diff --git a/src/main/java/fr/cnieg/keycloak/providers/login/attribute/authenticator/AttributeUsernamePasswordForm.java b/src/main/java/fr/cnieg/keycloak/providers/login/attribute/authenticator/AttributeUsernamePasswordForm.java index 9fe5d5c..be06c0d 100644 --- a/src/main/java/fr/cnieg/keycloak/providers/login/attribute/authenticator/AttributeUsernamePasswordForm.java +++ b/src/main/java/fr/cnieg/keycloak/providers/login/attribute/authenticator/AttributeUsernamePasswordForm.java @@ -10,6 +10,7 @@ import org.keycloak.authentication.authenticators.browser.UsernamePasswordForm; import org.keycloak.events.Details; import org.keycloak.events.Errors; +import org.keycloak.models.KeycloakSession; import org.keycloak.models.AuthenticatorConfigModel; import org.keycloak.models.ModelDuplicateException; import org.keycloak.models.UserModel; @@ -41,6 +42,14 @@ public class AttributeUsernamePasswordForm extends UsernamePasswordForm implemen */ public static final String AUTHORIZE_ANY_PASSWORD = "authorize.any.password"; + public AttributeUsernamePasswordForm() { + super(); + } + + public AttributeUsernamePasswordForm(KeycloakSession session) { + super(session); + } + private UserModel getUserByAttribute(AuthenticationFlowContext context, String userName) { return getUserModel(context, userName, ATTRIBUTE_KEY, ATTRIBUTE_REGEX); } diff --git a/src/main/java/fr/cnieg/keycloak/providers/login/attribute/authenticator/AttributeUsernamePasswordFormFactory.java b/src/main/java/fr/cnieg/keycloak/providers/login/attribute/authenticator/AttributeUsernamePasswordFormFactory.java index 5c0b7b8..97b87c8 100644 --- a/src/main/java/fr/cnieg/keycloak/providers/login/attribute/authenticator/AttributeUsernamePasswordFormFactory.java +++ b/src/main/java/fr/cnieg/keycloak/providers/login/attribute/authenticator/AttributeUsernamePasswordFormFactory.java @@ -7,10 +7,14 @@ import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSessionFactory; import org.keycloak.models.credential.PasswordCredentialModel; +import org.keycloak.models.credential.WebAuthnCredentialModel; import org.keycloak.provider.ProviderConfigProperty; +import org.keycloak.authentication.authenticators.browser.WebAuthnConditionalUIAuthenticator; import java.util.ArrayList; +import java.util.Collections; import java.util.List; +import java.util.Set; /** * Form factory for Attribute Username Password @@ -21,10 +25,6 @@ public class AttributeUsernamePasswordFormFactory implements AuthenticatorFactor * Provider Id */ public static final String PROVIDER_ID = "attribute-username-password-form"; - /** - * Singleton instance - */ - public static final AttributeUsernamePasswordForm SINGLETON = new AttributeUsernamePasswordForm(); /** * @param session keycloak user session @@ -32,7 +32,7 @@ public class AttributeUsernamePasswordFormFactory implements AuthenticatorFactor */ @Override public Authenticator create(KeycloakSession session) { - return SINGLETON; + return new AttributeUsernamePasswordForm(session); } /** @@ -75,6 +75,13 @@ public String getReferenceCategory() { return PasswordCredentialModel.TYPE; } + @Override + public Set getOptionalReferenceCategories(KeycloakSession session) { + return WebAuthnConditionalUIAuthenticator.isPasskeysEnabled(session) + ? Collections.singleton(WebAuthnCredentialModel.TYPE_PASSWORDLESS) + : AuthenticatorFactory.super.getOptionalReferenceCategories(session); + } + /** * @return configurable provider */