๐ Github Profile Trophy
micedre / keycloak-mail-whitelisting Goto Github PK
View Code? Open in Web Editor NEWKeycloak extension to whitelist email adresses domain when users register
License: Apache License 2.0
keycloak-mail-whitelisting's Introduction
keycloak-mail-whitelisting's People
Contributors
![dependabot-preview[bot] avatar](https://avatars.githubusercontent.com/in/2141?v=4 "dependabot-preview[bot]")
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "github-actions[bot]")
Stargazers
Watchers
Forkers
ognjenm jobrot atropo yydzhou optionfactory savantly-net jyoonpro matchaxnb fabianlaule cpx-dev kirinse mehaei crnakad xgaia saaaneo istiak101 ergoz tuananh henriqueokomura vinay2153 bardyguillaume jseparovic w-osilva mikeshootzz nextml-code levinuss lapndkeycloak-mail-whitelisting's Issues
Allow whitelisting of whole email address not just the domain
I would like to whitelist a specific email address, so that the user with this email can register and set the password all by him/herself.
Keycloak 21.X.Y compatibility : error
Hi,
I'm using this plugin with Keycloak 21.0.1 and next versions and it is not working
The error is this one :
2023-08-03 12:33:19,253 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-9) Uncaught server error: java.lang.NoSuchMethodError: 'org.jboss.resteasy.spi.HttpRequest org.keycloak.authentication.ValidationContext.getHttpRequest()'
at net.micedre.keycloak.registration.RegistrationProfileWithMailDomainCheck.validate(RegistrationProfileWithMailDomainCheck.java:101)
It is related to breaking change in keycloak 21.0.1 as discussed here
https://keycloak.discourse.group/t/nosuchmethoderror-on-validationcontext-gethttprequest/20811
and keycloak javadoc
https://www.keycloak.org/docs-api/21.0.1/javadocs/org/keycloak/authentication/FormContext.html#getHttpRequest()
Is is possible to make a 1.6 release for keycloak 21+ ?
Maybe only keycloak version targetted in pom can solve this issue.
Best regards.
Update Domains from SQL to Keycloak
Hello.
I am currently evaluating the functionality of this extension and while entering the domain into the UI works very well, I am trying script a job that checks another database for a list of domains to populate into AUTHENTICATOR_CONFIG_ENTRY ยป validDomains. I see the entries are ## delaminated and if I restart my Keycloak container, the newly added domains populate into the UI.
Do you know of a way to force the pull of data from the sql database without restarting the entire container? Is there a way to restart/refresh just this extension?
Thank you
Not working on Keycloak 17 (quarkus)
Hello @micedre,
I'm trying to install keycloak-mail-whitelisting on Keycloak 17 (docker). I copied the keycloak-mail-whitelisting-1.3.3.jar into /opt/keycloak/standalone/deployments but I can't see the Profile Validation With Email Domain Check on the execution menu.
Is keycloak-mail-whitelisting it compatible with KeyCloak 17 ?
[root@b4030626acf8 deployments]# pwd
/opt/keycloak/standalone/deployments
[root@b4030626acf8 deployments]# ls -lh
total 8.0K
-rw-r--r-- 1 keycloak root 6.6K Aug 2 2021 keycloak-mail-whitelisting-1.3.3.jarHere is the docker logs:
Changes detected in configuration. Updating the server image.
Updating the configuration and installing your custom providers, if any. Please wait.
