPI and was wondering how to proceed with handling specific use cases. My Use case is this:
Get User's Phone Number and verify with OTP, if no users are mapped for the phoneNumber, create new user, ask for the user details in the login form itself. I have done some basic additions to your code in src/main/com/hfx/keycloak/spi/UsernamePasswordorPhoneForm
public boolean validateVerificationCode(AuthenticationFlowContext context, MultivaluedMap<String, String> formData) {
context.clearUser();
UserModel user = this.getUser(context, formData);
String phoneNumber = (String)formData.getFirst("phoneNumber");
String groupName = "/is_externaluser";
GroupModel external_group = KeycloakModelUtils.findGroupByPath(context.getRealm(), groupName);
if (user == null && VerificationCode.verify(context, VERIFICATION_CODE_KIND)){
user = context.getSession().users().getUserByUsername(context.getRealm(), phoneNumber);
if (user == null){
user = context.getSession().users().addUser(context.getRealm(), phoneNumber);
user.setEnabled(true);
log.info(String.format("Created New User with Username %s", phoneNumber));
user.joinGroup(external_group);
log.info("Added User To External Group");
List<String> values = new ArrayList<String>();
values.add(phoneNumber);
user.setAttribute("contact_number", values);
NEW_USER_CREATED = true;
}
else{
user = null;
}
}
return user != null && VerificationCode.verify(context, VERIFICATION_CODE_KIND) && this.validateUser(context, user, formData);
}
But I want to emit the value of NEW_USER_CREATED to the frontend so that either
But I don't have enough understanding about this implementation to go ahead with either. If you have any ideas please let me know.
Also, If I wanted to do away with the SMS Interface/SPI Packages (keycloak-phone-authenticator-yuntongxun-sms
and yuntongxun4j
) and simply wanted to add the SMS implementation in the main package keycloak-phone-authenticator
how would I go about it?
I know this is not an 'issue' in the package itself but I have searched through the internet and have found no resource as good as yours for my usecase hence was wondering if I could pick your brains about it.
Thanks in advance!
Hello!
When I try to add this add-on, Keycloak gives error on startup:
Failed to define class com.hfx.keycloak.spi.ResetCredentialWithPhone in Module "deployment.phone.jar" from Service Module Loader: java.lang.NoClassDefFoundError: Failed to link com/hfx/keycloak/spi/ResetCredentialWithPhone (Module "deployment.phone.jar" from Service Module Loader): org/keycloak/authentication/authenticators/resetcred/ResetCredentialChooseUser
My set up:
quay.io/keycloak/keycloak:13.0.0
mvn package
from inside keycloak-phone-authenticator
under latest maven
docker imagekeycloak-phone-authenticator/keycloak-phone-authenticator-1.0.0-SNAPSHOT.jar
to /opt/jboss/keycloak/standalone/deployments/phone.jar
What could be the problem? Thanks in advance!
Hi,
I've copied the jar file of the project into a providers directory in the home directory of the keycloak server on my local Windows machine. However, when I run the command standalone.bat in the bin directory, I get the following error and the server doesn't start up. May I know if I'm missing any steps in the installation procedure?
23:24:39,782 ERROR [org.jboss.as.controller.management-operation] (ServerService Thread Pool -- 52) WFLYCTL0403: Unexpected failure during execution of the following operation(s): []: java.lang.RuntimeException: WFLYCTL0195: Interrupted awaiting transaction commit or rollback at [email protected]//org.jboss.as.controller.ParallelBootOperationStepHandler$ParallelBootTransactionControl.operationPrepared(ParallelBootOperationStepHandler.java:458) at [email protected]//org.jboss.as.controller.ModelController$OperationTransactionControl.operationPrepared(ModelController.java:131) at [email protected]//org.jboss.as.controller.AbstractOperationContext.executeDoneStage(AbstractOperationContext.java:874) at [email protected]//org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:805) at [email protected]//org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:468) at [email protected]//org.jboss.as.controller.ParallelBootOperationStepHandler$ParallelBootTask.run(ParallelBootOperationStepHandler.java:384) at [email protected]//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at [email protected]//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990) at [email protected]//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at [email protected]//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1348) at java.base/java.lang.Thread.run(Thread.java:834) at [email protected]//org.jboss.threads.JBossThread.run(JBossThread.java:513)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.