Skip to content

Instantly share code, notes, and snippets.

View mdeggies's full-sized avatar

Michele Degges mdeggies

  • HashiCorp
  • California
  • 23:37 (UTC -12:00)
View GitHub Profile
@mdeggies
mdeggies / validate_slack_request_source.py
Created July 5, 2020 20:50
Slack validation in Python3
def validate_request_source(request):
"""Validate that the incoming request is from our own slack instance in Python3
Returns True if the request is valid, False otherwise"""
try:
if 'X-Slack-Request-Timestamp' in request.headers and 'X-Slack-Signature' in request.headers:
timestamp = request.headers['X-Slack-Request-Timestamp']
expected_signature = request.headers['X-Slack-Signature']
# Reject replay attacks
if (int(timestamp) + (60 * 5)) < int(time()):
return False

Quick bash script that shows how to use the gon CLI tool on a remote OSX box to sign, package, staple, and notarize a product from releases.hashicorp.com. It also validates that the binary has been signed and notarized properly and can run on OSX 10.15.

Pre-reqs:

  • Your OSX box should have OSX 10.15+, wget, Xcode 11.1+, and SSH access enabled
  • Create a developer ID cert and add it to your login keychain on your OSX box
  • Set the following environment variables locally: SSH_USER, SSH_PWD, and REMOTE_IP
  • Edit config.json locally and replace the variables with real values
  • Ensure config.json, script.sh, and remote_script.sh are all in the same local dir

To run:

@mdeggies
mdeggies / login.html
Last active June 7, 2017 22:28
Okta Sign-In Widget Example
<!doctype html>
<html lang="en-us">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Example Okta Sign-In Widget</title>
<!--[if lt IE 9]>
<script src="//cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.2/html5shiv.min.js"></script>
@mdeggies
mdeggies / shiro-hash-validation.java
Created May 18, 2017 19:42
shiro1 password hash validation in Java
// GIST shows how to validate a shiro1 password hash in Java.
// The original mcf_string was created via the Shiro Command Liner Hasher: https://shiro.apache.org/command-line-hasher.html
// With these args: java -jar shiro-tools-hasher-1.3.2-cli.jar --algorithm SHA-512 --nogensalt --saltbytes <BASE64_ENCODED_SALT> --iterations 500000 --password Jenydoby6!
import org.apache.shiro.crypto.hash.Sha512Hash;
import java.util.Base64;
// Extract the password hash. Below is an example hash
String mcf_string = "$shiro1$SHA-512$500000$ctYP52a2Sp2yIjzzlJAuPg==$ctZ4gQtNd7bKI0SWtktRAiP4Xzgk66sabg3pj0pQBmKZmgG7KAXZqAhBJJ3cCTqenfqi4LTgeZnh4waL6oMH+w==";
@mdeggies
mdeggies / shiro-hash-validation.php
Created May 18, 2017 19:34
shiro1 password hash validation in PHP
<?php
// GIST shows how to validate a shiro1 password hash in Java.
// The original mcf_string was created via the Shiro Command Liner Hasher: https://shiro.apache.org/command-line-hasher.html
// With these args: java -jar shiro-tools-hasher-1.3.2-cli.jar --algorithm SHA-512 --nogensalt --saltbytes <BASE64_ENCODED_SALT> --iterations 500000 --password Jenydoby6!
// Extract the password hash. Below is an example hash
$mcf_string = '$shiro1$SHA-512$500000$ctYP52a2Sp2yIjzzlJAuPg==$ctZ4gQtNd7bKI0SWtktRAiP4Xzgk66sabg3pj0pQBmKZmgG7KAXZqAhBJJ3cCTqenfqi4LTgeZnh4waL6oMH+w==';
$parts = \explode('$', $mcf_string);
@mdeggies
mdeggies / pwd-import-java.java
Created April 13, 2017 20:36
(Java SDK) Import User with SHA-1 Password into Stormpath
"""
password-import.java
~~~~~~~~~
A super basic script that shows how to import a user with a freshly SHA-1 hashed password into Stormpath
and authenticate him using the Java SDK (version 1.5.5): https://github.com/stormpath/stormpath-sdk-java
NOTE: You will need to add the apache commons codec jar (version 1.10) to your project in order to use DigestUtils
"""
public class Quickstart {
@mdeggies
mdeggies / pwd-import-python.py
Last active April 13, 2017 20:55
(Python SDK) Import User with SHA-1 Password into Stormpath
"""
password-import.py
~~~~~~~~~
A super basic script that shows how to import a user with a freshly SHA-1 hashed password into Stormpath
and authenticate him using the Python SDK: https://docs.stormpath.com/python/
"""
from base64 import b64encode
from hashlib import sha1
from stormpath.client import Client
@mdeggies
mdeggies / server.js
Created September 19, 2016 03:46
Using ID Site with Stormpath's Node SDK
/*** Sources: https://github.com/stormpath/stormpath-sdk-node/blob/master/lib/resource/Application.js#L122
https://docs.stormpath.com/rest/product-guide/latest/idsite.html ***/
'use strict';
var stormpath = require('stormpath');
var http = require('http');
var Router = require('router');
var finalhandler = require('finalhandler');