๐ Github Profile Trophy
micedre / keycloak-mail-whitelisting Goto Github PK
View Code? Open in Web Editor NEWKeycloak extension to whitelist email adresses domain when users register
License: Apache License 2.0
Keycloak extension to whitelist email adresses domain when users register
License: Apache License 2.0
I would like to whitelist a specific email address, so that the user with this email can register and set the password all by him/herself.
Hi,
I'm using this plugin with Keycloak 21.0.1 and next versions and it is not working
The error is this one :
2023-08-03 12:33:19,253 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-9) Uncaught server error: java.lang.NoSuchMethodError: 'org.jboss.resteasy.spi.HttpRequest org.keycloak.authentication.ValidationContext.getHttpRequest()'
at net.micedre.keycloak.registration.RegistrationProfileWithMailDomainCheck.validate(RegistrationProfileWithMailDomainCheck.java:101)
It is related to breaking change in keycloak 21.0.1 as discussed here
https://keycloak.discourse.group/t/nosuchmethoderror-on-validationcontext-gethttprequest/20811
and keycloak javadoc
https://www.keycloak.org/docs-api/21.0.1/javadocs/org/keycloak/authentication/FormContext.html#getHttpRequest()
Is is possible to make a 1.6 release for keycloak 21+ ?
Maybe only keycloak version targetted in pom can solve this issue.
Best regards.
Hello.
I am currently evaluating the functionality of this extension and while entering the domain into the UI works very well, I am trying script a job that checks another database for a list of domains to populate into AUTHENTICATOR_CONFIG_ENTRY ยป validDomains. I see the entries are ## delaminated and if I restart my Keycloak container, the newly added domains populate into the UI.
Do you know of a way to force the pull of data from the sql database without restarting the entire container? Is there a way to restart/refresh just this extension?
Thank you
Hello @micedre,
I'm trying to install keycloak-mail-whitelisting on Keycloak 17 (docker). I copied the keycloak-mail-whitelisting-1.3.3.jar
into /opt/keycloak/standalone/deployments
but I can't see the Profile Validation With Email Domain Check
on the execution menu.
Is keycloak-mail-whitelisting it compatible with KeyCloak 17 ?
[root@b4030626acf8 deployments]# pwd
/opt/keycloak/standalone/deployments
[root@b4030626acf8 deployments]# ls -lh
total 8.0K
-rw-r--r-- 1 keycloak root 6.6K Aug 2 2021 keycloak-mail-whitelisting-1.3.3.jar
Here is the docker logs
:
Changes detected in configuration. Updating the server image.
Updating the configuration and installing your custom providers, if any. Please wait.
2022-02-22 11:38:50,557 INFO [org.keycloak.common.Profile] (build-10) Preview feature enabled: token_exchange
2022-02-22 11:38:50,925 WARN [org.keycloak.services] (build-10) KC-SERVICES0047: restrict-client-auth-authenticator (de.sventorben.keycloak.authorization.client.RestrictClientAuthAuthenticatorFactory) is implementing the internal SPI authenticator. This SPI is internal and may change without notice
2022-02-22 11:38:50,958 WARN [org.keycloak.services] (build-10) KC-SERVICES0047: client-role (de.sventorben.keycloak.authorization.client.access.role.ClientRoleBasedAccessProviderFactory) is implementing the internal SPI restrict-client-auth-access-provider. This SPI is internal and may change without notice
2022-02-22 11:38:50,958 WARN [org.keycloak.services] (build-10) KC-SERVICES0047: policy (de.sventorben.keycloak.authorization.client.access.policy.PolicyBasedAccessProviderFactory) is implementing the internal SPI restrict-client-auth-access-provider. This SPI is internal and may change without notice
