This is a spike repository for examining keycloak authenticator.
- keycloak/secretword-checkapi-caller-authenticator
- This is a plugin for keycloak that works as an Authentication SPI which extends keycloak's UsernamePasswordForm. It asking for a secret word in addition to username and password, and sends the secret word to the secretword_checker api. If an error is returned from the api, the user's authentication fails.
- relying_party
- This is a sample Relying Party that requests an authentication to keycloak by using OpenID Connect.
- secretword_checker
- This provides a REST API to validate the secret words.
docker-compose builddocker-compose up- access http://localhost:3000 to start index page of sample relying party
- log in to sample site by using below parameters:
- username: testuser
- password: passwd
- secretword: checkapi
Copyright (c) 2023 Nobuyuki Matsui