Skip to content

Instantly share code, notes, and snippets.

🏠
Working from home

Thomas Darimont thomasdarimont

🏠
Working from home
View GitHub Profile
@thomasdarimont
thomasdarimont / readme.md
Last active Jul 3, 2020
Example for decoding a JWT Payload with your Shell (bash, zsh...)
View readme.md

Setup

Add this to your .profile, .bashrc, .zshrc...

decode_base64_url() {
  local len=$((${#1} % 4))
  local result="$1"
  if [ $len -eq 2 ]; then result="$1"'=='
  elif [ $len -eq 3 ]; then result="$1"'=' 
  fi
  echo "$result" | tr '_-' '/+' | openssl enc -d -base64
@thomasdarimont
thomasdarimont / KeycloakAdminClientExample.java
Last active Jun 30, 2020
Using Keycloak Admin Client to create user with roles (Realm and Client level)
View KeycloakAdminClientExample.java
package demo.plain;
import org.keycloak.OAuth2Constants;
import org.keycloak.admin.client.CreatedResponseUtil;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.KeycloakBuilder;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.admin.client.resource.UserResource;
import org.keycloak.admin.client.resource.UsersResource;
import org.keycloak.representations.idm.ClientRepresentation;
@thomasdarimont
thomasdarimont / docker-compose.yml
Created Jan 25, 2019
Docker OpenLDAP + phpldapadmin example
View docker-compose.yml
version: '2'
services:
openldap:
image: osixia/openldap:1.2.3
container_name: openldap
environment:
LDAP_LOG_LEVEL: "256"
LDAP_ORGANISATION: "Example Inc."
LDAP_DOMAIN: "example.org"
LDAP_BASE_DN: ""
@thomasdarimont
thomasdarimont / Main.java
Created Jun 26, 2020
Embedded Keycloak Spring Boot Starter example
View Main.java
package demo;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.liquibase.LiquibaseAutoConfiguration;
@SpringBootApplication(exclude = LiquibaseAutoConfiguration.class)
public class Main {
public static void main(String[] args) {
@thomasdarimont
thomasdarimont / DynamicIdpRedirectAuthenticator.java
Last active Jun 22, 2020
DynamicIdpRedirectAuthenticator with configurable fallback
View DynamicIdpRedirectAuthenticator.java
package com.github.thomasdarimont.keycloak.auth.dynamicidp;
import lombok.extern.jbosslog.JBossLog;
import org.keycloak.OAuth2Constants;
import org.keycloak.authentication.AuthenticationFlowContext;
import org.keycloak.authentication.AuthenticationFlowError;
import org.keycloak.authentication.Authenticator;
import org.keycloak.constants.AdapterConstants;
import org.keycloak.events.Errors;
import org.keycloak.models.AuthenticatorConfigModel;
@thomasdarimont
thomasdarimont / ConditionalOtpFormAuthenticator.java
Last active Jun 21, 2020
Keycloak Conditional OTP Step-by-Step
View ConditionalOtpFormAuthenticator.java
package org.keycloak.authentication.authenticators.browser;
import org.keycloak.authentication.AuthenticationFlowContext;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserModel;
import javax.ws.rs.core.MultivaluedMap;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;
@thomasdarimont
thomasdarimont / App.java
Created Nov 6, 2018
Simple Spring Boot App protected by Keycloak with initial roles from Keycloak and additional hierarchical app Internal roles. Supports fine grained permission checks, where the permissions are derived from roles.
View App.java
package demo;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.List;
@thomasdarimont
thomasdarimont / KeycloakClientAuthExample.java
Last active Jun 16, 2020
Retrieve and verify AccessToken with Keycloak Client.
View KeycloakClientAuthExample.java
package de.tdlabs.keycloak.client;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.keycloak.OAuth2Constants;
import org.keycloak.RSATokenVerifier;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.KeycloakBuilder;
import org.keycloak.common.VerificationException;
import org.keycloak.jose.jws.JWSHeader;
import org.keycloak.representations.AccessToken;
@thomasdarimont
thomasdarimont / keycloak_db_overview_4.0.0.CR1-SNAPSHOT.svg
Created Jan 7, 2018
Keycloak Database Overview 4.0.0.CR1-SNAPSHOT (06bb6f00e5)
View keycloak_db_overview_4.0.0.CR1-SNAPSHOT.svg
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
View KeycloakAdminClientExample.java
package de.tdlabs.training.keycloak;
import static java.util.Arrays.asList;
import javax.ws.rs.core.Response;
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.KeycloakBuilder;
import org.keycloak.representations.idm.CredentialRepresentation;
You can’t perform that action at this time.