I need to customize the reset credentials flow, by intercepting the password and OTP authentication. I made a few tests extending org.keycloak.authentication.authenticators.resetcred.ResetOTP and org.keycloak.authentication.authenticators.resetcred.ResetPassword, but in neither case the debug stopped, and I can't find in the documentation the implementation for this actions.
Does anybody knows which classes are being used?
Finally, I found my own way: the class that updates the password in the Reset credentials flow is org.keycloak.authentication.requiredactions.UpdatePassword and the class that validates the TOTP is org.keycloak.authentication.requiredactions.UpdateTotp. So, I just created a custom class that extends each one, redefined the method void processAction(RequiredActionContext context) (executing by the end super.processAction(context) to let Keycloak do its magic), and finally registered both customizations in a new file, named org.keycloak.authentication.RequiredActionFactory and located in the META-INF/services folder.