2022-02-22 11:38:50,557 INFO [org.keycloak.common.Profile] (build-10) Preview feature enabled: token_exchange
2022-02-22 11:38:50,925 WARN [org.keycloak.services] (build-10) KC-SERVICES0047: restrict-client-auth-authenticator (de.sventorben.keycloak.authorization.client.RestrictClientAuthAuthenticatorFactory) is implementing the internal SPI authenticator. This SPI is internal and may change without notice
2022-02-22 11:38:50,958 WARN [org.keycloak.services] (build-10) KC-SERVICES0047: client-role (de.sventorben.keycloak.authorization.client.access.role.ClientRoleBasedAccessProviderFactory) is implementing the internal SPI restrict-client-auth-access-provider. This SPI is internal and may change without notice
2022-02-22 11:38:50,958 WARN [org.keycloak.services] (build-10) KC-SERVICES0047: policy (de.sventorben.keycloak.authorization.client.access.policy.PolicyBasedAccessProviderFactory) is implementing the internal SPI restrict-client-auth-access-provider. This SPI is internal and may change without notice
2022-02-22 11:38:53,716 INFO [io.quarkus.deployment.QuarkusAugmentor] (main) Quarkus augmentation completed in 4015ms
Server configuration updated and persisted. Run the following command to review the configuration:
kc.sh show-config
Next time you run the server, just run:
kc.sh start --hostname-strict=false --db-url=jdbc:postgresql://postgres:5432/keycloak --db-username=keycloak --db-password=*******
2022-02-22 11:38:55,978 INFO [org.keycloak.common.Profile] (main) Preview feature enabled: token_exchange
2022-02-22 11:38:55,984 INFO [org.keycloak.quarkus.runtime.hostname.DefaultHostnameProvider] (main) Hostname settings: FrontEnd: <request>, Strict HTTPS: true, Path: <request>, Strict BackChannel: false, Admin: <request>
2022-02-22 11:38:56,568 WARN [org.infinispan.PERSISTENCE] (keycloak-cache-init) ISPN000554: jboss-marshalling is deprecated and planned for removal
2022-02-22 11:38:56,605 WARN [org.infinispan.CONFIG] (keycloak-cache-init) ISPN000569: Unable to persist Infinispan internal caches as no global state enabled
2022-02-22 11:38:56,632 INFO [org.infinispan.CONTAINER] (keycloak-cache-init) ISPN000556: Starting user marshaller 'org.infinispan.jboss.marshalling.core.JBossUserMarshaller'
2022-02-22 11:38:56,782 INFO [org.infinispan.CONTAINER] (keycloak-cache-init) ISPN000128: Infinispan version: Infinispan 'Triskaidekaphobia' 13.0.5.Final
2022-02-22 11:38:56,892 INFO [org.infinispan.CLUSTER] (keycloak-cache-init) ISPN000078: Starting JGroups channel `ISPN`
2022-02-22 11:38:56,893 INFO [org.infinispan.CLUSTER] (keycloak-cache-init) ISPN000088: Unable to use any JGroups configuration mechanisms provided in properties {}. Using default JGroups configuration!
2022-02-22 11:38:56,977 WARN [org.jgroups.protocols.UDP] (keycloak-cache-init) JGRP000015: the send buffer of socket MulticastSocket was set to 1.00MB, but the OS only allocated 212.99KB
2022-02-22 11:38:56,977 WARN [org.jgroups.protocols.UDP] (keycloak-cache-init) JGRP000015: the receive buffer of socket MulticastSocket was set to 20.00MB, but the OS only allocated 212.99KB
2022-02-22 11:38:56,977 WARN [org.jgroups.protocols.UDP] (keycloak-cache-init) JGRP000015: the send buffer of socket MulticastSocket was set to 1.00MB, but the OS only allocated 212.99KB
2022-02-22 11:38:56,977 WARN [org.jgroups.protocols.UDP] (keycloak-cache-init) JGRP000015: the receive buffer of socket MulticastSocket was set to 25.00MB, but the OS only allocated 212.99KB
2022-02-22 11:38:58,984 INFO [org.jgroups.protocols.pbcast.GMS] (keycloak-cache-init) b4030626acf8-32232: no members discovered after 2002 ms: creating cluster as coordinator
2022-02-22 11:38:58,994 INFO [org.infinispan.CLUSTER] (keycloak-cache-init) ISPN000094: Received new cluster view for channel ISPN: [b4030626acf8-32232|0] (1) [b4030626acf8-32232]
2022-02-22 11:38:59,001 INFO [org.infinispan.CLUSTER] (keycloak-cache-init) ISPN000079: Channel `ISPN` local address is `b4030626acf8-32232`, physical addresses are `[172.21.0.3:40126]`
2022-02-22 11:38:59,417 INFO [org.keycloak.connections.infinispan.DefaultInfinispanConnectionProviderFactory] (main) Node name: b4030626acf8-32232, Site name: null
2022-02-22 11:38:59,705 INFO [io.quarkus] (main) Keycloak 17.0.0 on JVM (powered by Quarkus 2.7.0.Final) started in 5.871s. Listening on: http://0.0.0.0:8080
2022-02-22 11:38:59,705 INFO [io.quarkus] (main) Profile prod activated.
