Keycloak get cookie SPI

I have one question, i’ve made a custom event provider for login event, i need to know if i can pass a custom value from the form to the LOGIN event and get it, i don/t know if i can do that through cookies or something

Thanks for the help!

I don’t believe there is a way to do this directly. The only way I could think of doing this would be to add a custom Authenticator to the login flow which sets a note in the UserSessionModel. Then, in the event, you can use the sessionId to get the UserSessionModel from keycloakSession.sessions().getUserSession(realm, sessionId).

1 Like

This may be a gross way to do it, but I created an authenticator that sets form fields to:
context.getAuthenticationSession().setAuthNote("note", "val");

One might argue that this isn’t secure because other extensions can access the auth notes, but they’re cleared when the session ends, so I figured it would be alright.

Here’s an example:


Thanks! That worked for me :slight_smile:

If anyone have to do something similar:

I’ve just made a custom authenticator and on the action method i get the variable sended from a hidden input that i put on the login.ftl template. You can easily get the form data using the context and getDecodedFormParameters(), then we get the session (located in the context too) and set a note with the variable that i need. After all that, i just get the session note in another SPI that controls the login event and save it into an user attribute

Sweet! Glad I could help. I’ve only been using Keycloak for about two weeks, but I’ve picked it up pretty quickly. I just hope my code isn’t sloppy or insecure (unsecure? “Insecure” always makes it sound like my code has personal problems).

1 Like