Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/softwarefactory-project/keycloak-github-ssh-key-attribute-mapper

A custom Keycloak attribute mapper that fetches a user's SSH keys from the github REST API.
https://github.com/softwarefactory-project/keycloak-github-ssh-key-attribute-mapper

Last synced: 4 months ago
JSON representation

A custom Keycloak attribute mapper that fetches a user's SSH keys from the github REST API.

Host: GitHub
URL: https://github.com/softwarefactory-project/keycloak-github-ssh-key-attribute-mapper
Owner: softwarefactory-project
License: apache-2.0
Created: 2019-09-16T15:57:03.000Z (about 5 years ago)
Default Branch: master
Last Pushed: 2024-02-12T11:46:17.000Z (10 months ago)
Last Synced: 2024-06-22T10:40:28.319Z (6 months ago)
Language: Java
Size: 91.8 KB
Stars: 19
Watchers: 3
Forks: 3
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # keycloak-github-ssh-key-attribute-mapper

This custom attribute mapper can be used to fetch a user's public SSH key whenever they log in with Github, and store it into a custom attribute.

# Build

```

mvn clean install

```

To build the SPI for use with a version of Keycloak prior to 22.X, you need to use openjdk 11 and patch pom.xml to target java 11:

```

11

11

```

# Prerequisites

A SQL database backend is required. The user attributes table must be manually modified to allow larger attributes like public keys.

Example for mariadb/mysql:

`alter table USER_ATTRIBUTE drop index IDX_USER_ATTRIBUTE_NAME; alter table USER_ATTRIBUTE modify VALUE TEXT(100000) CHARACTER SET utf8 COLLATE utf8_general_ci; alter table USER_ATTRIBUTE ADD KEY IDX_USER_ATTRIBUTE_NAME (NAME, VALUE(400));`

# Deploy (Wildfly)

Copy the built jar into {KEYCLOAK_HOME}/standalone/deployments

# Deploy (Quarkus)

Copy the built jar into /opt/keycloak/providers

# Testing it out

The `testing` directory contains a Dockerfile that can be used to generate an optimized keycloak image with the mapper preinstalled.

There is also a compose spinning up keycloak, the mapper, and a mariadb instance - but the database needs to be modified manually (a Github oauth provider as well).

The `demo.sh` script automates everything, but requires the following preparation:

* Create a Github OAuth app for your test deployment, the callback URL will be http://localhost:8082/realms/test/broker/github/endpoint

* Set the environment variables GH_CLIENT_ID and GH_CLIENT_PASSWORD to the generated client ID and password, respectively

* run `demo.sh`

* Log in with Github when prompted and press any key to display the user's attributes, your SSH key should appear in "pubKey".