Custom email validator

Getting advice
1

Hi.

Is there a way, to override default email validator? I would like to disallow emails with “+” (plus) sign in name.

I tried to override LegacyUserProfileProviderFactory and change validation there, but it’s not picked up by Keycloak becasue of code in:

org.keycloak.authentication.forms.RegistrationUserCreation
public void validate(ValidationContext context) {
(…)
UserProfileProvider profileProvider = context.getSession().getProvider(UserProfileProvider.class, LegacyUserProfileProviderFactory.PROVIDER_ID);

So it uses LegacyUserProfileProviderFactory.PROVIDER_ID (no only class) to get ProviderFactory, I can’t make it work.

I can’t also find a way to override RegistrationUserCreation class.

Is there any way to do it?

2

Regarding the question about overriding the RegistrationUserCreation, yes you can.

  • Create the class that overrides FormActionFactory, and put the class name in your jar (or ear, or however you’re deploying) in META-INF/services/org.keycloak.authentication.FormActionFactory. That class should return a FormAction implementation when public FormAction create(KeycloakSession session) gets called.
  • Once you deploy, you will be able to copy the “Registration” Flow in “Authentication”->“Flows”, and then add your execution to the registration forms. Then, make sure to bind your new flow in “Authentication”->“Bindings”.

Also take a look at RegistrationProfile.

3

It works. Thanks a lot for your help. Creation of new flow and binding was exactly what I missed. Thank you