2022-02-22 11:38:53,716 INFO [io.quarkus.deployment.QuarkusAugmentor] (main) Quarkus augmentation completed in 4015ms
Server configuration updated and persisted. Run the following command to review the configuration:
kc.sh show-config
Next time you run the server, just run:
kc.sh start --hostname-strict=false --db-url=jdbc:postgresql://postgres:5432/keycloak --db-username=keycloak --db-password=*******
2022-02-22 11:38:55,978 INFO [org.keycloak.common.Profile] (main) Preview feature enabled: token_exchange
2022-02-22 11:38:55,984 INFO [org.keycloak.quarkus.runtime.hostname.DefaultHostnameProvider] (main) Hostname settings: FrontEnd: <request>, Strict HTTPS: true, Path: <request>, Strict BackChannel: false, Admin: <request>
2022-02-22 11:38:56,568 WARN [org.infinispan.PERSISTENCE] (keycloak-cache-init) ISPN000554: jboss-marshalling is deprecated and planned for removal
2022-02-22 11:38:56,605 WARN [org.infinispan.CONFIG] (keycloak-cache-init) ISPN000569: Unable to persist Infinispan internal caches as no global state enabled
2022-02-22 11:38:56,632 INFO [org.infinispan.CONTAINER] (keycloak-cache-init) ISPN000556: Starting user marshaller 'org.infinispan.jboss.marshalling.core.JBossUserMarshaller'
2022-02-22 11:38:56,782 INFO [org.infinispan.CONTAINER] (keycloak-cache-init) ISPN000128: Infinispan version: Infinispan 'Triskaidekaphobia' 13.0.5.Final
2022-02-22 11:38:56,892 INFO [org.infinispan.CLUSTER] (keycloak-cache-init) ISPN000078: Starting JGroups channel `ISPN`
2022-02-22 11:38:56,893 INFO [org.infinispan.CLUSTER] (keycloak-cache-init) ISPN000088: Unable to use any JGroups configuration mechanisms provided in properties {}. Using default JGroups configuration!
2022-02-22 11:38:56,977 WARN [org.jgroups.protocols.UDP] (keycloak-cache-init) JGRP000015: the send buffer of socket MulticastSocket was set to 1.00MB, but the OS only allocated 212.99KB
2022-02-22 11:38:56,977 WARN [org.jgroups.protocols.UDP] (keycloak-cache-init) JGRP000015: the receive buffer of socket MulticastSocket was set to 20.00MB, but the OS only allocated 212.99KB
2022-02-22 11:38:56,977 WARN [org.jgroups.protocols.UDP] (keycloak-cache-init) JGRP000015: the send buffer of socket MulticastSocket was set to 1.00MB, but the OS only allocated 212.99KB
2022-02-22 11:38:56,977 WARN [org.jgroups.protocols.UDP] (keycloak-cache-init) JGRP000015: the receive buffer of socket MulticastSocket was set to 25.00MB, but the OS only allocated 212.99KB
2022-02-22 11:38:58,984 INFO [org.jgroups.protocols.pbcast.GMS] (keycloak-cache-init) b4030626acf8-32232: no members discovered after 2002 ms: creating cluster as coordinator
2022-02-22 11:38:58,994 INFO [org.infinispan.CLUSTER] (keycloak-cache-init) ISPN000094: Received new cluster view for channel ISPN: [b4030626acf8-32232|0] (1) [b4030626acf8-32232]
2022-02-22 11:38:59,001 INFO [org.infinispan.CLUSTER] (keycloak-cache-init) ISPN000079: Channel `ISPN` local address is `b4030626acf8-32232`, physical addresses are `[172.21.0.3:40126]`
2022-02-22 11:38:59,417 INFO [org.keycloak.connections.infinispan.DefaultInfinispanConnectionProviderFactory] (main) Node name: b4030626acf8-32232, Site name: null
2022-02-22 11:38:59,705 INFO [io.quarkus] (main) Keycloak 17.0.0 on JVM (powered by Quarkus 2.7.0.Final) started in 5.871s. Listening on: http://0.0.0.0:8080
2022-02-22 11:38:59,705 INFO [io.quarkus] (main) Profile prod activated.
2022-02-22 11:38:59,705 INFO [io.quarkus] (main) Installed features: [agroal, cdi, hibernate-orm, infinispan-client, jdbc-h2, jdbc-mariadb, jdbc-mssql, jdbc-mysql, jdbc-oracle, jdbc-postgresql, keycloak, narayana-jta, reactive-routes, resteasy, resteasy-jackson, smallrye-context-propagation, smallrye-health, smallrye-metrics, vault, vertx]
Keycloak 23 was released on 23.11.2023 and removes the RegistrationProfile
form action in favor of RegistrationUserCreation
. Because RegistrationProfile
is used by this plugin, running ./kc.sh build
with this plugin fails on Keycloak 23:
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: ERROR: Build failure: Build failed due to errors
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: ... 30 more
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.bootstrap.classloading.QuarkusClassLoader.loadClass(QuarkusClassLoader.java:466)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.bootstrap.classloading.QuarkusClassLoader.loadClass(QuarkusClassLoader.java:516)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.bootstrap.classloading.QuarkusClassLoader.loadClass(QuarkusClassLoader.java:466)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.bootstrap.classloading.QuarkusClassLoader.loadClass(QuarkusClassLoader.java:518)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: Caused by: java.lang.ClassNotFoundException: org.keycloak.authentication.forms.RegistrationProfile
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at org.jboss.threads.JBossThread.run(JBossThread.java:501)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.lang.Thread.run(Thread.java:840)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1538)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2513)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at org.jboss.threads.ContextHandler$1.runWith(ContextHandler.java:18)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.builder.BuildContext.run(BuildContext.java:282)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.deployment.ExtensionLoader$3.execute(ExtensionLoader.java:864)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.lang.reflect.Method.invoke(Method.java:568)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at org.keycloak.quarkus.deployment.KeycloakProcessor.configureKeycloakSessionFactory(KeycloakProcessor.java:370)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at org.keycloak.quarkus.deployment.KeycloakProcessor.loadFactories(KeycloakProcessor.java:673)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at org.keycloak.provider.ProviderManager.load(ProviderManager.java:93)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at org.keycloak.provider.DefaultProviderLoader.load(DefaultProviderLoader.java:60)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.util.ServiceLoader$3.hasNext(ServiceLoader.java:1393)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.util.ServiceLoader$2.hasNext(ServiceLoader.java:1309)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.hasNext(ServiceLoader.java:1273)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.hasNextService(ServiceLoader.java:1228)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.nextProviderClass(ServiceLoader.java:1217)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.lang.Class.forName(Class.java:467)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.lang.Class.forName0(Native Method)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.bootstrap.classloading.QuarkusClassLoader.loadClass(QuarkusClassLoader.java:466)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.bootstrap.classloading.QuarkusClassLoader.loadClass(QuarkusClassLoader.java:506)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1017)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.lang.ClassLoader.defineClass1(Native Method)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.bootstrap.classloading.QuarkusClassLoader.loadClass(QuarkusClassLoader.java:466)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at io.quarkus.bootstrap.classloading.QuarkusClassLoader.loadClass(QuarkusClassLoader.java:506)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1017)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: at java.base/java.lang.ClassLoader.defineClass1(Native Method)
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: [error]: Build step org.keycloak.quarkus.deployment.KeycloakProcessor#configureKeycloakSessionFactory threw an exception: java.lang.NoClassDefFoundError: org/keycloak/authentication/forms/RegistrationProfile
Dec 04 21:47:43 ubuntu-jammy kc.sh[2164]: ERROR: io.quarkus.builder.BuildException: Build failure: Build failed due to errors
Will this plugin be updated to be compatible to Keycloak 23?
I'm looking into migrating to RegistrationUserCreation
for another plugin, maybe I can give some hints after I figured it out.
When i look at the release i dont see any jar files.
I am sure I am doing this wrong - I have tried the following per the ?
domain1.com##domain2.com
domain1.com'##'domain2.com
'domain1.com''domain2.com'
What am I doing wrong?
