| $Script = [System.IO.Path]::GetTempFileName() | |
| (New-Object System.Net.WebClient).DownloadFile("https://path/to/your/script.ps1", $Script) | |
| Get-Content $Script | clip.exe | |
| # right click to run |
| # Get settings to enter on the Identity Provider (IdP) to allow authentication to Service Provider (SP) | |
| function Get-IdP-Settings-From-SP($Metadata) { | |
| [xml]$SPMetadata = $Metadata | |
| $SPAssertionConsumerServiceURL = $SPMetadata.EntityDescriptor.SPSSODescriptor.AssertionConsumerService | | |
| ? {$_.Binding -eq "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"} | | |
| % {$_.Location} | |
| $SPIssuerURI = $SPMetadata.EntityDescriptor.entityID | |
| $SPSignatureCertificate = $SPMetadata.EntityDescriptor.SPSSODescriptor.KeyDescriptor | | |
| ? {$_.use -eq "signing"} | | |
| Select-Object -Last 1 | |
| #!/bin/bash | |
| harFile="${1:=NetworkData.xml}" | |
| cat "${harFile}" | | |
| jq --raw-output --from-file har-to-SAMLResponse.jq | # get URL encoded SAMLResponse | |
| while read; do echo -e ${REPLY//%/\\x}; done | # decode to Base64 SAMLResponse | |
| base64 --decode # decode to XML SAMLResponse |
| #!/bin/bash | |
| logGroupName=$1 | |
| logStreamPrefix=$2 | |
| aws --profile prod logs describe-log-streams \ | |
| --log-group-name ${logGroupName} \ | |
| --log-stream-name-prefix ${logStreamPrefix} | | |
| jq --raw-output '.logStreams |= | |
| sort_by(.lastEventTimestamp) | | |
| .logStreams[-1].logStreamName' |
Akamai Dynamic Site Delivery supports the use of variables and operations in its configurations that allows for a great deal more flexibility than you might imagine. A great example of this is introducing a form of request signing to make up for the lack of mutual TLS between the CDN and the origin servers.
| import javax.xml.bind.DatatypeConverter; | |
| import java.io.FileInputStream; | |
| import java.io.FileNotFoundException; | |
| import java.security.MessageDigest; | |
| import java.security.NoSuchAlgorithmException; | |
| import java.security.cert.CertificateEncodingException; | |
| import java.security.cert.CertificateException; | |
| import java.security.cert.CertificateFactory; | |
| import java.security.cert.X509Certificate; |
The examples that were here are now part of Haskell Stack project here: https://github.com/AlainODea-haskell/zeromq-experiments
PR is merged :) Just use the examples in the czmq repo: https://github.com/zeromq/czmq/tree/master/examples/security
| execve("/usr/bin/bash", 0x08047210, 0x0804721C) argc = 2 | |
| sysinfo(SI_MACHINE, "i86pc", 257) = 6 | |
| mmap(0x00000000, 32, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_ANON, -1, 0) = 0xFEFA0000 | |
| mmap(0x00000000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANON, -1, 0) = 0xFEF90000 | |
| mmap(0x00000000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANON, -1, 0) = 0xFEF80000 | |
| mmap(0x00000000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_ANON, -1, 0) = 0xFEF70000 | |
| memcntl(0xFEFB5000, 49700, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0 | |
| memcntl(0x08050000, 148876, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0 | |
| resolvepath("/usr/lib/ld.so.1", "/lib/ld.so.1", 1023) = 12 | |
| resolvepath("/usr/bin/bash", "/usr/bin/bash", 1023) = 13 |
An example with minimal dependencies is a loopback within an Okta Org.
Say you want to get to the admin interface of an Org. It's at:
/home/admin-entry
URL encoded (what you need for RelayState) that is: