| [alias] | |
| a = add | |
| ap = add -p | |
| amend-all = !git add -A && git commit --amend --no-edit | |
| c = commit --verbose | |
| ca = commit -a --verbose | |
| cm = commit -m | |
| co = checkout | |
| cam = commit -a -m | |
| br = !git branch -av |
| #!/usr/bin/env bash | |
| set -e | |
| # More details at https://bit.ly/3FlOmYd | |
| # Update and set the client_id and client_secrect | |
| client_id=_GET_THIS_FROM_YOUR_APP_GENERALS_SCREEN_ | |
| client_secret=_GET_THIS_FROM_YOUR_APP_GENERALS_SCREEN_ | |
| # Update the Okta root domain url and GUID Authorization Server (NOTE: Okta default is call 'default') |
| # Pre-req's | |
| # - Validate macOS Mojava 10.14.6 | |
| # - pipx (https://pypa.github.io/pipx) - Highly recommended ;) | |
| # - okta-cli (from https://pypi.org/project/okta-cli/ not cli that is more creating the OIDC Apps cli) | |
| # - jq (https://stedolan.github.io/jq/download/ or 'brew install jq') | |
| # | |
| # List DEPROVISION users, every attribute | |
| okta-cli users list --deprovisioned --json | \ | |
| jq '.[]' |
| <script type="text/javascript"> | |
| new OktaSignIn({ | |
| baseUrl: "{{config.okta_org_name}}", | |
| logo: "{{config.settings.app_logo}}", | |
| clientId: "{{config.client_id}}", | |
| redirectUri: "{{config.redirect_uri}}", | |
| i18n: { | |
| en: { | |
| 'primaryauth.title': 'Sign in to {{config.settings.app_name|safe}}' | |
| } |
| # Simple example doing the following: | |
| # a. Adding idp_saml | |
| # b. Adding idp_saml discovery | |
| # c. Adding mock x509 cert, idp_saml_key | |
| # d. Adding profile_mapping | |
| terraform { | |
| required_providers { | |
| okta = { | |
| source = "okta/okta" |
| #!/usr/local/bin/bash | |
| set -o pipefail | |
| # Description: LetsEncypt + AWS Rout53 + Okta intergration. Poor mans Okta Custom Domain URL implementation with Let's Encypt and Route53. | |
| # Requirements: | |
| # - Docker | |
| # - Route53 and AWS account (We need aws_access_key_id/aws_secret_access_key pair) | |
| # - Okta Tenant (We need okta url and domain_id) *Beta Domain API has to be enable | |
| # |
| from functools import wraps | |
| from flask import request, abort, g | |
| import json | |
| import jwt | |
| import requests | |
| from typing import Union, List | |
| from ..config import cache | |
| from ..env import JWT_ISSUER, JWT_CLIENTID, JWT_AUDIENCE | |
| DISCOVERY_URL = "/.well-known/oauth-authorization-server" |
Example workflow assuming you are using git tags to deploy to AWS EBS. Leveraging the following flow with GH Releases:
| #------------------------------------------------------------------------------------------------------------- | |
| # Copyright (c) Microsoft Corporation. All rights reserved. | |
| # Licensed under the MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license information. | |
| #------------------------------------------------------------------------------------------------------------- | |
| FROM openjdk:8-jdk | |
| # This Dockerfile adds a non-root user with sudo access. Use the "remoteUser" | |
| # property in devcontainer.json to use it. On Linux, the container user's GID/UIDs | |
| # will be updated to match your local UID/GID (when using the dockerFile property). |
| # .envrc with direnv | |
| # Desc: | |
| # Environment Variable debugging Terraform. | |
| # Usage: | |
| # cd into_dir_of_terrafrom_project | |
| # mv terraform.envrc .envrc | |
| # | |
| export TF_LOG=TRACE | |
| export TF_LOG=${PWD}/$(date +"%Y%m%d_%H%M$S").crash.logs |