Could not save the execution config: Unrecognized field "validDomains" (class org.keycloak.representations.idm.AuthenticatorConfigRepresentation), not marked as ignorable (3 known properties: "alias", "config", "id"]) at [Source: (io.quarkus.vertx.http.runtime.VertxInputStream); line: 1, column: 18] (through reference chain: org.keycloak.representations.idm.AuthenticatorConfigRepresentation["validDomains"])
There were 6-7 commits made 12 days ago (May 1st/2nd), and I believe one of them introduced the following issue:
...
Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0.20/plexus-utils-3.0.20.jar (243 kB at 1.2 MB/s)
gpg: directory '/root/.gnupg' created
gpg: keybox '/root/.gnupg/pubring.kbx' created
gpg: no default secret key: No secret key
gpg: signing failed: No secret key
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 27.250 s
[INFO] Finished at: 2021-05-13T14:07:01Z
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-gpg-plugin:1.6:sign (sign-artifacts) on project keycloak-mail-whitelisting: Exit code: 2 -> [Help 1]
...
I'm trying to follow the readme instructions for enabling a flow step and I can't find any of the additional steps this provider should have added?
I've probably missed something but anything would be helpful here.
Hey :D
Maybe you can help me. Ive added your project to my keycloak and it works fine, but I got problems with the smtp server. I receive this error:
2022-03-10 11:30:29,735 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (default task-14) Uncaught server error: java.lang.NoSuchMethodError: java.nio.ByteBuffer.clear()Ljava/nio/ByteBuffer; at org.keycloak.vault.DefaultVaultRawSecret.close(DefaultVaultRawSecret.java:90) at org.keycloak.vault.DefaultVaultTranscriber.getStringSecret(DefaultVaultTranscriber.java:96) at org.keycloak.email.DefaultEmailSenderProvider.send(DefaultEmailSenderProvider.java:144) at org.keycloak.email.freemarker.FreeMarkerEmailTemplateProvider.send(FreeMarkerEmailTemplateProvider.java:264) at org.keycloak.email.freemarker.FreeMarkerEmailTemplateProvider.sendSmtpTestEmail(FreeMarkerEmailTemplateProvider.java:135) at org.keycloak.services.resources.admin.RealmAdminResource.testSMTPConnection(RealmAdminResource.java:1013) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:170) at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:130) at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:660) at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:524) at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$2(ResourceMethodInvoker.java:474) at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364) at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:476) at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:434) at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:192) at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:152) at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:183) at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:141) at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:32) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:492) at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:261) at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:161) at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364) at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:164) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:247) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:249) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:60) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:55) at javax.servlet.http.HttpServlet.service(HttpServlet.java:590) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) at org.keycloak.provider.wildfly.WildFlyRequestFilter.lambda$doFilter$0(WildFlyRequestFilter.java:41) at org.keycloak.services.filters.AbstractRequestFilter.filter(AbstractRequestFilter.java:43) at org.keycloak.provider.wildfly.WildFlyRequestFilter.doFilter(WildFlyRequestFilter.java:39) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.elytron.web.undertow.server.ElytronRunAsHandler.lambda$handleRequest$1(ElytronRunAsHandler.java:68) at org.wildfly.security.auth.server.FlexibleIdentityAssociation.runAsFunctionEx(FlexibleIdentityAssociation.java:103) at org.wildfly.security.auth.server.Scoped.runAsFunctionEx(Scoped.java:161) at org.wildfly.security.auth.server.Scoped.runAs(Scoped.java:73) at org.wildfly.elytron.web.undertow.server.ElytronRunAsHandler.handleRequest(ElytronRunAsHandler.java:67) at io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:117) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at org.wildfly.elytron.web.undertow.server.servlet.CleanUpHandler.handleRequest(CleanUpHandler.java:38) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) at io.undertow.servlet.handlers.SendErrorPageHandler.handleRequest(SendErrorPageHandler.java:52) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:275) at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:79) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:134) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:131) at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:255) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:79) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:100) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:387) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:852) at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) at org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1280) at java.lang.Thread.run(Thread.java:748)
I know this is not related to your project, but maybe you got an idea.
