Raghavendra Balgi rkbalgi

## AppConfig.java
@Configuration
public class AppConfig{


  @Bean
  public KeycloakConfigResolver KeycloakConfigResolver(KeycloakSpringBootProperties props) {
    return new SimpleKcConfigResolver(props);
  }


## gist:183a113e946dd9f8360e774dcf17a3db
In your effort of implementing standalone-ha with keycloak postgresql using JDBC_PING you will stumble upon many sites that define
the table structure for jgroupsping and the right one goes like this -

CREATE TABLE IF NOT EXISTS JGROUPSPING (
                   own_addr varchar(200) NOT NULL,
                   cluster_name varchar(200) NOT NULL,
                   ping_data BYTEA,
                   constraint PK_JGROUPSPING PRIMARY KEY (own_addr, cluster_name)
                   );

## gist:605c6b50be0c6b2842d1f4c9667654f2
http://lists.jboss.org/pipermail/keycloak-user/2018-March/013417.html
https://github.com/pedroigor/keycloak/tree/1e1de85685bb5d5f180f510630cd7133f8a35375/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization

## SampleTestSuite.java
package com.example;

import java.nio.file.Paths;
import java.sql.SQLException;
import java.util.HashMap;
import java.util.Map;
import java.util.stream.Stream;
import org.h2.tools.Server;
import org.hibernate.jpa.HibernatePersistenceProvider;
import org.junit.BeforeClass;

## gist:07f39dd1ad45d402058613d28890bb90
How to add a bind dn on AD LDS

https://proofid.com/blog/blogset-okta-ldap-integration-microsoft-ad-lds/
(Basically, add a new DN (say cn=admin,cn=service-accounts,dc=example,dc=com), reset password and then add this as a "member" of cn=Readers

## keycloak.java
    AccessTokenResponse token = authzClient
        .obtainAccessToken(userName, password);

    final AuthorizationRequest authReq = new AuthorizationRequest();
    //checking for a specific permission
    authReq.setMetadata(new Metadata());
    authReq.getMetadata().setResponseMode("decision");
    authReq.addPermission("payroll", "write");

    AuthorizationResponse authResponse = null;

## gist:2b605c86a4d50def73f9aced5619396b
This gist describes the process of setting up direct grant access  (oauth2 resource owner password flow) with keycloak and spring boot. We'll follow the
below steps -

1. Install keycloak - there are plenty of examples out there (even a  docker image)
2. Create a demo realm and create a client within the demo realm with the settings as -
    client-protocol: openid-connect, access-type: confidential, (implicit-flow+direct-access-grant+service-accounts)=enabled
3. Create 2 roles - developer and admin within the demo realm
4. Create 2 users - one with developer role and other with admin (Ensure that user is enabled, there are no "Required User Actions" and that the password has been reset (in the credentials tab)
	@Configuration
	public class AppConfig{


	@Bean
	public KeycloakConfigResolver KeycloakConfigResolver(KeycloakSpringBootProperties props) {
	return new SimpleKcConfigResolver(props);
	}
	In your effort of implementing standalone-ha with keycloak postgresql using JDBC_PING you will stumble upon many sites that define
	the table structure for jgroupsping and the right one goes like this -

	CREATE TABLE IF NOT EXISTS JGROUPSPING (
	own_addr varchar(200) NOT NULL,
	cluster_name varchar(200) NOT NULL,
	ping_data BYTEA,
	constraint PK_JGROUPSPING PRIMARY KEY (own_addr, cluster_name)
	);
	http://lists.jboss.org/pipermail/keycloak-user/2018-March/013417.html
	https://github.com/pedroigor/keycloak/tree/1e1de85685bb5d5f180f510630cd7133f8a35375/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization
	package com.example;

	import java.nio.file.Paths;
	import java.sql.SQLException;
	import java.util.HashMap;
	import java.util.Map;
	import java.util.stream.Stream;
	import org.h2.tools.Server;
	import org.hibernate.jpa.HibernatePersistenceProvider;
	import org.junit.BeforeClass;
	How to add a bind dn on AD LDS

	https://proofid.com/blog/blogset-okta-ldap-integration-microsoft-ad-lds/
	(Basically, add a new DN (say cn=admin,cn=service-accounts,dc=example,dc=com), reset password and then add this as a "member" of cn=Readers
	AccessTokenResponse token = authzClient
	.obtainAccessToken(userName, password);

	final AuthorizationRequest authReq = new AuthorizationRequest();
	//checking for a specific permission
	authReq.setMetadata(new Metadata());
	authReq.getMetadata().setResponseMode("decision");
	authReq.addPermission("payroll", "write");

	AuthorizationResponse authResponse = null;
	This gist describes the process of setting up direct grant access (oauth2 resource owner password flow) with keycloak and spring boot. We'll follow the
	below steps -

	1. Install keycloak - there are plenty of examples out there (even a docker image)
	2. Create a demo realm and create a client within the demo realm with the settings as -
	client-protocol: openid-connect, access-type: confidential, (implicit-flow+direct-access-grant+service-accounts)=enabled
	3. Create 2 roles - developer and admin within the demo realm
	4. Create 2 users - one with developer role and other with admin (Ensure that user is enabled, there are no "Required User Actions" and that the password has been reset (in the credentials tab)