Garth xgp

## get-keycloak-active-sessions.py
'''
USAGE:
1) Create client in Keycloak and enable client authentication + service account roles for it
2) Assign "view-realm" role from realm-management client on "service account roles" tab for the client
3) Replace keycloak_url and realm_name variables with your Keycloak base dir
4) Export client credentials into $CLIENTID and CLIENTSECRET env variable
5) python get-keycloak-active-sessions.py
'''

import requests

## keycloak-mssql-docker-compose.yml
version: '3'

volumes:
  mssql_data:
    driver: local
  caddy_data:
    driver: local

services:
  mssql:

## openapi.yaml
openapi: 3.0.2
info:
  title: Keycloak Account API
  version: 20.0.3
  description: |
    Derived from the code at https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/services/resources/account/AccountRestService.java
components:
  securitySchemes:
    access_token:
      type: http

## org-create.sh
#!/bin/bash

read -p 'Host (format https://euc1.auth.ac ): ' host
read -p 'Realm: ' realm

printf "\nThis user must have create-organization, manage-organizations, and view-organizations realm-management roles in order to create and manage new Organizations.\n"read -p 'Username: ' user
read -p 'Username: ' user
read -sp 'Password: ' pass

DIRECT_GRANT_RESPONSE=$(curl -i --request POST $host/auth/realms/$realm/protocol/openid-connect/token --header "Accept: application/json" --header "Content-Type: application/x-www-form-urlencoded" --data "grant_type=password&username=$user&password=$pass&client_id=admin-cli")

## Dockerfile
FROM quay.io/keycloak/keycloak:17.0.0 as builder

ENV KC_METRICS_ENABLED=true
ENV KC_FEATURES=preview
ENV KC_DB=postgres
ENV KC_HTTP_RELATIVE_PATH=/auth
# specify the custom cache config file here
ENV KC_CACHE_CONFIG_FILE=cache-ispn-jdbc-ping.xml

# copy the custom cache config file into the keycloak conf dir

## ExampleTest.java
import static org.hamcrest.CoreMatchers.*;
import static org.junit.Assert.*;

import org.junit.BeforeClass;
import org.junit.ClassRule;
import org.junit.Test;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.representations.idm.RealmRepresentation;

public class ExampleTest {

## gist:a853e80351e832070511a8ec7d0fda78
import se.akerfeldt.okhttp.signpost.OkHttpOAuthConsumer;
import se.akerfeldt.okhttp.signpost.SigningInterceptor;

....
        // Using the default Java
        DefaultApi api = new DefaultApi();
        ApiClient client = api.getApiClient();

        // Put the interceptor in the http client
        OkHttpClient http = client.getHttpClient();

## scribe-centos
#!/bin/bash

echo '=================================================='
echo '===============Install necessary tools==============='
echo '=================================================='

sudo yum update
sudo yum install git make flex bison libtool automake openssl-devel libevent libevent-devel python-devel gcc-c++ byacc java-1.7.0-openjdk ant

echo '=================================================='
	'''
	USAGE:
	1) Create client in Keycloak and enable client authentication + service account roles for it
	2) Assign "view-realm" role from realm-management client on "service account roles" tab for the client
	3) Replace keycloak_url and realm_name variables with your Keycloak base dir
	4) Export client credentials into $CLIENTID and CLIENTSECRET env variable
	5) python get-keycloak-active-sessions.py
	'''

	import requests
	version: '3'

	volumes:
	mssql_data:
	driver: local
	caddy_data:
	driver: local

	services:
	mssql:
	openapi: 3.0.2
	info:
	title: Keycloak Account API
	version: 20.0.3
	description: \|
	Derived from the code at https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/services/resources/account/AccountRestService.java
	components:
	securitySchemes:
	access_token:
	type: http
	#!/bin/bash

	read -p 'Host (format https://euc1.auth.ac ): ' host
	read -p 'Realm: ' realm

	printf "\nThis user must have create-organization, manage-organizations, and view-organizations realm-management roles in order to create and manage new Organizations.\n"read -p 'Username: ' user
	read -p 'Username: ' user
	read -sp 'Password: ' pass

	DIRECT_GRANT_RESPONSE=$(curl -i --request POST $host/auth/realms/$realm/protocol/openid-connect/token --header "Accept: application/json" --header "Content-Type: application/x-www-form-urlencoded" --data "grant_type=password&username=$user&password=$pass&client_id=admin-cli")
	FROM quay.io/keycloak/keycloak:17.0.0 as builder

	ENV KC_METRICS_ENABLED=true
	ENV KC_FEATURES=preview
	ENV KC_DB=postgres
	ENV KC_HTTP_RELATIVE_PATH=/auth
	# specify the custom cache config file here
	ENV KC_CACHE_CONFIG_FILE=cache-ispn-jdbc-ping.xml

	# copy the custom cache config file into the keycloak conf dir
	import static org.hamcrest.CoreMatchers.*;
	import static org.junit.Assert.*;

	import org.junit.BeforeClass;
	import org.junit.ClassRule;
	import org.junit.Test;
	import org.keycloak.admin.client.Keycloak;
	import org.keycloak.representations.idm.RealmRepresentation;

	public class ExampleTest {
	import se.akerfeldt.okhttp.signpost.OkHttpOAuthConsumer;
	import se.akerfeldt.okhttp.signpost.SigningInterceptor;

	....
	// Using the default Java
	DefaultApi api = new DefaultApi();
	ApiClient client = api.getApiClient();

	// Put the interceptor in the http client
	OkHttpClient http = client.getHttpClient();
	#!/bin/bash

	echo '=================================================='
	echo '===============Install necessary tools==============='
	echo '=================================================='

	sudo yum update
	sudo yum install git make flex bison libtool automake openssl-devel libevent libevent-devel python-devel gcc-c++ byacc java-1.7.0-openjdk ant

	echo '=================================================='