Send custom value as query param in social media login and get value in first broker login flow. embedded keycloak with spring boot

lakshanamal · July 14, 2022, 4:38am

Business Requirement: " In our software product, we can create organizations, organization admin can send the invitation to the non-registered user to join the organization using their email, After the invitation is received non-registered can click the invitation and redirect to our register page with the invitation token (invitation token include email, invited organization id, and some metadata). Then non-registered users as two options.

Normal register flow – we handled, after registering, using token invitation details, the user automatically assigned to the invited organization.
Sign-up with social media – not handled "

I try to attach the invitation token as a query param to the google endpoint

https://xxxxx/com/xventure/auth/realms/Xventure/broker/google/login?client_id=xapi-dev&tab_id=6mkiZyMScaE&session_code=U90AHLxSsMpw8jAbLJgx-u9KwkYbn-8kwAJq0O-scyc& token=xxxxxxxxxxx

and it captures using a filter

else if (pathMatcher.match("/**/google/login", pathInfo)) {
        String token = StringUtils.EMPTY;
        Map<String, String[]> parameterMap = wrappedRequest.getParameterMap();
        if (parameterMap.containsKey("token")) {
            token = parameterMap.get("token")[0];
        }
        requestAttributes.setAttribute("token", token, RequestAttributes.SCOPE_REQUEST);
    }

then override the GoogleIdentityProvider and set the token to the state variable as postfix

 protected UriBuilder createAuthorizationUrl(AuthenticationRequest request) {
    UriBuilder url = super.createAuthorizationUrl(request);
    RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
    if (requestAttributes != null) {
        String token = (String) requestAttributes.getAttribute("token", RequestAttributes.SCOPE_REQUEST);
        if(token != null){
            url.replaceQueryParam("state", request.getState().getEncoded()+"."+token);
        }
    }
    return url;
}

after I can capture the token from state.

else if (pathMatcher.match("/**/google/endpoint", pathInfo)) {
        if (request.getParameterMap().containsKey("state")) {
            String value = request.getParameterMap().get("state")[0];
            String token= Strings.EMPTY;
            Pattern DOT = Pattern.compile("\\.");
            String[] decoded = DOT.split(value, 4);
            token = decoded.length > 3 ? decoded[3] : null;

            requestAttributes.setAttribute("token", token, RequestAttributes.SCOPE_REQUEST);
            FilterRequest filteredRequest = new FilterRequest(request);
            filterChain.doFilter(filteredRequest, response);
        }
    }

but I couldn’t it send to the first-broker-login flow. I tried some class override but not working. I don’t know what is the right class need to override. can you suggest any solution?

Or Can you suggest any solution for the archive this business requirement?

Topic		Replies	Views
I want to have an invite based Social Sign Login Getting advice authentication , identity-brokering , oidc	1	423	December 19, 2021
Need to bypass keycloak login page for social login Getting advice admin-console , authentication , identity-brokering , saml	4	739	February 18, 2024
Redirect to my service after google signIn Getting advice authentication , identity-brokering , oidc	1	1406	August 21, 2024
I created my custom theme in keycloak for login it works fine but when i add google button so that user can able to login with google also then it not work authentication , oidc	1	61	October 23, 2024
User registration using invite link Getting advice authentication	6	206	October 3, 2025

Send custom value as query param in social media login and get value in first broker login flow. embedded keycloak with spring boot

Related topics