Example 1 with IdpVerifyAccountLinkActionToken
use of org.keycloak.authentication.actiontoken.idpverifyemail.IdpVerifyAccountLinkActionToken in project keycloak by keycloak.
the class IdpEmailVerificationAuthenticator method sendVerifyEmail.
private void sendVerifyEmail(KeycloakSession session, AuthenticationFlowContext context, UserModel existingUser, BrokeredIdentityContext brokerContext) throws UriBuilderException, IllegalArgumentException {
RealmModel realm = session.getContext().getRealm();
UriInfo uriInfo = session.getContext().getUri();
AuthenticationSessionModel authSession = context.getAuthenticationSession();
int validityInSecs = realm.getActionTokenGeneratedByUserLifespan(IdpVerifyAccountLinkActionToken.TOKEN_TYPE);
int absoluteExpirationInSecs = Time.currentTime() + validityInSecs;
EventBuilder event = context.getEvent().clone().event(EventType.SEND_IDENTITY_PROVIDER_LINK).user(existingUser).detail(Details.USERNAME, existingUser.getUsername()).detail(Details.EMAIL, existingUser.getEmail()).detail(Details.CODE_ID, authSession.getParentSession().getId()).removeDetail(Details.AUTH_METHOD).removeDetail(Details.AUTH_TYPE);
String authSessionEncodedId = AuthenticationSessionCompoundId.fromAuthSession(authSession).getEncodedId();
IdpVerifyAccountLinkActionToken token = new IdpVerifyAccountLinkActionToken(existingUser.getId(), existingUser.getEmail(), absoluteExpirationInSecs, authSessionEncodedId, brokerContext.getUsername(), brokerContext.getIdpConfig().getAlias(), authSession.getClient().getClientId());
UriBuilder builder = Urls.actionTokenBuilder(uriInfo.getBaseUri(), token.serialize(session, realm, uriInfo), authSession.getClient().getClientId(), authSession.getTabId());
String link = builder.queryParam(Constants.EXECUTION, context.getExecution().getId()).build(realm.getName()).toString();
long expirationInMinutes = TimeUnit.SECONDS.toMinutes(validityInSecs);
try {
context.getSession().getProvider(EmailTemplateProvider.class).setRealm(realm).setAuthenticationSession(authSession).setUser(existingUser).setAttribute(EmailTemplateProvider.IDENTITY_PROVIDER_BROKER_CONTEXT, brokerContext).sendConfirmIdentityBrokerLink(link, expirationInMinutes);
event.success();
} catch (EmailException e) {
event.error(Errors.EMAIL_SEND_FAILED);
ServicesLogger.LOGGER.confirmBrokerEmailFailed(e);
Response challenge = context.form().setError(Messages.EMAIL_SENT_ERROR).createErrorPage(Response.Status.INTERNAL_SERVER_ERROR);
context.failure(AuthenticationFlowError.INTERNAL_ERROR, challenge);
return;
}
showEmailSentPage(context, brokerContext);
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
Response(javax.ws.rs.core.Response)
AuthenticationSessionModel(org.keycloak.sessions.AuthenticationSessionModel)
EventBuilder(org.keycloak.events.EventBuilder)
EmailTemplateProvider(org.keycloak.email.EmailTemplateProvider)
EmailException(org.keycloak.email.EmailException)
IdpVerifyAccountLinkActionToken(org.keycloak.authentication.actiontoken.idpverifyemail.IdpVerifyAccountLinkActionToken)
UriBuilder(javax.ws.rs.core.UriBuilder)
Aggregations
Response (javax.ws.rs.core.Response)1
UriBuilder (javax.ws.rs.core.UriBuilder)1
IdpVerifyAccountLinkActionToken (org.keycloak.authentication.actiontoken.idpverifyemail.IdpVerifyAccountLinkActionToken)1
EmailException (org.keycloak.email.EmailException)1
EmailTemplateProvider (org.keycloak.email.EmailTemplateProvider)1
EventBuilder (org.keycloak.events.EventBuilder)1
RealmModel (org.keycloak.models.RealmModel)1
AuthenticationSessionModel (org.keycloak.sessions.AuthenticationSessionModel)1
