Hi.
I’ve written a Custom User Storage Provider, which gets user related data from an external REST API. This works very well.
In my scenario I do have 1 Keycloak Server, 1 Realm and 1 Client, to which the application connects. This application is hosted 3 times, on an alpha, test and production system. Each of these systems has it’s own REST API, from which my CUSP has to get information, depending on the source of the auth request.
I actually thought that I can access the initial request to /auth from this Custom SPI in order to use the redirect_uri for matching, but I haven’t found a proper way to do so.
What I have tried to use is
log.info("getUri() 1 {}", session.getContext().getHttpRequest().getUri().getQueryParameters().get("redirect_uri"));
log.info("getUri() 2 {}", session.getContext().getHttpRequest().getUri().getPath());
log.info("getUri() 3 {}", session.getContext().getAuthenticationSession().getRedirectUri());
log.info("getUri() 4 {}", session.getContext().getConnection().getRemoteHost());
log.info("getUri() 5 {}", session.getContext().getAuthServerUrl().getQuery());
log.info("getUri() 6 {}", session.getContext().getAuthServerUrl().getPath());
session.getAttributes().forEach((s, o) -> log.info("getUri() 77 {} {}", s, o));
The idea is to check the redirect_uri, whether it contains alpha, test or www, and then use the REST API of either system.
The Custom SPI looks like this.
public class CustUserProvider implements UserStorageProvider,
UserLookupProvider, UserQueryProvider,
CredentialInputUpdater, CredentialInputValidator,
UserRegistrationProvider {
private final KeycloakSession session;
private final ComponentModel model;
private final CustUserClient client;
protected Map<String, UserModel> loadedUsers = new HashMap<>();
public CustUserProvider(KeycloakSession session, ComponentModel model) {
this.session = session;
this.model = model;
this.client = new CustUserClientSimpleHttp(session, model);
}
So I do have access to the session. I’m pretty sure that the redirect_uri is stored there. Can someone advice how to get it?
Or is there a better approach?
Thanks.