public static void addMainSecretToUserSession(UserSecretAdapter userSecretStorage, AuthenticationFlowContext context, UserModel user, UserCredentialModel credentialModel ){ String userSecret = userSecretStorage.retrieveMainSecret(context.getRealm(), user, credentialModel); // copy notes into the user session // Hint: it might have been interesting to distinguish between the different type of notes // that can be returned by a user storage provider like: // - UserSesionNote // - AuthNote // - ClientNote // Hint: even roles could be transported using these notes. Object scope = credentialModel.getNote(Constants.CUSTOM_SCOPE_NOTE_KEY); if (userSecret != null) { context.getAuthenticationSession().setUserSessionNote(UserSecretAdapter.USER_MAIN_SECRET_NOTE_KEY,userSecret); } if(scope!=null){ context.getAuthenticationSession().setUserSessionNote(UserSecretAdapter.AUTH_SESSION_SCOPE_NOTE_KEY,scope.toString()); } } }