spiashko
commented
3 years ago @mathanpt you should create copy of browser flow but not new in the end your flow should look like on screenshot
Open mathanpt opened 3 years ago
spiashko
commented
3 years ago @mathanpt you should create copy of browser flow but not new in the end your flow should look like on screenshot
mathanpt
commented
3 years ago I am trying to land on the SMS auth page instead of username/password form (not 2FA)
Keycloak Server Log:
2020-11-06 19:30:54,623 DEBUG [org.keycloak.services.managers.AuthenticationSessionManager] (default task-1) Found AUTH_SESSION_ID cookie with value 9e0450e0-77df-4453-a32c-0df75 62789a1.mathan-inspiron-5570 1587 2020-11-06 19:30:54,634 DEBUG [org.keycloak.services.managers.AuthenticationSessionManager] (default task-1) Set AUTH_SESSION_ID cookie with value 57990858-3971-49f1-a2ce-6294407 aed9a.mathan-inspiron-5570 1588 2020-11-06 19:30:54,637 DEBUG [org.keycloak.protocol.AuthorizationEndpointBase] (default task-1) Sent request to authz endpoint. Created new root authentication session with ID ' 57990858-3971-49f1-a2ce-6294407aed9a' . Client: sms . New authentication session tab ID: t6qlSQePdjs 1589 2020-11-06 19:30:54,759 DEBUG [org.keycloak.authentication.AuthenticationProcessor] (default task-1) AUTHENTICATE 1590 2020-11-06 19:30:54,759 DEBUG [org.keycloak.authentication.AuthenticationProcessor] (default task-1) AUTHENTICATE ONLY 1591 2020-11-06 19:30:54,765 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-1) processFlow: Browser with SMS 1592 2020-11-06 19:30:54,769 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-1) check execution: 'Browser with SMS forms flow', requirement: 'REQUIRED' 1593 2020-11-06 19:30:54,769 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-1) processFlow: Browser with SMS forms 1594 2020-11-06 19:30:54,769 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-1) check execution: 'sms-code-authenticator', requirement: 'REQUIRED' 1595 2020-11-06 19:30:54,770 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-1) authenticator: sms-code-authenticator 1596 2020-11-06 19:30:54,772 DEBUG [org.keycloak.authentication.AuthenticationSelectionResolver] (default task-1) Going through the flow 'Browser with SMS forms' for adding executions 1597 2020-11-06 19:30:54,773 DEBUG [org.keycloak.authentication.AuthenticationSelectionResolver] (default task-1) Selections when trying execution 'sms-code-authenticator' : [ authSel ection - sms-code-authenticator] 1598 2020-11-06 19:30:54,775 WARN [org.keycloak.services] (default task-1) KC-SERVICES0013: Failed authentication: org.keycloak.authentication.AuthenticationFlowException: authentica tor: sms-code-authenticator 1599 at org.keycloak.keycloak-services@11.0.2//org.keycloak.authentication.DefaultAuthenticationFlow.processSingleFlowExecutionModel(DefaultAuthenticationFlow.java:428) 1600 at org.keycloak.keycloak-services@11.0.2//org.keycloak.authentication.DefaultAuthenticationFlow.processFlow(DefaultAuthenticationFlow.java:252) 1601 at org.keycloak.keycloak-services@11.0.2//org.keycloak.authentication.DefaultAuthenticationFlow.processSingleFlowExecutionModel(DefaultAuthenticationFlow.java:386) 1602 at org.keycloak.keycloak-services@11.0.2//org.keycloak.authentication.DefaultAuthenticationFlow.processFlow(DefaultAuthenticationFlow.java:252) 1603 at org.keycloak.keycloak-services@11.0.2//org.keycloak.authentication.AuthenticationProcessor.authenticateOnly(AuthenticationProcessor.java:978) 1604 at org.keycloak.keycloak-services@11.0.2//org.keycloak.authentication.AuthenticationProcessor.authenticate(AuthenticationProcessor.java:840) 1605 at org.keycloak.keycloak-services@11.0.2//org.keycloak.protocol.AuthorizationEndpointBase.handleBrowserAuthenticationRequest(AuthorizationEndpointBase.java:151) 1606 at org.keycloak.keycloak-services@11.0.2//org.keycloak.protocol.oidc.endpoints.AuthorizationEndpoint.buildAuthorizationCodeAuthorizationResponse(AuthorizationEndpoint.java:481) 1607 at org.keycloak.keycloak-services@11.0.2//org.keycloak.protocol.oidc.endpoints.AuthorizationEndpoint.process(AuthorizationEndpoint.java:177) 1608 at org.keycloak.keycloak-services@11.0.2//org.keycloak.protocol.oidc.endpoints.AuthorizationEndpoint.buildGet(AuthorizationEndpoint.java:116) 1609 at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 1610 at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 1611 at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 1612 at java.base/java.lang.reflect.Method.invoke(Method.java:564) 1613 at org.jboss.resteasy.resteasy-jaxrs@3.12.1.Final//org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:138) 1614 at org.jboss.resteasy.resteasy-jaxrs@3.12.1.Final//org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:543) 1615 at org.jboss.resteasy.resteasy-jaxrs@3.12.1.Final//org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:432) 1616 at org.jboss.resteasy.resteasy-jaxrs@3.12.1.Final//org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$0(ResourceMethodInvoker.java:393) 1617 at org.jboss.resteasy.resteasy-jaxrs@3.12.1.Final//org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:358) 1618 at org.jboss.resteasy.resteasy-jaxrs@3.12.1.Final//org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:395) 1619 at org.jboss.resteasy.resteasy-jaxrs@3.12.1.Final//org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:364) 1620 at org.jboss.resteasy.resteasy-jaxrs@3.12.1.Final//org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:150) 1621 at org.jboss.resteasy.resteasy-jaxrs@3.12.1.Final//org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:110)
`
@spiashko Can we have a quick call?
mathanpt
commented
3 years ago @spiashko Your inputs on this is highly appreciated
spiashko
commented
3 years ago @mathanpt sorry missed notification emails somehow, now back to your question, so basically what you are trying to achieve is not assumed by this plugin and more over not possible as first of all to send sms you need to know mobile number and to know mobile number you need know what user trying to login and basically that is main reason why username/password first and only then sms code
@spiashko Generated keycloak-sms-authenticator-1.0.0-SNAPSHOT-jar-with-dependencies.jar file and placed it on the standalone/deployments/ folder on the Keycloak Created new realm called "sms" Authentication -> Flows -> New -> Set Alias name as "sms-auth" Added "Sms Code" execution for the above and make it as "REQUIRED" Created a new client called "sms-client" on the Clients -> Create Set Browser Flow -> sms-auth under Authentication Flow Overrides Set redirect uri as http://localhost:3000/*
If I try to access using the react js client I am getting error like Invalid username / password, it didn't land on login page
How to access the custom login page?
Keycloak server log: