Skip to content

Instantly share code, notes, and snippets.

View gdestuynder's full-sized avatar
🏔️
.

Guillaume Destuynder (:kang) gdestuynder

🏔️
.
60 followers · 1 following
View GitHub Profile
@gdestuynder
gdestuynder / gist:7994d5985ed1b339159c7a47ae528d95
Created November 5, 2018 20:56
kang@xps13 ~/git/iam/cis/well-known-endpoint (git)-[profilev2] % git diff
diff --git a/well-known-endpoint/README.md b/well-known-endpoint/README.md
index 89fc67a..a0ae9cf 100644
--- a/well-known-endpoint/README.md
+++ b/well-known-endpoint/README.md
@@ -19,6 +19,8 @@ example)
- `tpl` contains the original templates for the files, CHANGE THESE!
- `s3` is where the templates are copied after changing their values depending on the environment, DO NOT CHANGE THESE!
+- `profile.schema` comes from CIS's `cis_profile` module, if you change it, change it in the module then copy it back
@gdestuynder
gdestuynder / error.bash
Created October 15, 2018 22:10
============================================================================= FAILURES =============================================================================
_________________________________________________________________ TestGetIndices.test_get_indices __________________________________________________________________
self = <test_elasticsearch_client.TestGetIndices object at 0x7f5c16bbc550>
def test_get_indices(self):
if pytest.config.option.delete_indexes:
self.es_client.create_index('test_index')
time.sleep(1)
@gdestuynder
gdestuynder / classification.json
Last active October 5, 2018 21:46
{
"schema": "https://person-api.sso.mozilla.com/schema/v2/profile",
"user_id": {
"signature": {
"publisher": {
"alg": "RS256",
"typ": "JWS",
"name": "access_provider",
"value": ""
},
@gdestuynder
gdestuynder / gist:95d91a0cfd3abeba21b4e9cdc9bd7dbd
Created July 18, 2018 20:43
clients/0w4E1e2qbcA44oQKfYiUF167pc2l1Lud.json: "oidc_conformant": false,
clients/2lTZtlpqx4bslng167l1BBqTMusCAJkZ.json: "oidc_conformant": false,
clients/2QnAFjxpltXc2dTkd9QW7nY43dx6xf5a.json: "oidc_conformant": false,
clients/2u1UiM7zpKqzGHgShTHyNqlKjJWnswVZ.json: "oidc_conformant": false,
clients/3TMLWJb8KIbjB1S3HeyjDm0ns192BTdZ.json: "oidc_conformant": false,
clients/462AVvm5b1GOLD0z7Gao0Eje24aF3Kz0.json: "oidc_conformant": false,
clients/4cK74pcWB0VU34UAWnxB25YhKPEK6ijs.json: "oidc_conformant": false,
clients/4HNLHcA7ZSNVWSJVBk9yVxq06WRquN2L.json: "oidc_conformant": false,
clients/4zLfZwWUp7oLmmFZqjsJHPAHzAXFetEt.json: "oidc_conformant": false,
clients/54KBW3ESzKFfQws77PCXziJnPt0dYHE0.json: "oidc_conformant": false,
@gdestuynder
gdestuynder / audit.service
Created July 17, 2018 20:41
[Unit]
Description=Security Auditing Service
DefaultDependencies=no
## If auditd.conf has tcp_listen_port enabled, copy this file to
## /etc/systemd/system/auditd.service and add network-online.target
## to the next line so it waits for the network to start before launching.
After=local-fs.target systemd-tmpfiles-setup.service
Conflicts=shutdown.target
Before=sysinit.target shutdown.target
RefuseManualStop=yes
@gdestuynder
gdestuynder / gist:58c0cddcd123c6fb797d852e2cd35ca0
Created July 12, 2018 16:44
<!DOCTYPE html>
<html lang="en">
<head>
<title>Mozilla Login - Maintenance</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
</head>
<body>
<h1>Maintenance mode</h1>
<p>
We are currently experiencing an issue &amp; working hard to resolve it. Please try to login again in a few minutes.
@gdestuynder
gdestuynder / profile.yml
Created June 27, 2018 00:10
---
# Note that the schema for the user profile and all serialization is in JSON format - this file is in YAML and must be
# converted to JSON before validation or signature verification or generation purposes.
## Starting here are the CORE profile fields
# This is where the profile schema resides
# https://person-api.sso.mozilla.com/schema/v2/profile is core+extended
# https://person-api.sso.mozilla.com/schema/v2/profile/core is core only
@gdestuynder
gdestuynder / a.diff
Last active June 25, 2018 21:27
--- aaa.json 2018-06-25 13:42:40.924857600 -0700
+++ /home/kang/git/iam/auth0-deploy/rules/force-users-login-most-secure-method.js 2018-06-06 15:50:03.662627623 -0700
@@ -46,10 +46,12 @@
var userApiUrl = auth0.baseUrl + '/users';
// Lower is better
- var matchOrder = {'ad': 0,
- 'github': 1,
- 'google-oauth2': 2,
- 'email': 3
@gdestuynder
gdestuynder / gist:a5f895fea9d3a54e4a226acbdcfebfae
Created May 31, 2018 22:39
gpg: Signature made Thu 31 May 2018 03:34:58 PM PDT
gpg: using RSA key 4AEE18F83AFDEB23
gpg: requesting key 4AEE18F83AFDEB23 from hkp server gpg.mozilla.org
gpg: key 4AEE18F83AFDEB23: 1 duplicate signature removed
gpg: key 4AEE18F83AFDEB23: 27 signatures not checked due to missing keys
gpg: key 4AEE18F83AFDEB23: public key "GitHub (web-flow commit signing) <[email protected]>" imported
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 6 signed: 106 trust: 0-, 0q, 0n, 0m, 0f, 6u
gpg: depth: 1 valid: 106 signed: 88 trust: 106-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2018-06-01
@gdestuynder
gdestuynder / typical_github_workflow.md
Last active June 5, 2018 18:27

Setup

Alternative setup

  • git clone https://github.com/mozilla-iam/auth0-custom-lock
  • cd auth0-custom-lock