Thank you in advance.
Hi @micedre,
thank you very much for this extension. Currently I'm facing the issue that I have to deny the registration for one domain in Keycloak. I thought that I could clone this repo and modify it for my purpose or we could extend this extension to support both variants to allow and deny specific domains.
What are your thoughts about my suggestion? If you like this suggestion I would create the PR for this feature.
Greetings
Fabian
If a feature like this worked in browser and first login flows, we could verify that an email address that is trying to be brokered from an IDP matches a specific domain name.
Hello ,
whenever I click on register button it shows me internal server error,
I'm using the 1.3.3 jar file ,
and one more thing I don't understand the step 7 of how to use so I have not performed it
We had this working with an old Keycloak 12.x instance, but we've upgraded our Keycloak servers to version 16.1. The plugin now causes the Keycloak server to fail to start (removing the jar from standalone/deployments/ the server starts fine).
Startup log:
...
20:55:11,663 INFO [org.keycloak.services] (ServerService Thread Pool -- 60) KC-SERVICES0001: Loading config from standalone.xml or domain.xml
20:55:12,303 INFO [org.keycloak.url.DefaultHostnameProviderFactory] (ServerService Thread Pool -- 60) Frontend: <request>, Admin: <frontend>, Backend: <request>
20:55:12,476 WARN [org.keycloak.services] (ServerService Thread Pool -- 60) KC-SERVICES0047: registration-mail-check-action (net.micedre.keycloak.registration.RegistrationProfileWithMailDomainCheck) is implementing the internal SPI form-action. This SPI is internal and may change without notice
20:55:12,513 FATAL [org.keycloak.services] (ServerService Thread Pool -- 60) Error during startup: java.util.ServiceConfigurationError: org.keycloak.authentication.FormActionFactory: Provider net.micedre.keycloak.registration.RegistrationProfileWithMailDomainCheck not found
at java.base/java.util.ServiceLoader.fail(ServiceLoader.java:589)
at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.nextProviderClass(ServiceLoader.java:1212)
at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.hasNextService(ServiceLoader.java:1221)
at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.hasNext(ServiceLoader.java:1265)
at java.base/java.util.ServiceLoader$2.hasNext(ServiceLoader.java:1300)
at java.base/java.util.ServiceLoader$3.hasNext(ServiceLoader.java:1385)
at [email protected]//org.keycloak.provider.DefaultProviderLoader.load(DefaultProviderLoader.java:60)
at [email protected]//org.keycloak.provider.ProviderManager.load(ProviderManager.java:94)
at [email protected]//org.keycloak.services.DefaultKeycloakSessionFactory.loadFactories(DefaultKeycloakSessionFactory.java:294)
at [email protected]//org.keycloak.services.DefaultKeycloakSessionFactory.init(DefaultKeycloakSessionFactory.java:110)
at [email protected]//org.keycloak.services.resources.KeycloakApplication.createSessionFactory(KeycloakApplication.java:233)
at [email protected]//org.keycloak.services.resources.KeycloakApplication.startup(KeycloakApplication.java:124)
at [email protected]//org.keycloak.provider.wildfly.WildflyPlatform.onStartup(WildflyPlatform.java:36)
at [email protected]//org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:114)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:490)
at [email protected]//org.jboss.resteasy.core.ConstructorInjectorImpl.constructOutsideRequest(ConstructorInjectorImpl.java:225)
at [email protected]//org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:209)
at [email protected]//org.jboss.resteasy.core.providerfactory.Utils.createProviderInstance(Utils.java:102)
at [email protected]//org.jboss.resteasy.core.providerfactory.ResteasyProviderFactoryImpl.createProviderInstance(ResteasyProviderFactoryImpl.java:1385)
at [email protected]//org.jboss.resteasy.core.ResteasyDeploymentImpl.createApplication(ResteasyDeploymentImpl.java:418)
at [email protected]//org.jboss.resteasy.core.ResteasyDeploymentImpl.initializeObjects(ResteasyDeploymentImpl.java:265)
at [email protected]//org.jboss.resteasy.core.ResteasyDeploymentImpl.startInternal(ResteasyDeploymentImpl.java:137)
at [email protected]//org.jboss.resteasy.core.ResteasyDeploymentImpl.start(ResteasyDeploymentImpl.java:121)
at [email protected]//org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:144)
at [email protected]//org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:42)
