How to update a custom field when TOTP is set to True?

maicondmenezes · August 2, 2024, 7:57pm

Hi everyone,

I am trying to update a custom user attribute whenever TOTP is enabled for a user. Specifically, I want to update a field called ‘custom_2fa_status’ to ‘ACTIVATED’ when the TOTP field is set to True. Here is my current implementation for Keycloak 24.0.2 Version:

package com.custom.keycloak;

import org.keycloak.events.Event;
import org.keycloak.events.EventType;
import org.keycloak.events.jpa.JpaEventStoreProvider;
import org.keycloak.events.admin.AdminEvent;
import org.keycloak.models.KeycloakSession;
import org.jboss.logging.Logger;
import jakarta.persistence.EntityManager;

public class CustomJpaEventListenerProvider extends JpaEventStoreProvider {

    private static final Logger LOG = Logger.getLogger(CustomJpaEventListenerProvider.class);

    public CustomJpaEventListenerProvider(KeycloakSession session, EntityManager em) {
        super(session, em);
    }

    @Override
    public void onEvent(Event event) {
        super.onEvent(event);

        if (event.getType() == EventType.UPDATE_PROFILE) {
            String userId = event.getUserId();
            String clientId = event.getClientId();
            String realmId = event.getRealmId();
            LOG.infof("User Event: User %s updated profile in realm %s with client %s", userId, realmId, clientId);
            LOG.infof("Event Type: %s", event.getType());
        }
    }

    @Override
    public void onEvent(AdminEvent adminEvent, boolean includeRepresentation) {
        super.onEvent(adminEvent, includeRepresentation);

        if (adminEvent.getOperationType() == OperationType.UPDATE) {
            String userId = adminEvent.getAuthDetails().getUserId();
            String clientId = adminEvent.getAuthDetails().getClientId();
            String realmId = adminEvent.getRealmId();
            LOG.infof("Admin Event: User %s updated something in realm %s with client %s", userId, realmId, clientId);
            LOG.infof("Operation Type: %s", adminEvent.getOperationType());
        }
    }
}

Despite this implementation, I am not receiving any logs, and I suspect that something might be wrong. I need to specifically check when TOTP is enabled and then update my custom attribute ‘custom_2fa_status’ to ‘ACTIVATED’. How can I achieve this?

Thank you for your assistance!

lamoboos223 · August 3, 2024, 12:49am

When does the totp happen? At login?

maicondmenezes · August 5, 2024, 11:03am

Hi there,
I think there is when the totp activation is done when user scan qrcode in totp form for the first time

bpedersen2 · August 5, 2024, 3:17pm

Do you really needs this, or do you actually want ACR/LoA or AMR type infos in the tokens?

Topic		Replies	Views
Two-factor authentication Rest API Extending the server authentication	6	5594	November 15, 2024
See if OTP is configured	1	361	March 15, 2022
UPDATE_PROFILE event in details do not handle with attributes of user on production	0	362	November 16, 2021
Custom Mapper: Inclusion in Access Token not working until Profile Updated Getting advice	1	1719	March 18, 2022
Condition match header/form to user attribute Getting advice	2	126	May 12, 2024

How to update a custom field when TOTP is set to True?

Related topics