-
Notifications
You must be signed in to change notification settings - Fork 150
Redirecting to third party in Person Authentication Script
maduvena edited this page Feb 2, 2022
·
6 revisions
Developer notes: Redirecting to a third-party application and back from a Person authentication custom script.
In many cases of user authentication ( and also consent gathering) there might be a need to redirect to a third party application to perform some operation and return the control back to authentication steps of the custom script. Please apply these steps to a person authentication script in such a scenario.
- Return from
def getPageForStep(self, step, context), a page/auth/method_name/redirect.html; with content similar to the code snippet below -
def getPageForStep(self, step, context):
return "/auth/method_name/redirect.html"
Contents of redirect.xhtml should take the flow to prepareForStep method
...
<f:metadata>
<f:viewAction action="#{authenticator.prepareForStep}" if="#{not identity.loggedIn}" />
</f:metadata>
- In method
prepareForStepprepare data needed for redirect and perform the redirection to the external service.
def prepareForStep(self, step, context):
.....
facesService = CdiUtil.bean(FacesService)
facesService.redirectToExternalURL(third_party_URL )
return True
- In order to resume flow after the redirection we have to invoke a similar URL
https://my.gluu.server/postlogin.htm?param=123from the third party app which takes the flow back to the authenticate method of the custom script. So create an xhtml pagepostlogin.xhtmlwhich will look like this :
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:f="http://xmlns.jcp.org/jsf/core">
<f:view transient="true" contentType="text/html">
<f:metadata>
<f:viewAction action="#{authenticator.authenticateWithOutcome}" />
</f:metadata>
</f:view>
</html>
- The
<f:viewAction action="#{authenticator.authenticate}" />in step 3 takes us to thedef authenticate(self, configurationAttributes, requestParameters, step):. Here you can use parameters from request (param = ServerUtil.getFirstValue(requestParameters, "param-name")) , perform the state check and finally, return false / true from this method.