at [email protected]//io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117)
at org.wildfly.security.elytron-web.undertow-server-servlet@1.10.1.Final//org.wildfly.elytron.web.undertow.server.servlet.RunAsLifecycleInterceptor.doIt(RunAsLifecycleInterceptor.java:70)
at org.wildfly.security.elytron-web.undertow-server-servlet@1.10.1.Final//org.wildfly.elytron.web.undertow.server.servlet.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:76)
at [email protected]//io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103)
at [email protected]//io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:309)
at [email protected]//io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:145)
at [email protected]//io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:588)
at [email protected]//io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:559)
at [email protected]//io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42)
at [email protected]//io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
at [email protected]//io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:601)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:106)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:87)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at [email protected]//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
at [email protected]//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
at [email protected]//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
at [email protected]//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
at java.base/java.lang.Thread.run(Thread.java:829)
at [email protected]//org.jboss.threads.JBossThread.run(JBossThread.java:513)
20:55:12,547 INFO [org.jboss.as.server] (Thread-1) WFLYSRV0220: Server shutdown has been requested via an OS signal
...
Is this a known issue and/or a simple fix?
Hello,
It would be nice to be able to whitelist the domain that will be allowed to use the magic link. I bump into your lib that works perfectly but I would like to know if it would be hard to combine the magic link with this whitelisting domain?
I currently update the source code of magic link to include the following code that will whitelist the domain :
if (!email.endsWith("@gruion.com")) {
context.challenge(context.form().createForm("view-error.ftl"));
}
else{
But it would be great to have magic link working with email domain whitelisting
Would it be hard to "merge" the libraries (magic link and whitelisting domain)?
We can maybe try to collaborate with @stianst.
I have suggested the same to @stianst just in case both of you agreed to collaborate :D
I have opened a ticket to the magic link repo also stianst/keycloak-containers-demo#12 (comment)
I dont have the knowledge to do it myself, but i can help
Best regards,
Cyril
Hi,
I'm using this plugin with Keycloak 22 and it is not working
I already made a pull request for keycloak 21 (easy) but for keycloak 22 there are breaking changes (jdk17) and javax -> jakarta.
Hi Cedric,
Is it possible to make this plugin compatible with the latest Keycloak release ? (19.0.1)
Thanks
Hi,
Thanks for your plugin.
I need a little help if possible. I am using a standalone server keycloak-15.0.2.
I've deployed the keycloak-mail-whitelisting-1.3.3.jar
On "Profile Validation With Email Domain Check" domain restrict configuration, I entered on "Valid domain for emails" field, the desidered domain in the following format: mydomain.com
No, when I try to register, this error message comes up:
"Unexpected error in handling authentication request to identity provider."
What I did wrong ?
Thanks
Server Version 15.0.2
Java Version 1.8.0_171
We're looking for something quite similar to this, so was testing it locally. Built the jar and added it to standalone/deployments, and it looks like it deployed properly:
test04_keycloak.1.vha615uf5w1@ip-1-2-3-4 | 14:45:59,762 INFO [org.jboss.as.server] (ServerService Thread Pool -- 35) WFLYSRV0010: Deployed "keycloak-mail-whitelisting-1.2-SNAPSHOT.jar" (runtime-name : "keycloak-mail-whitelisting-1.2-SNAPSHOT.jar")
No errors reported, so assuming the deployment was OK.
Went into the admin console and pulled up my realm, copied the auth registration flow, and clicked on "add execution". In the resulting drop down, there's no option for Profile Validation With Email Domain Check
. I don't really see anything new actually.
How do I figure out what's missing?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.