Hello, I was wondering if somebody could help me with following problem.
I developed custom authenticator that uses our external service through REST API calls to perform all needed tasks. The authenticator can be configured through Keycloak admin console (admin needs to provide external REST API endpoint and authentication token for that API). Now in order to work correctly the custom page for providing credentials needs to perform periodic REST API calls in order to verify if the user completed the external authentication process. So I created custom REST endpoint in Keycloak using RealmResourceProvider. And here is the problem, this class also needs access to external API (URL and API token that is configured in authenticator). However there is no way for admin to configure RealmResourceProvider and then only way I found to access AuthenticatorConfigModel from within RealmResourceProvider is to:
- get realm model from context
- get all AuthenticationExecutionModel objects for browser flow
- recursively process them to find AuthenticationExecutionModel which matches ID of my authentication provider
- return its AuthenticatorConfigModel
This works fine, however I was wondering if there is any better way of achieving this.
As a bonus question I was also wondering if it is possible to expose custom API provided via RealmResourceProvider in only specified realm (the one where authenticator is configured)? Currently extra API endpoint is accessible from every realm.
Thanks in advance for any help