Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IDENTITY_PROVIDER_FIRST_LOGIN is never triggered #15098

Closed
zak905 opened this issue Oct 22, 2022 · 0 comments · Fixed by #15100
Closed

IDENTITY_PROVIDER_FIRST_LOGIN is never triggered #15098

zak905 opened this issue Oct 22, 2022 · 0 comments · Fixed by #15100
Labels
area/identity-brokering help wanted kind/bug Categorizes a PR related to a bug
Milestone
21.1.0

Comments

@zak905
Copy link
Contributor

zak905 commented Oct 22, 2022

Describe the bug

The event IDENTITY_PROVIDER_FIRST_LOGIN can be useful, if one would like to trigger some action whenever there is one (by creating a custom EventListenerProvider), or simply for auditing purposes by storing it.

It seems like the event is used here: https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java#L759

However, it seems like the event is never triggered because the .success() method is never called.

Version

19.0.2

Expected behavior

The IDENTITY_PROVIDER_FIRST_LOGIN should be triggered

Actual behavior

The IDENTITY_PROVIDER_FIRST_LOGIN is not triggered

How to Reproduce?

  • create a demo realm
  • add an identity provider of your choice (I tested using Google)
  • activate event auditing, by going to Realm settings -> Events -> User events settings -> and then activate save events and hit save.
  • navigate to the account console from a different browser session (e.g private window): http://localhost:8081/auth/realms/YOUR_TEST_REALM_NAME/account/#/
  • try logging in using the identity provider you configured
  • Go back to the admin console -> and check the events that got triggered.

You will find the following events:

  • CODE_TO_TOKEN
  • LOGIN
  • REGISTER

but not the IDENTITY_PROVIDER_FIRST_LOGIN

Anything else?

This can be fixed simply by adding event.success() (checkout the PR for more details)
The only thing to note is that the user is not created yet at this point, so the user field in the event will be null / empty. Here is an example entry:
localhost_8081_auth_admin_master_console_
@zak905 zak905 added kind/bug Categorizes a PR related to a bug status/triage labels Oct 22, 2022
@zak905 zak905 mentioned this issue Oct 22, 2022
Merged
@mposolda mposolda added this to the Backlog milestone Mar 1, 2023
mposolda pushed a commit that referenced this issue Mar 3, 2023
@zak905
trigger IDENTITY_PROVIDER_FIRST_LOGIN (and UPDATE_PROFILE ) event whe…
fb5a7f6 
…n identity provider flow succeeds (#15100)

closes #15098
@mposolda mposolda modified the milestones: Backlog, 22.0.0 Mar 3, 2023
@stianst stianst modified the milestones: 22.0.0, 21.1.0 Apr 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/identity-brokering help wanted kind/bug Categorizes a PR related to a bug
Projects
None yet
Milestone
21.1.0
3 participants
@mposolda @stianst @zak905