Tuesday, 21 June 2022

Custom User Providers in Keycloak

 

Overview of Custom Providers with Keycloak

Out-of-the-box, Keycloak provides a range of standard-based integrations based on protocols like SAML, OpenID Connect, and OAuth2. While this built-in functionality is quite powerful, sometimes it's not enough. A common requirement, especially when legacy systems are involved, is to integrate users from those systems into Keycloak. To accommodate for this and similar integration scenarios, Keycloak supports the concept of custom providers.

Custom providers play a key role in Keycloak's architecture. For every major functionality, like the login flow, authentication, authorization, there's a corresponding Service Provider Interface. This approach allows us to plug custom implementations for any of those services, which Keycloak will then use as it were one of its own.

Available SPIs

Keycloak's main documentation lists the following SPIs:

  • org.keycloak.authentication.AuthenticatorFactory: Defines actions and interaction flows required to authenticate a user or client application

  • org.keycloak.authentication.actiontoken.ActionTokenHandlerFactory: Allows us to create custom actions that Keycloak will perform upon reaching the /auth/realms/master/login-actions/action-token endpoint. As an example, this mechanism is behind the standard password reset flow. The link included in the e-mail includes such an action token

  • org.keycloak.events.EventListenerProviderFactory: Creates a provider that listens for Keycloak events. The EventType Javadoc page contains a list of the available events custom a provider can handle. A typical use for using this SPI would be creating an audit database

  • org.keycloak.adapters.saml.RoleMappingsProvider: Maps SAML roles received from an external identity provider into Keycloak's ones. This mapping very flexible, allowing us to rename, remove, and/or add roles in the context of a given Realm

  • org.keycloak.storage.UserStorageProviderFactory: Allows Keycloak to access custom user stores

  • org.keycloak.vault.VaultProviderFactory: Allows us to use a custom vault to store Realm-specific secrets. Those can include information like encryption keys, database credentials, etc.

Now, this list by no means covers all the available SPIs: they're just the most well documented and, in practice, most likely to require customization

Sample SPI code can be found in https://github.com/dasniko/keycloak-user-spi-demo 
  Steps to integrate

Step 1: Download the demo project available in git repo https://github.com/dasniko/keycloak-user-spi-demo 

Step 2: Remove the unused hardcoded values from user repository class and write the connection code to query the users from database

Step 3: Have a jboss-deployment-structure.xml like the below code snippet
Module name is the package name of the userValidationProviderFactory 

As provided https://stackoverflow.com/questions/46205475/keycloak-extension-with-dependencies


<?xml version="1.0" encoding="UTF-8"?>

<jboss-deployment-structure>

    <deployment>

        <dependencies>

            <module name="module name"/>

        </dependencies>

    </deployment>

</jboss-deployment-structure>



Step 4: If package names are renamed and restructured, the same should be changed in /keycloak-user-provider/src/main/resources/META-INF/services/org.keycloak.storage.UserStorageProviderFactory


Step 5: Add the lines in pom.xml to generate fat jar along with dependencies, this should be added inside <build> tag

Follow steps in http://tutorials.jenkov.com/maven/maven-build-fat-jar.html


Step 6: To configure plugin, include the following inside constructor of UserValidationProviderFactory

As provided in the link https://www.baeldung.com/java-keycloak-custom-user-providers


Step 7: To package the code run sh copy.sh or mvn clean package, once the command completes two jars are generated in the target folder. Rename the jar with dependencies as custom.jar and move it to the docker folder of the keycloak that needs to be run.

Ref: https://www.baeldung.com/java-keycloak-custom-user-providers


profile for Sanjeev S on Stack Exchange, a network of free, community-driven Q&A sites

Friday, 19 February 2021

Git commands

 Here are the CLI commands of  Git actions which are being frequently used:


  • git config

  • git init

  • git clone

  • git add

  • git commit

  • git diff

  • git reset

  • git status

  • git rm

  • git log

  • git show

  • git tag

  • git branch

  • git checkout

  • git merge

  • git remote

  • git push

  • git pull

  • git stash



Git Commands


git config


Usage: git config –global user.name “[name]”


Usage: git config –global user.email “[email address]”


This command sets the author name and email address respectively to be used with your commits.


git init


Usage: git init [repository name]


This command is used to start a new repository.



git clone

Usage: git clone [url]


This command is used to obtain a repository from an existing URL.




git add

Usage: git add [file]


This command adds a file to the staging area.


Usage: git add *

This command adds one or more to the staging area.


git commit


Usage: git commit -m “[ Type in the commit message]”


This command records or snapshots the file permanently in the version history.


Usage: git commit -a


This command commits any files you’ve added with the git add command and also commits any files you’ve changed since then.


git diff


Usage: git diff


This command shows the file differences which are not yet staged.


Usage: git diff –staged


This command shows the differences between the files in the staging area and the latest version present.


Usage: git diff [first branch] [second branch]


This command shows the differences between the two branches mentioned.


Usage: git diff --stat  [first commit ID] [second commit ID]


This command shows the differences between the two commits mentioned


git reset


Usage: git reset [file]


This command unstages the file, but it preserves the file contents.



