thomasdarimont

docker run --privileged --rm -v /home/tom/.trivy/cache:/root/.cache/ -v /var/run/docker.sock:/var/run/docker.sock:z aquasec/trivy:0.27.1 image thomasdarimont/custom-keycloakx:1.0.0-SNAPSHOT

docker run --privileged --rm -v /home/tom/.trivy/cache:/root/.cache/ -v /var/run/docker.sock:/var/run/docker.sock:z aquasec/trivy:0.27.1 image thomasdarimont/custom-keycloakx:1.0.0-SNAPSHOT
2022-05-07T11:40:04.324Z	INFO	Detected OS: redhat
2022-05-07T11:40:04.324Z	INFO	Detecting RHEL/CentOS vulnerabilities...
2022-05-07T11:40:04.356Z	INFO	Number of language-specific files: 1
2022-05-07T11:40:04.356Z	INFO	Detecting jar vulnerabilities...

thomasdarimont/custom-keycloakx:1.0.0-SNAPSHOT (redhat 8.5)
===========================================================

thomasdarimont

package demo;

import io.quarkus.bootstrap.app.AdditionalDependency;
import io.quarkus.bootstrap.app.CuratedApplication;
import io.quarkus.bootstrap.app.QuarkusBootstrap;
import io.quarkus.bootstrap.model.AppArtifactKey;
import io.quarkus.bootstrap.model.AppModel;
import io.quarkus.bootstrap.model.ApplicationModel;
import io.quarkus.bootstrap.model.DefaultApplicationModel;
import io.quarkus.bootstrap.model.MutableJarApplicationModel;

thomasdarimont

mvn  dependency:tree --also-make-dependents --projects quarkus/deployment,quarkus/dist,quarkus/runtime,quarkus/server

[INFO] Scanning for projects...
[WARNING] 
[WARNING] Some problems were encountered while building the effective model for org.keycloak:keycloak-model-map-jpa:jar:999-SNAPSHOT
[WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)' must be unique: jakarta.persistence:jakarta.persistence-api:jar -> duplicate declaration of version (?) @ line 54, column 21
[WARNING] 

thomasdarimont

docker run \
-it \
--rm
--name kcx
-e KEYCLOAK_ADMIN=admin
-e KEYCLOAK_ADMIN_PASSWORD=admin
-e KC_HTTP_RELATIVE_PATH=auth
-p 8080:8080
quay.io/keycloak/keycloak:18.0.0
start-dev

thomasdarimont

docker run -it --rm  mcr.microsoft.com/restlerfuzzer/restler:v7.4.0 dotnet /RESTler/restler/Restler.dll 

See also: microsoft/restler-fuzzer#371

thomasdarimont

FROM quay.io/keycloak/keycloak:17.0.1 as builder

ENV KC_METRICS_ENABLED=true
ENV KC_FEATURES=preview
ENV KC_DB=postgres
ENV KC_HTTP_RELATIVE_PATH=/auth
# specify the custom cache config file here
ENV KC_CACHE_CONFIG_FILE=cache-ispn-jdbc-ping.xml

# copy the custom cache config file into the keycloak conf dir

thomasdarimont

package com.github.thomasdarimont.keycloak.webapp.config;

import com.github.thomasdarimont.keycloak.webapp.support.security.KeycloakLogoutHandler;
import lombok.RequiredArgsConstructor;
import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties;
import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.core.GrantedAuthority;

thomasdarimont

package demo;

import java.lang.invoke.MethodHandle;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.lang.reflect.Constructor;

// Run with --add-opens java.base/java.lang.invoke=ALL-UNNAMED
public class SuperJump {

thomasdarimont

tokens.ts

import AddressClaimSet from './addressClaimSet';
import AccessTokenAccess from './AccessTokenAccess';
import AccessTokenCertConf from './accessTokenCertConf';

export interface JsonWebToken {

    jti?: string;

thomasdarimont

import json
import os

import certifi
import requests
from authlib.oauth2.rfc6749 import OAuth2Token
from flask import Flask, url_for, session
from flask import render_template, redirect
from authlib.integrations.flask_client import OAuth, token_update