2022-02-22 11:38:59,705 INFO [io.quarkus] (main) Installed features: [agroal, cdi, hibernate-orm, infinispan-client, jdbc-h2, jdbc-mariadb, jdbc-mssql, jdbc-mysql, jdbc-oracle, jdbc-postgresql, keycloak, narayana-jta, reactive-routes, resteasy, resteasy-jackson, smallrye-context-propagation, smallrye-health, smallrye-metrics, vault, vertx]
Not compatible with Keycloak 23
Keycloak 23 was released on 23.11.2023 and removes the RegistrationProfile form action in favor of RegistrationUserCreation. Because RegistrationProfile is used by this plugin, running ./kc.sh build with this plugin fails on Keycloak 23:
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: ERROR: Build failure: Build failed due to errors
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: ... 30 more
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.bootstrap.classloading.QuarkusClassLoader.loadClass(QuarkusClassLoader.java:466)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.bootstrap.classloading.QuarkusClassLoader.loadClass(QuarkusClassLoader.java:516)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.bootstrap.classloading.QuarkusClassLoader.loadClass(QuarkusClassLoader.java:466)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.bootstrap.classloading.QuarkusClassLoader.loadClass(QuarkusClassLoader.java:518)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: Caused by: java.lang.ClassNotFoundException: org.keycloak.authentication.forms.RegistrationProfile
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at org.jboss.threads.JBossThread.run(JBossThread.java:501)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.lang.Thread.run(Thread.java:840)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1538)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2513)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at org.jboss.threads.ContextHandler$1.runWith(ContextHandler.java:18)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.builder.BuildContext.run(BuildContext.java:282)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.deployment.ExtensionLoader$3.execute(ExtensionLoader.java:864)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.lang.reflect.Method.invoke(Method.java:568)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at org.keycloak.quarkus.deployment.KeycloakProcessor.configureKeycloakSessionFactory(KeycloakProcessor.java:370)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at org.keycloak.quarkus.deployment.KeycloakProcessor.loadFactories(KeycloakProcessor.java:673)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at org.keycloak.provider.ProviderManager.load(ProviderManager.java:93)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at org.keycloak.provider.DefaultProviderLoader.load(DefaultProviderLoader.java:60)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.util.ServiceLoader$3.hasNext(ServiceLoader.java:1393)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.util.ServiceLoader$2.hasNext(ServiceLoader.java:1309)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.hasNext(ServiceLoader.java:1273)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.hasNextService(ServiceLoader.java:1228)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.nextProviderClass(ServiceLoader.java:1217)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.lang.Class.forName(Class.java:467)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.lang.Class.forName0(Native Method)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.bootstrap.classloading.QuarkusClassLoader.loadClass(QuarkusClassLoader.java:466)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.bootstrap.classloading.QuarkusClassLoader.loadClass(QuarkusClassLoader.java:506)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1017)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.lang.ClassLoader.defineClass1(Native Method)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.bootstrap.classloading.QuarkusClassLoader.loadClass(QuarkusClassLoader.java:466)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.bootstrap.classloading.QuarkusClassLoader.loadClass(QuarkusClassLoader.java:506)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1017)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.lang.ClassLoader.defineClass1(Native Method)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: [error]: Build step org.keycloak.quarkus.deployment.KeycloakProcessor#configureKeycloakSessionFactory threw an exception: java.lang.NoClassDefFoundError: org/keycloak/authentication/forms/RegistrationProfile
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: ERROR: io.quarkus.builder.BuildException: Build failure: Build failed due to errors
Will this plugin be updated to be compatible to Keycloak 23?
I'm looking into migrating to RegistrationUserCreation for another plugin, maybe I can give some hints after I figured it out.
Where can i find the latest jar file ?
When i look at the release i dont see any jar files.
Cannot add multiple domains
I am sure I am doing this wrong - I have tried the following per the ?
domain1.com##domain2.com
domain1.com'##'domain2.com
'domain1.com''domain2.com'
What am I doing wrong?
