You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature related to a problem? Please describe.
I had the issue that my authentication flow worked in the first run, but I was not able to login after logout. I received the console error. I guess I spent too much time for debugging as I'm new to keycloak, but the reason for this issue was that the email address was not validated.
keycloak | 2023-01-10 14:53:08,218 WARN [de.sventorben.keycloak.authentication.hidpd.HomeIdpDiscoverer] (executor-thread-217) Could not extract domain from email address user1@idpa.com
keycloak | 2023-01-10 14:53:08,218 WARN [org.keycloak.services] (executor-thread-217) KC-SERVICES0013: Failed authentication: org.keycloak.authentication.AuthenticationFlowException
keycloak | at org.keycloak.authentication.AuthenticationProcessor.authenticationAction(AuthenticationProcessor.java:983)
keycloak | at org.keycloak.services.resources.LoginActionsService.processFlow(LoginActionsService.java:311)
keycloak | at org.keycloak.services.resources.LoginActionsService.processAuthentication(LoginActionsService.java:282)
keycloak | at org.keycloak.services.resources.LoginActionsService.authenticate(LoginActionsService.java:274)
keycloak | at org.keycloak.services.resources.LoginActionsService.authenticateForm(LoginActionsService.java:339)
keycloak | at jdk.internal.reflect.GeneratedMethodAccessor599.invoke(Unknown Source)
keycloak | at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
keycloak | at java.base/java.lang.reflect.Method.invoke(Method.java:566)
keycloak | at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:170)
keycloak | at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:130)
keycloak | at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:660)
keycloak | at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:524)
keycloak | at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$2(ResourceMethodInvoker.java:474)
keycloak | at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
keycloak | at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:476)
keycloak | at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:434)
keycloak | at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:192)
keycloak | at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:141)
keycloak | at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:32)
keycloak | at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:492)
keycloak | at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:261)
keycloak | at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:161)
keycloak | at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
keycloak | at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:164)
keycloak | at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:247)
keycloak | at io.quarkus.resteasy.runtime.standalone.RequestDispatcher.service(RequestDispatcher.java:73)
keycloak | at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.dispatch(VertxRequestHandler.java:151)
keycloak | at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:82)
keycloak | at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:42)
keycloak | at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284)
keycloak | at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:173)
keycloak | at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:140)
keycloak | at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:84)
keycloak | at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:71)
keycloak | at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284)
keycloak | at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:173)
keycloak | at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:140)
keycloak | at io.quarkus.vertx.http.runtime.VertxHttpRecorder$6.handle(VertxHttpRecorder.java:430)
keycloak | at io.quarkus.vertx.http.runtime.VertxHttpRecorder$6.handle(VertxHttpRecorder.java:408)
keycloak | at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284)
keycloak | at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:173)
keycloak | at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:140)
keycloak | at org.keycloak.quarkus.runtime.integration.web.QuarkusRequestFilter.lambda$createBlockingHandler$0(QuarkusRequestFilter.java:82)
keycloak | at io.quarkus.vertx.core.runtime.VertxCoreRecorder$14.runWith(VertxCoreRecorder.java:564)
keycloak | at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2449)
keycloak | at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1478)
keycloak | at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29)
keycloak | at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29)
keycloak | at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
keycloak | at java.base/java.lang.Thread.run(Thread.java:829)
Describe the solution you'd like
I think this code line is not run. Haven't checked how to solve it and wanted to ask first. If wanted I can offer to investigate further.
I think you are facing the same issue as mentioned in #35, right?
The problem with showing an error message when email has not been validated yet, is that it would not allow for executing alternative authenticators. For example, Keycloak would not be able to fallback to password authentication.
Can you show me what your login flow looks like and elaborate a little more how you would like it to behave, please?
I am currently trying to collect as many use cases as I can, before adding additional features.
Yes, thats the same thing and that "Trust Email" helps me to permanently solve the issue. Thanks.
I opened the ticket because the error message on the console was not very helpful to me. While debugging I looked at the code to understand whats happening. From this line of code I was not directly thinking of an issue with "Trust Email" because there is this part which should print the right error message
if (EMAIL_ATTRIBUTE.equalsIgnoreCase(config.userAttribute()) && !user.isEmailVerified()) {
(at least I tought so)
What I want to achieve is very basic I think. We want to use Keycloak as a central Broker and each of our Tenants for the service we will provide, will have its own Keycloak Instance which then acts as IdP. So we will have 1 Broker and 20 IdPs and need this plugin to allow automatic selection of the right IdP for the User.
The authentication flow is currently in PoC state and looks like this
Is there an existing feature request for this?
Is your feature related to a problem? Please describe.
I had the issue that my authentication flow worked in the first run, but I was not able to login after logout. I received the console error. I guess I spent too much time for debugging as I'm new to keycloak, but the reason for this issue was that the email address was not validated.
Describe the solution you'd like
I think this code line is not run. Haven't checked how to solve it and wanted to ask first. If wanted I can offer to investigate further.
keycloak-home-idp-discovery/src/main/java/de/sventorben/keycloak/authentication/hidpd/DomainExtractor.java
Line 29 in 9b743b6
Describe alternatives you've considered
No response
Anything else?
Thanks for your Keycloak Plugin! :-)
The text was updated successfully, but these errors were encountered: