rkbalgi
/ gist:2b605c86a4d50def73f9aced5619396b
Created
October 3, 2018 04:50
Direct Access Grants (Resource Owner Password Flow) with Spring Boot and Keycloak
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| This gist describes the process of setting up direct grant access (oauth2 resource owner password flow) with keycloak and spring boot. We'll follow the | |
| below steps - | |
| 1. Install keycloak - there are plenty of examples out there (even a docker image) | |
| 2. Create a demo realm and create a client within the demo realm with the settings as - | |
| client-protocol: openid-connect, access-type: confidential, (implicit-flow+direct-access-grant+service-accounts)=enabled | |
| 3. Create 2 roles - developer and admin within the demo realm | |
| 4. Create 2 users - one with developer role and other with admin (Ensure that user is enabled, there are no "Required User Actions" and that the password has been reset (in the credentials tab) | |
rkbalgi
/ keycloak.java
Created
October 6, 2018 11:04
Check permissions of a user in Keycloak with Java API
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AccessTokenResponse token = authzClient | |
| .obtainAccessToken(userName, password); | |
| final AuthorizationRequest authReq = new AuthorizationRequest(); | |
| //checking for a specific permission | |
| authReq.setMetadata(new Metadata()); | |
| authReq.getMetadata().setResponseMode("decision"); | |
| authReq.addPermission("payroll", "write"); | |
| AuthorizationResponse authResponse = null; |
rkbalgi
/ gist:07f39dd1ad45d402058613d28890bb90
Created
October 7, 2018 07:38
Adding a Bind DN in AD LDS (and other useful LDAP related stuff)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| How to add a bind dn on AD LDS | |
| https://proofid.com/blog/blogset-okta-ldap-integration-microsoft-ad-lds/ | |
| (Basically, add a new DN (say cn=admin,cn=service-accounts,dc=example,dc=com), reset password and then add this as a "member" of cn=Readers |
rkbalgi
/ SampleTestSuite.java
Last active
November 30, 2018 15:42
Creating multiple databases before test execution (Junit, SpringBoot)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package com.example; | |
| import java.nio.file.Paths; | |
| import java.sql.SQLException; | |
| import java.util.HashMap; | |
| import java.util.Map; | |
| import java.util.stream.Stream; | |
| import org.h2.tools.Server; | |
| import org.hibernate.jpa.HibernatePersistenceProvider; | |
| import org.junit.BeforeClass; |
rkbalgi
/ gist:605c6b50be0c6b2842d1f4c9667654f2
Created
December 4, 2018 16:05
Create Roles and Permissions with Keycloak
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://lists.jboss.org/pipermail/keycloak-user/2018-March/013417.html | |
| https://github.com/pedroigor/keycloak/tree/1e1de85685bb5d5f180f510630cd7133f8a35375/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization |
rkbalgi
/ gist:183a113e946dd9f8360e774dcf17a3db
Last active
March 2, 2022 19:12
JDBC_PING with keycloak and postgresql on AWS Fargate
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| In your effort of implementing standalone-ha with keycloak postgresql using JDBC_PING you will stumble upon many sites that define | |
| the table structure for jgroupsping and the right one goes like this - | |
| CREATE TABLE IF NOT EXISTS JGROUPSPING ( | |
| own_addr varchar(200) NOT NULL, | |
| cluster_name varchar(200) NOT NULL, | |
| ping_data BYTEA, | |
| constraint PK_JGROUPSPING PRIMARY KEY (own_addr, cluster_name) | |
| ); |
rkbalgi
/ AppConfig.java
Last active
December 28, 2018 17:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @Configuration | |
| public class AppConfig{ | |
| @Bean | |
| public KeycloakConfigResolver KeycloakConfigResolver(KeycloakSpringBootProperties props) { | |
| return new SimpleKcConfigResolver(props); | |
| } | |
rkbalgi
/ DateTimeConversionWithTz.java
Last active
December 28, 2018 04:22
Dealing with TimeZone in Java8 and/with Postgresql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import static java.time.temporal.ChronoField.HOUR_OF_DAY; | |
| import static java.time.temporal.ChronoField.MINUTE_OF_HOUR; | |
| import static java.time.temporal.ChronoField.SECOND_OF_MINUTE; | |
| import java.sql.Connection; | |
| import java.sql.DriverManager; | |
| import java.sql.PreparedStatement; | |
| import java.sql.ResultSet; | |
| import java.sql.SQLException; | |
| import java.sql.Timestamp; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <plugin> | |
| <groupId>com.github.kongchen</groupId> | |
| <artifactId>swagger-maven-plugin</artifactId> | |
| <configuration> | |
| <apiSources> | |
| <apiSource> | |
| <springmvc>true</springmvc> | |
| <locations> | |
| <location>com.example.resources.DemoResource</location> |
rkbalgi
/ gist:11cc334798d6d9428cd07de695005ba3
Created
February 23, 2019 17:45
Replace ID's in keycloak realm export JSON file (clone realm)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://github.com/rkbalgi/keycloak-cli/blob/master/src/main/java/com/github/rkbalgi/apps/keycloak/IdReplacer.java |
OlderNewer