I use keycloak custom user storage provider and users are getting from an external service.
The class implements the following interfaces:
public class CustomUserStorageProvider implements UserStorageProvider, UserLookupProvider, CredentialInputValidator, UserQueryProvider, CredentialInputUpdater {
When the user password is expired in isValid method the exception is caught and the requiredAction is added to prompt user to set a new password
UserModel userAdapter = loadedUsers.get(user.getUsername());
if (userAdapter != null) {
userAdapter.addRequiredAction(RequiredAction.UPDATE_PASSWORD);
return true;
}
The updateCredential method sends a request to an external service to update user password
@Override
public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input) {
try {
updateUserPassword(user.getUsername(), input.getChallengeResponse());
} catch (Exception e) {
log.error("Something went wrong", e);
}
return true;
}
This works normally, updates the user password in an external service and authenticates the user.
I need to display the according error message coming from an external service when something went wrong during the updating password e.g it doesn’t meet the needs of the password policy(this is also defined in external service rather than in keycloak).
I researched but couldn’t find a way how to do that.
Is there any way to achieve this?