At please-open.it, we write many documentations about Keycloak and authentication in general. Those documents are considered as resources for the company, and all our resources are stored in our gitlab instance.
We built a tool based on Markdown and Gitlab-ci to generate great and beautiful PDF documents with home page, changelog, table of content, header and footer.
Starting a company is like starting a new job.
I will expose how I organized my every day work, starting with my working environment : screens, laptop, desk...
A feedback about 2 years of remote working, starting a new business and many optimizations.
What is the logout process with oauth2 ?
Revoke a token ? Remove from storage ? What about your backend ?
We will try several options for different providers and try many possibilities to see how to do a great and correct logout.
By the way, why an incorrect logout process could be a security issue with The French national employment agency
client_id and client_secret are authentication informations, from an application to another app. By this study, with a real use case between Strava and SportHeroes, I'll show you the real importance of those informations.
Why sharing data collected from another provider is a real problem for user experience and legal reasons ?
OpenVPN allows usage of PAM modules. By using an oauth2 client PAM module and password grant, we can use our own SSO (Keycloak) to authenticate users on a VPN infrastructure. For Oauth2 providers which do not allow Password Grant, we will use a "token authentication" by providing a valid token instead of a password. Code and demo with Google as authentication provider.
Most of the time, a backend is just a layer between APIs and a database. Using the Postgrest project and some SQL we will build a backend without any Java, Golang, C# etc… For this Demo, we will build a chat application with channels, messages, users and user profiles.
Mais que se passe-t'il depuis quelques années ? Sur tous les CV que l'on peut voir passer sur les réseaux sociaux et dans les boites mail, c'est de plus en plus le concours à celui qui videra la cartouche d'encre lors de l'impression mais aussi les ignobles barres de chargement.
Most of the time, there is no authentication between services in a micro-services context. A controler must authenticate the user by his token, retreive needed informations and stops token propagation. Authentication between services is a must have. A service must know who is calling him. To do it, we need client authentication.
We saw previously that oauth2 servers (and open id connect as well) operates as
authentication servers for web applications.
We also saw that we can open a door with a token, using the standards. Just a little hack
around the response.
Now we will see if we can replace a Linux user management with an oauth2 server. All examples are made on a raspberry pi 2 running Raspbian.
We also add an authorization check using please-open.it authorization platform.
L'utilisation du protocole d'authentification "implicit flow" déconseillé par l'Internet Engineering Task Force (IETF) expose les utilisateurs à un vol de leurs données personnelles et éventuellement de leur session sur le site de pôle emploi. Par effet de bord, les données personnelles des candidats (Nom, Prénom, Adresse email, identifiant) sont transmises à des sociétés tierces privées
Is it really necessary to deploy big platforms with lot of custom code and pay for only a few devices pushing data ? This project is about a mini IOT platform directly in Libreoffice Calc (spreadsheet) consuming data from a MQTT topic, without writing any code.
During two years, I ignored warnings and articles from users that explains how Microsoft delete their data or broke drivers configuration during update. During two years, I had a great working tool with my laptop under Windows 10. Last Friday, it went bad...
As a DevOps, I love dashboards for Jenkins, my Azure platform status or some custom figures about running softwares. In an openspace, it is usrfull to have big screens showing those dashboards. Let's build a solution with a raspberry pi and a small custom software to control it.
On some softwares you can have more than 500 shortcuts. The use of a large number of
shortcuts leading inevitably to their complexification and makes them hard to remember for
users especially for casual users.
What if your smartphone can directly drive your computer software through these shortcuts ?
As a developer, I often use special characters such as [ and ], #, |, ` or \. All those specials characters are written with the "ALT GR" key (named "AltCar") on my keyboard. For a # you need both your two hands because the "3" key is far away from "AltGR". The idea is to control this key using my right feet.