Keycloak Login Recaptcha

Last update: Jun 4, 2022

Related tags

Overview

Keycloak Login Recaptcha

Keycloak supports the recaptcha in the registration flow but not in the login flow at this time. That's why this repository implements the conditional recaptcha execution for the login flow. The conditional recaptcha means that if the anyone tries to log-in already registered user with fault password, recaptcha being showed. Max Login Failures(How many failures before the reCaptcha showed) is configurable. To accomplish it, i extended the UsernamePasswordForm built-in keycloak execution.

Build With & Deploy To Keycloak

This extension uses the gradle to compilation. To compile, navigate to repository and run below statement;

./gradlew clean assemble Not: The output is located as build/libs/recaptcha-authenticator-1.0.jar
Copy output jar to keycloak's deployment folder for hot deployment.

Keycloak Configuration With Admin Console

There are some changes should be done in the theme. Assuming that you don't have any custom theme (using keycloak theme) you might edit the base theme (recommendation is creating your own theme). We have already modified login.ftl file. You can directly copy and overwrite to path keycloak/themes/base/login/login.ftl or if any custom theme was used, take the diff with login.ftl file with keycloak/themes/base/login/login.ftl and then apply the changes to your custom login.ftl.
Configure your login flow as below;
Add config to the Recaptcha execution by clicking the Actions -> Config

Max Login Failures: How many failures before the reCaptcha showed.
Recaptcha Site Key: Google Recaptcha Site Key
Recaptcha Secret: Google Recaptcha Secret

Navigate to Realm Settings->Security Defenses. Set X-Frame-Options as ALLOW-FROM https://www.google.com and Content-Security-Policy as frame-src 'self' https://www.google.com; frame-ancestors 'self'; object-src 'none';
Enabled the brute force attack. For detail. If you already did that, no action needed.

Usage

There might be situations that requires to ask recaptcha if any account log-in attempt failed like blocking to the attacker to guess that account password with bot.

Acknowledgments

raptor-group repository was help me to came up here. If no condition needed you can use it as well.

Google Oauth2 login scenario with Spring boot + React

spring-react-google-oauth2 Google Oauth2 login scenario with Spring boot + React Below diagram is based on oauth implicit flow. Result How to start Pr

Nov 24, 2022

The in-game login system for Grasscutter is based on oauth and GCAuth.

GCAuth OAuth The in-game login system for Grasscutter is based on oauth and GCAuth. Current Features: Use Twitter oauth to login Custom pages Importan

Aug 3, 2022

In the application, users should be able to register, login and create/update/delete their own to-do lists.

Mini TO-DO app About the project Todoist In the application, users should be able to register, login and create/update/delete their own to-do lists. Y

Nov 22, 2022

Plugin for keycloak that serves as an event listener, displaying user information in the log when there are registration and login events

Keycloak - Event listener Details Plugin for keycloak that serves as an event listener, displaying user information in the log when there are registra

Jan 14, 2022

Spring Boot Login and Registration example with MySQL, JWT, Rest Api - Spring Boot Spring Security Login example

Spring Boot Login example with Spring Security, MySQL and JWT Appropriate Flow for User Login and Registration with JWT Spring Boot Rest Api Architect

Jan 5, 2023

A template project for Keycloak Customizations

Keycloak Project Example Introduction This repository contains a project setup for keycloak based projects. This setup serves as a starting point to s

Jan 4, 2023

Keycloak: Home IdP Discovery - discover home identity provider or realm by email domain

Keycloak: Home IdP Discovery This is a simple Keycloak authenticator to redirect users to their home identity provider during login. What is it good f

Dec 19, 2022

Demo microservice architecture with Spring ,Spring Cloud Gateway , Spring Cloud config server , Eureuka , keycloak and Docker.

spring-microservice Demo microservice architecture with Spring ,Spring Cloud Gateway , Spring Cloud config server , Eureuka , keycloak and Docker. Arc

Sep 13, 2022

Keycloak - an Open Source Identity and Access Management tool

Keycloak is an Open Source Identity and Access Management tool. You can use it to add authentication to applications and secure services with minimum effort. No need to deal with storing users or authenticating users.

Sep 20, 2022

Output Keycloak Events and Admin Events to a Kafka topic.

keycloak-kafka-eventlistener Output Keycloak Events and Admin Events to a Kafka topic. Based on Keycloak 15.0.2+ / RH-SSO 7.5.0+ How to use the plugin

Oct 10, 2022

An extension for Keycloak, that enables web-based sign in with Apple and token exchange

Apple Identity Provider for Keycloak 🍎 This repository represents an extension for Keycloak, which enables Sign in with Apple for web-based applicati

Dec 29, 2022

Custom Keycloak.X Server Distribution with selective features

Custom Keycloak Server Simple example for creating a custom Quarkus based Keycloak Distribution with 0 known CVEs. Features Create a custom Quarkus ba

Oct 19, 2022

This is a small library written in Java for minecraft login.

minecraft-auth-library This is a small library written in Java for minecraft login. Usage: Login with microsoft MinecraftAuthenticator minecraftAuthen

Feb 5, 2022

Spring Boot & MongoDB Login and Registration example with JWT, Spring Security, Spring Data MongoDB

Spring Boot Login and Registration example with MongoDB Build a Spring Boot Auth with HttpOnly Cookie, JWT, Spring Security and Spring Data MongoDB. Y

Dec 30, 2022

Login form with Godsteam layout in Java only.

Android Login Form in Java with Godsteam layout Login form with Godsteam layout in Java only. There is no PHP and menu source, you must implement them

Oct 8, 2022

Spring Boot Simple Login & Registration + MyBatis + MySQL

springboot-mybatis-security-login-register A simple security login & registration module using Spring Boot, Spring Security, MyBatis Framework and MyS

May 31, 2022

Spring Boot Security Login example with JWT and H2 example

Spring Boot Security Login example with JWT and H2 example Appropriate Flow for User Login and Registration with JWT and HttpOnly Cookie Spring Boot R

Dec 21, 2022

The in-game login system for Grasscutter is based on oauth and GCAuth.

GCAuth OAuth The in-game login system for Grasscutter is based on oauth and GCAuth. Current Features: Use Twitter oauth to login Custom pages Importan

Nov 14, 2022

Spring boot application for video streaming with complete signup and login build with mongodb

PORT user-service : 8000 eureka-server : 8761 video-service : 8001 api-gateway : 5000 Api-Gateway endpoints request-type body Header sign-up localhost

Jun 27, 2022