I want to add eventListener that on eventType = LOGIN, checks some attributes of user, and if necessary interrupts authentication and prints some error on login page. Is that possible from eventListener? Or do I have to change some authentication processors?
You can’t do this from an EventListener
. You would have to write a custom Authenticator and then update your flow.
Thank you for answer, I will try.
@xgp - do you maybe know how to extract user session ID in authentication provider? I want to check if users session, that is currently refreshed in not on blacklist.
I have method:
public void authenticate(AuthenticationFlowContext context) {
but I can’t find a way to extract sessionID
From the KeycloakSession. Check the javadoc for AuthenticationFlowContext.
@xgp I tried: context.getEvent().getEvent().getSessionId() but this always returns null. When I look into: context.getAuthenticationSession(), there isn’t any place to get sessionId that user is refresing at the moment. Can you please point me to correct place?
I added my custom authenticator to the bottom of authentication flow.
Thanks.
Mariusz
try
context.getAuthenticationSession().getParentSession().getId()
I tried that, doesn’t work. Code like this:
KeycloakSession keycloakSession = context.getSession();
RealmModel realm = keycloakSession.getContext().getRealm();
List<String> allUSerSessions = keycloakSession.sessions().getUserSessionsStream(realm, keycloakSession.userStorageManager().getUserById(context.getUser().getId(), realm)).map(d -> d.getId()).collect(Collectors.toList());
String sessionId = context.getAuthenticationSession().getParentSession().getId();
When I login for first time, Parent sessionID is the same as returned in “user sessions” later, but when I close brower, open after a while, then I get some different ID:
allUSerSessions = {ArrayList@25075} size = 2
0 = “d7d76d8d-6879-4078-a55e-81ce45680532”
1 = “bf2f4b28-de5c-4012-bb70-e89495f59bc1”
sessionId = “c764971e-6627-4f4f-ad9a-e75834e79b8c”
Session "bf2f… " was returned as “sessionId” when I created this session for the first time, now I need way to find out that this user is refreshing “bf2f…” , but “getParentSession” returns c7649… ?
I still can’t find a way to check which session is user refreshing, does anybody know how to do it?