class ClientCreate extends ClientUpdate {
String type;
// properties manadatory for creation
}
class ClientUpdate{
String name;
String description;
Thomas Darimont thomasdarimont
🏠
thomasdarimont
/ readme.md
Last active
March 24, 2025 13:05
API Sketch - Using different types to restrict available fields
thomasdarimont
/ readme.md
Last active
March 19, 2025 13:17
Example Realm with a Configuration for OAuth2 Resource Indicators based on https://github.com/keycloak/keycloak/pull/35711
This import creates a new resource-indicators realm with a photoz client.
The photoz client defines available resource-indicators via the authorization-services resources.
Create a user tester with password test in the resource-indicators realm.
Then you should be able to execute the following requests via curl.
Note the resource parameter which enables the client to select which resources should be associated with the authorization.
thomasdarimont
/ JsonSchemaDemo.java
Last active
March 10, 2025 22:41
JSON Schema Validation Example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package demo; | |
| import com.fasterxml.jackson.databind.JsonNode; | |
| import com.fasterxml.jackson.databind.ObjectMapper; | |
| import com.networknt.schema.JsonNodePath; | |
| import com.networknt.schema.JsonSchema; | |
| import com.networknt.schema.JsonSchemaFactory; | |
| import com.networknt.schema.SpecVersion; | |
| import com.networknt.schema.ValidationMessage; |
thomasdarimont
/ healthcheck.sh
Created
January 9, 2025 09:27
Keycloak Healthcheck for docker without curl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| exec 3<>/dev/tcp/localhost/8080 | |
| echo -e "GET /auth/health/ready HTTP/1.1\nhost: localhost:8080\n" >&3 | |
| timeout --preserve-status 1 cat <&3 | grep -m 1 status | grep -m 1 UP | |
| ERROR=$? | |
| exec 3<&- | |
| exec 3>&- |
thomasdarimont
/ CookieSecurityContextRepository.java
Created
December 6, 2024 10:39
thomasdarimont
/ JwtClientAuthApp.java
Last active
November 1, 2024 13:01
Spring Boot 3.3.5 JwtClientAuthApp example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package demo.jwtclientauth; | |
| import com.fasterxml.jackson.core.JsonProcessingException; | |
| import com.fasterxml.jackson.databind.ObjectMapper; | |
| import com.nimbusds.jose.JOSEException; | |
| import com.nimbusds.jose.JOSEObjectType; | |
| import com.nimbusds.jose.JWSAlgorithm; | |
| import com.nimbusds.jose.JWSHeader; | |
| import com.nimbusds.jose.JWSObject; | |
| import com.nimbusds.jose.Payload; |
thomasdarimont
/ DebugFriendlyCreatedResponseUtil.java
Created
October 25, 2024 10:44
DebugFriendlyCreatedResponseUtil
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package de.adorsys.keycloak.config.util; | |
| import jakarta.ws.rs.WebApplicationException; | |
| import jakarta.ws.rs.core.HttpHeaders; | |
| import jakarta.ws.rs.core.MediaType; | |
| import jakarta.ws.rs.core.Response; | |
| import java.net.URI; | |
| import java.util.Map; |
Issue: First example does not show how to use --context, errors without it
Issue: ~/.kct folder not created if missing
Issue: How to configure trust store via CLI? Manually adding trust store at the root did not work either. Truststore setting was removed after adding new (http) context.
Issue: Truststore configuration does not work, even with truststore set, I cannot configure it.
Issue: Add support for skip certificate validation
thomasdarimont
/ setup-keycloak-config-client.sh
Created
October 3, 2024 09:20
Example for setting up a Keycloak Client via kcadm.sh with the official Keycloak docker image
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| shopt -s expand_aliases | |
| alias kcadm="docker run --net=host -i --user=1000:1000 --rm -v $(echo $HOME)/.acme/.keycloak:/opt/keycloak/.keycloak:z --entrypoint /opt/keycloak/bin/kcadm.sh quay.io/keycloak/keycloak:24.0.5" | |
| KEYCLOAK_URL=http://localhost:8080/auth | |
| KEYCLOAK_ADMIN=admin | |
| KEYCLOAK_ADMIN_PASSWORD=admin |
thomasdarimont
/ client.json
Last active
September 19, 2024 22:54
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "clientId": "reference-client", | |
| "name": "", | |
| "description": "", | |
| "rootUrl": "", | |
| "adminUrl": "", | |
| "baseUrl": "", | |
| "surrogateAuthRequired": false, | |
| "enabled": true, | |
| "alwaysDisplayInConsole": false, |
NewerOlder