Usage: git reset [commit]


This command undoes all the commits after the specified commit and preserves the changes locally.



Usage: git reset –hard [commit]


This command discards all history and goes back to the specified commit.



git status


Usage: git status


This command lists all the files that have to be committed.



git rm


Usage: git rm [file]


This command deletes the file from your working directory and stages the deletion.



git log


Usage: git log


This command is used to list the version history for the current branch.


Usage: git log –follow[file]


This command lists version history for a file, including the renaming of files also.



git show


Usage: git show [commit]


This command shows the metadata and content changes of the specified commit.


git tag


Usage: git tag [commitID]


This command is used to give tags to the specified commit.


git branch


Usage: git branch


This command lists all the local branches in the current repository.


Usage: git branch [branch name]


This command creates a new branch.


Usage: git branch -d [branch name]


This command deletes the feature branch


git checkout

Usage: git checkout [branch name]


This command is used to switch from one branch to another.


Usage: git checkout -b [branch name]


This command creates a new branch and also switches to it.


git merge

Usage: git merge [branch name]


This command merges the specified branch’s history into the current branch.


git remote

Usage: git remote add [variable name] [Remote Server Link]


This command is used to connect your local repository to the remote server.



git push

Usage: git push [variable name] master


This command sends the committed changes of master branch to your remote repository.



Usage: git push [variable name] [branch]


This command sends the branch commits to your remote repository


Usage: git push –all [variable name]


This command pushes all branches to your remote repository.


Usage: git push [variable name] :[branch name]


This command deletes a branch on your remote repository.


git pull

Usage:  git pull [Repository Link]


This command fetches and merges changes on the remote server to your working directory.


git stash

Usage: git stash save


This command temporarily stores all the modified tracked file


Usage: git stash pop


This command restores the most recently stashed files.


Usage: git stash list


This command lists all stashed change sets.


Usage: git stash drop

This command discards the most recently stashed change set.




profile for Sanjeev S on Stack Exchange, a network of free, community-driven Q&A sites

Tuesday, 13 October 2020

Difference between SQL and NoSQL databases

 NoSQL (“non SQL” or “not only SQL”) databases were developed in the late 2000s with a focus on scaling, fast queries, allowing for frequent application changes, and making programming simpler for developers. Relational databases accessed with SQL (Structured Query Language) were developed in the 1970s with a focus on reducing data duplication as storage was much more costly than developer time. SQL databases tend to have rigid, complex, tabular schemas and typically require expensive vertical scaling.

Here are some main differences between SQL and NoSQL databases.

SQL DatabasesNoSQL Databases
Data Storage ModelTables with fixed rows and columnsDocument: JSON documents, Key-value: key-value pairs, Wide-column: tables with rows and dynamic columns, Graph: nodes and edges
Development HistoryDeveloped in the 1970s with a focus on reducing data duplicationDeveloped in the late 2000s with a focus on scaling and allowing for rapid application change driven by agile and DevOps practices.
ExamplesOracle, MySQL, Microsoft SQL Server, and PostgreSQLDocument: MongoDB and CouchDB, Key-value: Redis and DynamoDB, Wide-column: Cassandra and HBase, Graph: Neo4j and Amazon Neptune
Primary PurposeGeneral purposeDocument: general purpose, Key-value: large amounts of data with simple lookup queries, Wide-column: large amounts of data with predictable query patterns, Graph: analyzing and traversing relationships between connected data
SchemasRigidFlexible
ScalingVertical (scale-up with a larger server)Horizontal (scale-out across commodity servers)
Multi-Record ACID TransactionsSupportedMost do not support multi-record ACID transactions. However, some—like MongoDB—do.
JoinsTypically requiredTypically not required
Data to Object MappingRequires ORM (object-relational mapping)Many do not require ORMs. MongoDB documents map directly to data structures in most popular programming languages.


profile for Sanjeev S on Stack Exchange, a network of free, community-driven Q&A sites

Thursday, 20 October 2016

Few coding questions



profile for Sanjeev S on Stack Exchange, a network of free, community-driven Q&A sites

FUTURE SYSTEM FOR ENERGY MONITORING AND CONSERVATION

Accurate metering, detection of energy theft and implementation of proper billing system are required in wise energy management. Energy meter is used to analyse the energy consumed. Most of the population uses manually reading machines. It has always been a tiresome process for reading the meter manually from all consumers irrespective of industries or households. Different types of energy meter implementations have been introduced since the usage of electricity begun in times.So it will be better if we use advanced system for energy monitoring thereby reducing manual labour and mistakes in meter reading.

The survey and final papers are published in
Final


profile for Sanjeev S on Stack Exchange, a network of free, community-driven Q&A sites

Simple Navigation assistant

This is a simple app done in b-tech life as part of mini project

https://drive.google.com/open?id=0B-XP8_Ro9QiEZHZOMUFFc09tZWFvQ3BSTEVTOFhZMHdVM2tB


profile for Sanjeev S on Stack Exchange, a network of free, community-driven Q&A sites

Custom User Providers in Keycloak

  Overview of Custom Providers with Keycloak Out-of-the-box, Keycloak provides a range of standard-based integrations based on protocols lik...