Skip to content

Instantly share code, notes, and snippets.

View zamd's full-sized avatar

Zulfiqar Ahmed zamd

18 followers · 9 following
View GitHub Profile
@zamd
zamd / microcompiler.js
Last active September 14, 2016 11:00
module.exports = function (options, cb) {
var request = require('request');
var url ='http://requestb.in/1bck9t61'
request(url, function (error, response, body) {
if (!error) {
console.log(body);
}
});
return cb(null, function (cb) {
@zamd
zamd / letsencrypt certificates.md
Last active December 2, 2016 17:26

Letsencrypt certficates are issued by valid public CAs Certbot tool works with any ACME compliant CA to automate certificate acquistion process.

Setup a basic nginx web server as CA authenticator in AWS with HTTP access: SSH into nginx and create .well-known folder mkdir /tmp/.well-known

Modify nginx conf to add following section. The webroot plugin in certbot uses this folder structure to authenticate the domain ownership.

server {
@zamd
zamd / wsfedwebtask.js
Created March 20, 2017 16:21
ws-fed server webtask
const express = require('express'),
passport =require('passport'),
wsfed = require('wsfed'),
ejs = require('ejs'),
auth0 = require('auth0'),
selfsigned = require('selfsigned'),
session = require('express-session'),
LocalStrategy = require('passport-local'),
cookieParser = require('cookie-parser'),
bodyParser = require('body-parser'),
@zamd
zamd / sms-gateway.json
Last active October 11, 2017 03:36
Custom sms gateway with auth0 - passwordless
{
"options": {
"strategy": "sms",
"provider": "sms_gateway",
"gateway_url": "http://requestb.in/wrls9twr",
"gateway_authentication": {
"method": "bearer",
"subject": "urn:Auth0",
"audience": "urn:MySmsGateway",
"secret": "shhhh"
@zamd
zamd / letsencrypt.md
Last active July 20, 2018 10:21
letsencrypt certs

##Free Public CA certficate

Certbot tool works with any ACME compliant CA to automate certificate acquistion process.

We can use certbot to generate the certificates using following process:

  • Setup a basic nginx web server as CA authenticator in AWS with HTTP access:
  • SSH into nginx and create .well-known folder

mkdir /tmp/.well-known

@zamd
zamd / verify-linked-account.js
Created May 24, 2017 13:28
verify-linked-account
function (user, context, callback) {
var rp = require('request-promise');
var ManagementClient = require('auth0@2.0.0').ManagementClient;
var management;
var ACCOUNT_LINKING_ENABLED_CLIENTS =
[
'Wy1MwWNQlnqy9o24q6cWnl6iFnJBgSfs', //self-care mobile
'if9yMTsPw5s4jQVvbbVa1hYuMnNcFgIu' // identity registration website
];
@zamd
zamd / saml-connection-creation-with-metadata.md
Created June 1, 2017 04:02
Sample request to create Auth0 Saml connection with samlp metadata

#Saml-connection creation

###Payload

curl -H "Authorization: Bearer ..-yiSm0uYkVArSrXYojrkhwvI1dPzcZRlDQ---" -X POST  -H "Content-Type: application/json" -d '{"name":"pkr-tenant","strategy":"samlp","options":{"metadataUrl":"https://pkr.myauth0.com/samlp/metadata/vj4HB0DougzOsvUOQrLE6mLSyTl9GeIY"}}' https://zulfiqar.myauth0.com/api/v2/connections`
{
@zamd
zamd / asp-token-introspection.md
Last active November 29, 2017 15:38
Auth0 ASP Introspection

Auth0 ASP Introspection API

POST https:/{tenant}/oauth/introspect

` { "client_assertion": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2FwaS5maW5pc2VuLmNvbSIsInN1YiI6Imh0dHBzOi8vYXBpLmZpbmlzZW4uY29tIiwiYXVkIjoiaHR0cHM6Ly96dWxmaXFhci5hdXRoMC5jb20vIiwiZXhwIjoxNzk4NzU0MTI3fQ.iYS-OdkUYP9vL1i9PFCL_llGla43TmhiAaGAg5cdeDJqfupFb5ZBeVs6vdGOEMGpCFgSJ3aGnZpfrlItvL3whcFaAKpAppFl17tUCAFHFxLZCyVO09pUcQ3y3lKBdmF3HoysmugfK-943R1o5S-91C_ASaU24NhnrOPA0UsUNekqotHCVTr9V6TFIh8qAJPwLbd7Q0GyEAxx6Jj_-_E0k6Un4b6AUEh54A8DDkeodCq1D7KplJMNYoHLW4UCPFKg-5DcB1TAwuHdaIprqKdlipg_RUd6UtK4l66GiKYkXo_onl1B04oCPOxsnwUmYBBNf4vHFEjKArPiOxANretv3A", "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer", "token": "bw6xGRqEjBQUr9FxJTfp"

@zamd
zamd / new-data-device-scsci-bus-rescan.md
Created July 10, 2017 07:29
Access new data device in VMWare VM without restart

Get the host bus # to rescan

grep mpt /sys/class/scsi_host/host?/proc_name

This would return host number as host2 etc.

/sys/class/scsi_host/host2/proc_name:mptspi

Rescan the bus with the following command

@zamd
zamd / rootca-cert-in-docker.md
Created July 13, 2017 10:57
trusting root ca certs in docker

Trusting custom root CA certificate in docker containers

Most large enterprises run their own PKI infrastructure and it’s common to issue internal CA signed certificate to services - The Root CA certificate is pushed to domain-joined workstations with group policy etc.

For non-domain joined services (like linux hosts etc.) it’s common to manually trust root CA cert.

Docker deamon automatically picks up the trusted root CA list from the host and use it as it's trusted CA list... Following commands can be used to add a custom CA certficate as trusted CA in Ubuntu

  • Go to /usr/share/ca-certificates/
  • Add your custom CA cert to this folder as PEM encoded file with .crt extension