Could not save the execution config: Unrecognized field "validDomains" (class org.keycloak.representations.idm.AuthenticatorConfigRepresentation), not marked as ignorable (3 known properties: "alias", "config", "id"]) at [Source: (io.quarkus.vertx.http.runtime.VertxInputStream); line: 1, column: 18] (through reference chain: org.keycloak.representations.idm.AuthenticatorConfigRepresentation["validDomains"])
GPG issue building
There were 6-7 commits made 12 days ago (May 1st/2nd), and I believe one of them introduced the following issue:
...
Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0.20/plexus-utils-3.0.20.jar (243 kB at 1.2 MB/s)
gpg: directory '/root/.gnupg' created
gpg: keybox '/root/.gnupg/pubring.kbx' created
gpg: no default secret key: No secret key
gpg: signing failed: No secret key
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 27.250 s
[INFO] Finished at: 2021-05-13T14:07:01Z
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-gpg-plugin:1.6:sign (sign-artifacts) on project keycloak-mail-whitelisting: Exit code: 2 -> [Help 1]
...
[docs] Do instructions in readme work on Keycloak 23?
I'm trying to follow the readme instructions for enabling a flow step and I can't find any of the additional steps this provider should have added?
I've probably missed something but anything would be helpful here.
KeyCloak doesnt send emails
Hey :D
Maybe you can help me. Ive added your project to my keycloak and it works fine, but I got problems with the smtp server. I receive this error:
2022-03-10 11:30:29,735 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (default task-14) Uncaught server error: java.lang.NoSuchMethodError: java.nio.ByteBuffer.clear()Ljava/nio/ByteBuffer; at org.keycloak.vault.DefaultVaultRawSecret.close(DefaultVaultRawSecret.java:90) at org.keycloak.vault.DefaultVaultTranscriber.getStringSecret(DefaultVaultTranscriber.java:96) at org.keycloak.email.DefaultEmailSenderProvider.send(DefaultEmailSenderProvider.java:144) at org.keycloak.email.freemarker.FreeMarkerEmailTemplateProvider.send(FreeMarkerEmailTemplateProvider.java:264) at org.keycloak.email.freemarker.FreeMarkerEmailTemplateProvider.sendSmtpTestEmail(FreeMarkerEmailTemplateProvider.java:135) at org.keycloak.services.resources.admin.RealmAdminResource.testSMTPConnection(RealmAdminResource.java:1013) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:170) at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:130) at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:660) at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:524) at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$2(ResourceMethodInvoker.java:474) at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364) at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:476) at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:434) at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:192) at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:152) at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:183) at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:141) at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:32) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:492) at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:261) at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:161) at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364) at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:164) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:247) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:249) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:60) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:55) at javax.servlet.http.HttpServlet.service(HttpServlet.java:590) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) at org.keycloak.provider.wildfly.WildFlyRequestFilter.lambda$doFilter$0(WildFlyRequestFilter.java:41) at org.keycloak.services.filters.AbstractRequestFilter.filter(AbstractRequestFilter.java:43) at org.keycloak.provider.wildfly.WildFlyRequestFilter.doFilter(WildFlyRequestFilter.java:39) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.elytron.web.undertow.server.ElytronRunAsHandler.lambda$handleRequest$1(ElytronRunAsHandler.java:68) at org.wildfly.security.auth.server.FlexibleIdentityAssociation.runAsFunctionEx(FlexibleIdentityAssociation.java:103) at org.wildfly.security.auth.server.Scoped.runAsFunctionEx(Scoped.java:161) at org.wildfly.security.auth.server.Scoped.runAs(Scoped.java:73) at org.wildfly.elytron.web.undertow.server.ElytronRunAsHandler.handleRequest(ElytronRunAsHandler.java:67) at io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:117) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at org.wildfly.elytron.web.undertow.server.servlet.CleanUpHandler.handleRequest(CleanUpHandler.java:38) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) at io.undertow.servlet.handlers.SendErrorPageHandler.handleRequest(SendErrorPageHandler.java:52) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:275) at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:79) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:134) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:131) at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:255) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:79) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:100) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:387) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:852) at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) at org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1280) at java.lang.Thread.run(Thread.java:748)
I know this is not related to your project, but maybe you got an idea.
Thank you in advance.
Suggestion: Support sets of allowed and denied domains
Hi @micedre,
thank you very much for this extension. Currently I'm facing the issue that I have to deny the registration for one domain in Keycloak. I thought that I could clone this repo and modify it for my purpose or we could extend this extension to support both variants to allow and deny specific domains.
