{"id":22268137,"url":"https://github.com/curityio/identity-picker","last_synced_at":"2025-07-28T12:31:03.614Z","repository":{"id":42672361,"uuid":"374994596","full_name":"curityio/identity-picker","owner":"curityio","description":"An authentication action that lists roles for a user to to choose from.","archived":false,"fork":false,"pushed_at":"2023-05-09T17:03:23.000Z","size":41,"stargazers_count":2,"open_issues_count":0,"forks_count":2,"subscribers_count":5,"default_branch":"master","last_synced_at":"2024-05-03T11:03:45.497Z","etag":null,"topics":["authentication-action","identity-picker","plugin"],"latest_commit_sha":null,"homepage":"","language":"Kotlin","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/curityio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-06-08T12:05:25.000Z","updated_at":"2023-04-27T09:16:28.000Z","dependencies_parsed_at":"2023-01-31T03:00:28.057Z","dependency_job_id":null,"html_url":"https://github.com/curityio/identity-picker","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fidentity-picker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fidentity-picker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fidentity-picker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fidentity-picker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/curityio","download_url":"https://codeload.github.com/curityio/identity-picker/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":227905532,"owners_count":17837906,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication-action","identity-picker","plugin"],"created_at":"2024-12-03T11:11:41.138Z","updated_at":"2024-12-03T11:11:42.101Z","avatar_url":"https://github.com/curityio.png","language":"Kotlin","funding_links":[],"categories":[],"sub_categories":[],"readme":"# IdentityPicker Authentication Action Plugin\n\n[![Quality](https://img.shields.io/badge/quality-demo-red)](https://curity.io/resources/code-examples/status/)\n[![Availability](https://img.shields.io/badge/availability-source-blue)](https://curity.io/resources/code-examples/status/)\n\n\nA custom, Kotlin-based authentication action plugin for the Curity Identity Server. This plugin expects an attribute in the authentication attributes that contain a list of accounts that the user can select to act as.\n\nThe selected identity replaces all the attributes found on the authentication attributes, with the one from the selected account.\n\nExample attributes in subject attributes:\n\n```javascript\nidentities: [{\n        user_id: \"user1\",\n        account_id: \"id1\",\n        subdomain: \"sub1\"\n     },\n     {\n        user_id: \"user2\",\n        account_id: \"id2\",\n        subdomain: \"sub2\"\n     },\n     {\n        user_id: \"user3\",\n        account_id: \"id3\",\n        subdomain: \"sub3\"\n}]\n```\n\nIf a single identity is found in the list, it will be used automatically without asking the user.\n\n## Configuration\n\nThe plugin has two optional configuration settings\n* `display-name-attribute` - The attribute to display for the user as the identifier of the account. I.e. configuring `user_id` would display three buttons for the user with the text `user1`, `user2` and `user3`. If a combination of attributes is wanted, this can be accomplished by combining them in the template, or by the HAAPI client.\n* `identity-list-attribute` - The attribute where the list of identities are found in the subject attributes. \n\n## Testing\n\nThe repository has a [test config](src/test/resources/config/test-config.xml), that sets up a Username authenticator with actions setting up the example list of identities to easily deploy for testing.   \n\n\n## HAAPI\n\nThe HAAPI representation of the selection screen will give the full identity object as form properties, so that the client may choose to alter the way the choices are visualized, same way the templates allow for.\n\n```JSON\n{\n  \"metadata\": {\n    \"viewName\": \"authentication-action/identity-picker/index\"\n  },\n  \"type\": \"authentication-step\",\n  \"actions\": [\n    {\n      \"template\": \"selector\",\n      \"kind\": \"authenticator-selector\",\n      \"title\": \"Your username is associated with the following accounts. To continue login, select one of the accounts listed below.\",\n      \"model\": {\n        \"options\": [\n          {\n            \"template\": \"form\",\n            \"kind\": \"select-account\",\n            \"title\": \"user1\",\n            \"properties\": {\n              \"user_id\": \"user1\",\n              \"account_id\": \"id1\",\n              \"subdomain\": \"sub1\"\n            },\n            \"model\": {\n              \"href\": \"/dev/authn/authenticate/_action/pick-identity\",\n              \"method\": \"POST\",\n              \"fields\": [\n                {\n                  \"name\": \"identity-index\",\n                  \"type\": \"hidden\",\n                  \"value\": \"0\"\n                }\n              ]\n            }\n          },\n          {\n            \"template\": \"form\",\n            \"kind\": \"select-account\",\n            \"title\": \"user2\",\n            \"properties\": {\n              \"user_id\": \"user2\",\n              \"account_id\": \"id2\",\n              \"subdomain\": \"sub2\"\n            },\n            \"model\": {\n              \"href\": \"/dev/authn/authenticate/_action/pick-identity\",\n              \"method\": \"POST\",\n              \"fields\": [\n                {\n                  \"name\": \"identity-index\",\n                  \"type\": \"hidden\",\n                  \"value\": \"1\"\n                }\n              ]\n            }\n          },\n          {\n            \"template\": \"form\",\n            \"kind\": \"select-account\",\n            \"title\": \"user3\",\n            \"properties\": {\n              \"user_id\": \"user3\",\n              \"account_id\": \"id3\",\n              \"subdomain\": \"sub3\"\n            },\n            \"model\": {\n              \"href\": \"/dev/authn/authenticate/_action/pick-identity\",\n              \"method\": \"POST\",\n              \"fields\": [\n                {\n                  \"name\": \"identity-index\",\n                  \"type\": \"hidden\",\n                  \"value\": \"2\"\n                }\n              ]\n            }\n          }\n        ]\n      }\n    }\n  ]\n}\n```\n## Template customization\n\nThe default templates list the `user_id` field of the identities as a list.\n\nTo change what the user sees, copy the [template](https://github.com/curityio/identity-picker/blob/master/src/main/resources/templates/authentication-action/identity-picker/index.vm) into `${IDSVR_HOME}/usr/share/teplates/overrides/authentication-action/identity-picker`.\n\nAll attributes in will be available on the `$_identities` variable. To list them for dev purposes, add:\n\n```html\n\u003cpre\u003e\n#foreach ($identity in $_identities.values())\n    $identity\n#end\n\u003c/pre\u003e\n```\n\n## Building the Plugin\n\nYou can build the plugin by issuing the command `mvn package`. This will produce a JAR file in the `target` directory,\nwhich can be installed.\n\n## Installing the Plugin\n\nTo install the plugin, copy the compiled JAR (and all of its dependencies) into the `${IDSVR_HOME}/usr/share/plugins/${pluginGroup}`\non each node, including the admin node. For more information about installing plugins, refer to the [curity.io/plugins][https://support.curity.io/docs/latest/developer-guide/plugins/index.html#plugin-installation].\n\n## Required Dependencies\n\nFor a list of the dependencies and their versions, run `mvn dependency:list`. Ensure that all of these are installed in\nthe plugin group; otherwise, they will not be accessible to this plug-in and run-time errors will result.\n\n## More Information\n\nPlease visit [curity.io] for more information about the Curity Identity Server.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Fidentity-picker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcurityio%2Fidentity-picker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Fidentity-picker/lists"}