If you are trying to do that in a custom Authenticator you can use the AuthenticationFlowContext. Depending if you’re using a reverse proxy the IP can come from one of the following methods:
// no reverse proxy
authenticationFlowContext.getHttpRequest().getRemoteAddress();
// with reverse proxy
authenticationFlowContext.getHttpRequest().getHttpHeaders().getHeaderString("X-Forwarded-For");