What are your thoughts about my suggestion? If you like this suggestion I would create the PR for this feature.
Greetings
Fabian
suggestion: make this usable in browser and first login flow (for use with IDPs)
If a feature like this worked in browser and first login flows, we could verify that an email address that is trying to be brokered from an IDP matches a specific domain name.
It shows internal server error in keycloak v21.0.1
Hello ,
whenever I click on register button it shows me internal server error,
I'm using the 1.3.3 jar file ,
and one more thing I don't understand the step 7 of how to use so I have not performed it
Working with Keycloak 16?
We had this working with an old Keycloak 12.x instance, but we've upgraded our Keycloak servers to version 16.1. The plugin now causes the Keycloak server to fail to start (removing the jar from standalone/deployments/ the server starts fine).
Startup log:
...
20:55:11,663 INFO [org.keycloak.services] (ServerService Thread Pool -- 60) KC-SERVICES0001: Loading config from standalone.xml or domain.xml
20:55:12,303 INFO [org.keycloak.url.DefaultHostnameProviderFactory] (ServerService Thread Pool -- 60) Frontend: <request>, Admin: <frontend>, Backend: <request>
20:55:12,476 WARN [org.keycloak.services] (ServerService Thread Pool -- 60) KC-SERVICES0047: registration-mail-check-action (net.micedre.keycloak.registration.RegistrationProfileWithMailDomainCheck) is implementing the internal SPI form-action. This SPI is internal and may change without notice
20:55:12,513 FATAL [org.keycloak.services] (ServerService Thread Pool -- 60) Error during startup: java.util.ServiceConfigurationError: org.keycloak.authentication.FormActionFactory: Provider net.micedre.keycloak.registration.RegistrationProfileWithMailDomainCheck not found
at java.base/java.util.ServiceLoader.fail(ServiceLoader.java:589)
at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.nextProviderClass(ServiceLoader.java:1212)
at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.hasNextService(ServiceLoader.java:1221)
at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.hasNext(ServiceLoader.java:1265)
at java.base/java.util.ServiceLoader$2.hasNext(ServiceLoader.java:1300)
at java.base/java.util.ServiceLoader$3.hasNext(ServiceLoader.java:1385)
at [email protected]//org.keycloak.provider.DefaultProviderLoader.load(DefaultProviderLoader.java:60)
at [email protected]//org.keycloak.provider.ProviderManager.load(ProviderManager.java:94)
at [email protected]//org.keycloak.services.DefaultKeycloakSessionFactory.loadFactories(DefaultKeycloakSessionFactory.java:294)
at [email protected]//org.keycloak.services.DefaultKeycloakSessionFactory.init(DefaultKeycloakSessionFactory.java:110)
at [email protected]//org.keycloak.services.resources.KeycloakApplication.createSessionFactory(KeycloakApplication.java:233)
at [email protected]//org.keycloak.services.resources.KeycloakApplication.startup(KeycloakApplication.java:124)
at [email protected]//org.keycloak.provider.wildfly.WildflyPlatform.onStartup(WildflyPlatform.java:36)
at [email protected]//org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:114)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:490)
at [email protected]//org.jboss.resteasy.core.ConstructorInjectorImpl.constructOutsideRequest(ConstructorInjectorImpl.java:225)
at [email protected]//org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:209)
at [email protected]//org.jboss.resteasy.core.providerfactory.Utils.createProviderInstance(Utils.java:102)
at [email protected]//org.jboss.resteasy.core.providerfactory.ResteasyProviderFactoryImpl.createProviderInstance(ResteasyProviderFactoryImpl.java:1385)
at [email protected]//org.jboss.resteasy.core.ResteasyDeploymentImpl.createApplication(ResteasyDeploymentImpl.java:418)
at [email protected]//org.jboss.resteasy.core.ResteasyDeploymentImpl.initializeObjects(ResteasyDeploymentImpl.java:265)
at [email protected]//org.jboss.resteasy.core.ResteasyDeploymentImpl.startInternal(ResteasyDeploymentImpl.java:137)
at [email protected]//org.jboss.resteasy.core.ResteasyDeploymentImpl.start(ResteasyDeploymentImpl.java:121)
at [email protected]//org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:144)
at [email protected]//org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:42)
at [email protected]//io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117)
at org.wildfly.security.elytron-web.undertow-server-servlet@1.10.1.Final//org.wildfly.elytron.web.undertow.server.servlet.RunAsLifecycleInterceptor.doIt(RunAsLifecycleInterceptor.java:70)
at org.wildfly.security.elytron-web.undertow-server-servlet@1.10.1.Final//org.wildfly.elytron.web.undertow.server.servlet.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:76)
at [email protected]//io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103)
at [email protected]//io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:309)
at [email protected]//io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:145)
at [email protected]//io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:588)
at [email protected]//io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:559)
at [email protected]//io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42)
at [email protected]//io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
at [email protected]//io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:601)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:106)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:87)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at [email protected]//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
at [email protected]//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
at [email protected]//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
at [email protected]//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
at java.base/java.lang.Thread.run(Thread.java:829)
at [email protected]//org.jboss.threads.JBossThread.run(JBossThread.java:513)
20:55:12,547 INFO [org.jboss.as.server] (Thread-1) WFLYSRV0220: Server shutdown has been requested via an OS signal
...
