Skip to content

Instantly share code, notes, and snippets.

Working from home

Thomas Darimont thomasdarimont

Working from home
View GitHub Profile
thomasdarimont /
Last active Oct 21, 2020
Example for decoding a JWT Payload with your Shell (bash, zsh...)


Add this to your .profile, .bashrc, .zshrc...

decode_base64_url() {
  local len=$((${#1} % 4))
  local result="$1"
  if [ $len -eq 2 ]; then result="$1"'=='
  elif [ $len -eq 3 ]; then result="$1"'=' 
  echo "$result" | tr '_-' '/+' | openssl enc -d -base64
thomasdarimont / AesCipher.php
Last active Oct 20, 2020
Example for 128bit AES with Java and PHP
View AesCipher.php
class AesCipher {
private const OPENSSL_CIPHER_NAME = "aes-128-cbc";
private const CIPHER_KEY_LEN = 16; //128 bits
private static function fixKey($key) {
if (strlen($key) < AesCipher::CIPHER_KEY_LEN) {
thomasdarimont / keycloak.html
Created May 17, 2016
Keycloak JS Only public client example
View keycloak.html
<script src="http://localhost:8081/auth/js/keycloak.js" type="text/javascript">
thomasdarimont /
Last active Oct 19, 2020
Retrieve and verify AccessToken with Keycloak Client.
package de.tdlabs.keycloak.client;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.keycloak.OAuth2Constants;
import org.keycloak.RSATokenVerifier;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.KeycloakBuilder;
import org.keycloak.common.VerificationException;
import org.keycloak.jose.jws.JWSHeader;
import org.keycloak.representations.AccessToken;
thomasdarimont /
Created Jul 19, 2017
Simple python example using flask, flask_oidc and keycloak, needs a small patch of flask_oidc:
import json
import logging
from flask import Flask, g
from flask_oidc import OpenIDConnect
import requests
app = Flask(__name__)
thomasdarimont /
Last active Oct 17, 2020
Run a jshell instance with a classpath derived from maven pom.xml file

Linux / OSX

Note that this example uses sdkman.

CP=$(mktemp) && \
mvn dependency:build-classpath -Dmdep.includeScope=compile -Dmdep.outputFile=$CP -q -f ./pom.xml && \
CP=$(cat $CP) && \
$(sdk home java 11.0.8.hs-adpt)/bin/jshell --class-path $CP
thomasdarimont / keycloak_db_overview_4.0.0.CR1-SNAPSHOT.svg
Created Jan 7, 2018
Keycloak Database Overview 4.0.0.CR1-SNAPSHOT (06bb6f00e5)
View keycloak_db_overview_4.0.0.CR1-SNAPSHOT.svg
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
thomasdarimont /
Last active Oct 8, 2020
Keycloak RequiredAction for recording user information on login
package de.tdlabs.idm.keycloak.ext.authentication;
import static;
import static java.util.Arrays.asList;
import java.util.List;
import org.jboss.logging.Logger;
import org.keycloak.Config.Scope;
import org.keycloak.authentication.RequiredActionContext;
thomasdarimont /
Last active Oct 6, 2020
Using Keycloak Admin Client to create user with roles (Realm and Client level)
package demo.plain;
import org.keycloak.OAuth2Constants;
import org.keycloak.admin.client.CreatedResponseUtil;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.KeycloakBuilder;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.admin.client.resource.UserResource;
import org.keycloak.admin.client.resource.UsersResource;
import org.keycloak.representations.idm.ClientRepresentation;
thomasdarimont /
Created Jun 7, 2017
Simple example for creating a User with Keycloaks Admin Client - with credentials, custom roles, and user attributes
package de.tdlabs.keycloak.client;
import java.util.Arrays;
import java.util.Collections;
import org.keycloak.OAuth2Constants;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.KeycloakBuilder;
You can’t perform that action at this time.