xgp
commented
1 year ago I'm still stuck on this one. There are some cases when the url after the required actions contains session_state or session. The case where it contains session_state it fails on the keycloak test app and the "old" account console. I don't have a good idea why they are different.
gsantosamn
Hello,
I have installed this provider in my local Keycloak, and I'm using the Keycloak test app to make tests : https://www.keycloak.org/app/
When using another provider for the magic link(the "experiment" you link, that uses magic-link "session based", as opposed to "action-token based"), I am logged-in instantly after clicking the magic-link in the email.
When using this provider (with action-token), when I click the link, I am presented with this screen again :
And I have to click again on "Sign In", then I'm logged in. This did not happen with the version of the magic link that did not use action-tokens.
I have looked into the code and I suppose that this part of the code is doing this :
String nextAction = AuthenticationManager.nextRequiredAction( tokenContext.getSession(), authSession, tokenContext.getRequest(), tokenContext.getEvent()); return AuthenticationManager.redirectToRequiredActions( tokenContext.getSession(), tokenContext.getRealm(), authSession, tokenContext.getUriInfo(), nextAction);But I have not found how to modify it to have the behaviour I want. Thank you