Open Writtscher opened 3 weeks ago
Hi. I am trying to create a custom authentication flow. This is my terraform file:
resource "keycloak_authentication_flow" "vpp_authentication_flow" { realm_id = keycloak_realm.vpp.id alias = "vpp browser" } resource "keycloak_authentication_bindings" "vpp_vpp_authentication_flow_authentication_binding" { realm_id = keycloak_realm.vpp.id browser_flow = keycloak_authentication_flow.vpp_authentication_flow.alias } resource "keycloak_authentication_execution" "vpp_authentication_flow_cookie_authentication_execution" { realm_id = keycloak_realm.vpp.id parent_flow_alias = keycloak_authentication_flow.vpp_authentication_flow.alias authenticator = "auth-cookie" requirement = "ALTERNATIVE" depends_on = [] } resource "keycloak_authentication_execution" "vpp_authentication_flow_identity_provider_redirector_authentication_execution" { realm_id = keycloak_realm.vpp.id parent_flow_alias = keycloak_authentication_flow.vpp_authentication_flow.alias authenticator = "identity-provider-redirector" requirement = "ALTERNATIVE" depends_on = [ keycloak_authentication_execution.vpp_authentication_flow_cookie_authentication_execution ] } resource "keycloak_authentication_subflow" "vpp_browser_authentication_subflow" { realm_id = keycloak_realm.vpp.id parent_flow_alias = keycloak_authentication_flow.vpp_authentication_flow.alias alias = "browser forms" requirement = "ALTERNATIVE" depends_on = [ keycloak_authentication_execution.vpp_authentication_flow_identity_provider_redirector_authentication_execution ] } resource "keycloak_authentication_execution" "vpp_authentication_flow_username_password_form_authentication_execution" { realm_id = keycloak_realm.vpp.id parent_flow_alias = keycloak_authentication_subflow.vpp_browser_authentication_subflow.alias authenticator = "auth-username-password-form" requirement = "REQUIRED" } resource "keycloak_authentication_execution" "vpp_authentication_flow_session_counter_authentication_execution" { realm_id = keycloak_realm.vpp.id parent_flow_alias = keycloak_authentication_subflow.vpp_browser_authentication_subflow.alias authenticator = "user-session-limits" requirement = "REQUIRED" depends_on = [ keycloak_authentication_execution.vpp_authentication_flow_username_password_form_authentication_execution ] } resource "keycloak_authentication_execution_config" "vpp_authentication_flow_session_counter_authentication_execution_config" { realm_id = keycloak_realm.vpp.id execution_id = keycloak_authentication_execution.vpp_authentication_flow_session_counter_authentication_execution.id alias = "vpp browser authentication flow session counter config" config = { "behavior" = "Deny new sessions", "errorMessage" = "You are already logged in. Please close the other session., "userClientLimit" = "1", "userRealmLimit" = "0", } }
It works but the priority of the executions is wrong
The result of this is:
{ "id": "0d7ca48f-7601-4c09-ba4d-79c1b38303d1", "alias": "vpp browser", "description": "", "providerId": "basic-flow", "topLevel": true, "builtIn": false, "authenticationExecutions": [ { "authenticatorFlow": true, "requirement": "ALTERNATIVE", "priority": 1, "autheticatorFlow": true, "flowAlias": "browser forms", "userSetupAllowed": false }, { "authenticator": "auth-cookie", "authenticatorFlow": false, "requirement": "ALTERNATIVE", "priority": 2, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticator": "identity-provider-redirector", "authenticatorFlow": false, "requirement": "ALTERNATIVE", "priority": 2, "autheticatorFlow": false, "userSetupAllowed": false } ] }
The priority should be auth-cookie -> identity-provider-redirector -> forms subflow. I tried everything (depends_on). but no luck. What am I missing?
auth-cookie
identity-provider-redirector
forms subflow
Hi. I am trying to create a custom authentication flow. This is my terraform file:
It works but the priority of the executions is wrong
The result of this is:
The priority should be
auth-cookie->identity-provider-redirector->forms subflow. I tried everything (depends_on). but no luck. What am I missing?