Is this a known issue and/or a simple fix?
Adding this feature to the magic link authentication
Hello,
It would be nice to be able to whitelist the domain that will be allowed to use the magic link. I bump into your lib that works perfectly but I would like to know if it would be hard to combine the magic link with this whitelisting domain?
I currently update the source code of magic link to include the following code that will whitelist the domain :
if (!email.endsWith("@gruion.com")) {
context.challenge(context.form().createForm("view-error.ftl"));
}
else{
But it would be great to have magic link working with email domain whitelisting
Would it be hard to "merge" the libraries (magic link and whitelisting domain)?
We can maybe try to collaborate with @stianst.
I have suggested the same to @stianst just in case both of you agreed to collaborate :D
I have opened a ticket to the magic link repo also stianst/keycloak-containers-demo#12 (comment)
I dont have the knowledge to do it myself, but i can help
Best regards,
Cyril
Gets deployed but not shown in keycloak
Hey!
I got the following issue: KeyCloak deploys it just fine (v16) according to the logs. I also restarted it but I cant find it in the Provider Drop Down Menu,
Am I missing something?
Thank you.
Keycloak 22.X compatibility
Hi,
I'm using this plugin with Keycloak 22 and it is not working
I already made a pull request for keycloak 21 (easy) but for keycloak 22 there are breaking changes (jdk17) and javax -> jakarta.
Keycloak 19.0.1 compatibility ?
Hi Cedric,
Is it possible to make this plugin compatible with the latest Keycloak release ? (19.0.1)
Thanks
Unexpected error in handling authentication
Hi,
Thanks for your plugin.
I need a little help if possible. I am using a standalone server keycloak-15.0.2.
I've deployed the keycloak-mail-whitelisting-1.3.3.jar
On "Profile Validation With Email Domain Check" domain restrict configuration, I entered on "Valid domain for emails" field, the desidered domain in the following format: mydomain.com
No, when I try to register, this error message comes up:
"Unexpected error in handling authentication request to identity provider."
What I did wrong ?
Thanks
Server Version 15.0.2
Java Version 1.8.0_171
"can't convert undefined to object"
Using:
Keycloak19.0.2
PostgresQL 14.2 (in RDS)
While the plugin appears to load, going to the config page appears to break it. see below.
Execution isn't showing up
We're looking for something quite similar to this, so was testing it locally. Built the jar and added it to standalone/deployments, and it looks like it deployed properly:
test04_keycloak.1.vha615uf5w1@ip-1-2-3-4 | 14:45:59,762 INFO [org.jboss.as.server] (ServerService Thread Pool -- 35) WFLYSRV0010: Deployed "keycloak-mail-whitelisting-1.2-SNAPSHOT.jar" (runtime-name : "keycloak-mail-whitelisting-1.2-SNAPSHOT.jar")
No errors reported, so assuming the deployment was OK.
Went into the admin console and pulled up my realm, copied the auth registration flow, and clicked on "add execution". In the resulting drop down, there's no option for Profile Validation With Email Domain Check. I don't really see anything new actually.
How do I figure out what's missing?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.