英文:
How to bypass username/password authentication with mobile/OTP for Keycloak
问题
如何使用手机号码/通过短信发送的OTP绕过Keycloak的用户名/密码认证
英文:
How to bypass username/password authentication with mobile number/OTP (sent via SMS) for Keycloak
答案1
得分: 1
你需要实现自定义身份验证流程(请参见管理员控制台 -> 身份验证 -> 流程)。您的流程应包括两个分支:一个用于登录/密码,第二个用于短信/一次性密码。对于每个子流程,您应实现带有条件要求的专用身份验证器 SPI。从客户端,您的应用程序应提供一些数据(例如附加的 HTTP 参数),这些数据将由条件身份验证器使用,以便决定通过身份验证流程的路由。
附注:我不熟悉最新的 Keycloak 版本,也许已经存在一些适用于您目标的工具。
英文:
You have to implement custom authentication flow (see Admin Console -> Authentication -> Flows). Your flow should include two branches: one for login/password, and second for SMS/OTP. For every subflow you should implement dedicated Authenticator SPI with Conditional requirement. From client side your applications should supply some data (e.g. additional http param) that will be used by Conditional Authenticators to make a decision about routing through authentication flow.
Detailed guideline for authentication flow development
Authenticator development docs
P.S. I'm not familiar with latest keycloak version, maybe there are already exists some facilities for your goal.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论