Hello! I’ve been working in connect our Keycloak to one Eidas-Saml2 system. The petition goes well, and returns to my endpoint in keycloak. Then with all received data formatted the petition goes to IdentityBrokerService.authenticated method.
In there, when Keycloak get the federatedUser never pases through my CustomUserProvider so never finds it and always go to “firstLoginBroker”. I tried to configure this AutheticatorFlow, but again never gets my CustomUserProvider and fails:
WARN org.keycloak.services KC-SERVICES0013: Failed authentication
org.keycloak.authentication.AuthenticationFlowException: null
at org.keycloak.authentication.AuthenticationProcessor.authenticateOnly(AuthenticationProcessor.java:993) ~[keycloak-services-15.0.2.jar:15.0.2]
at org.keycloak.services.resources.LoginActionsService$1.authenticateOnly(LoginActionsService.java:799) ~[keycloak-services-15.0.2.jar:15.0.2]
I revised all the process and i see that in order to get the federated user first it tries to check the cache (UserCacheSession). As the cache is null goes to check the delegate “UserStorageManager” and gets a new instance of it from the session (DefaultKeycloakSession).
public UserStorageManager(KeycloakSession session) {
super(session, UserStorageProviderFactory.class, UserStorageProvider.class,
UserStorageProviderModel::new, “user”);
}
I don’t know how to set my CustomUserProviderFactory in order to continue and finish.
Thanks in advanced