-
Notifications
You must be signed in to change notification settings - Fork 4
feat(auth): add authentification with keycloak #50
Conversation
@revolunet J'ai fait une PR sur |
Oui je pense qu'on peut faire une branche keycloak pour l'instant |
|
GitGuardian id | Secret | Commit | Filename | |
---|---|---|---|---|
3178153 | Generic High Entropy Secret | b0f9761 | .env.development | View secret |
3178153 | Generic High Entropy Secret | 6f0625b | .env.development | View secret |
3178153 | Generic High Entropy Secret | ecdcd12 | .env.development | View secret |
3178153 | Generic High Entropy Secret | 55d8a90 | .env.development | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secrets safely. Learn here the best practices.
- Revoke and rotate these secrets.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
Our GitHub checks need improvements? Share your feedbacks!
|
GitGuardian id | Secret | Commit | Filename | |
---|---|---|---|---|
3178153 | Generic High Entropy Secret | b0f9761 | .env.development | View secret |
3178153 | Generic High Entropy Secret | 6f0625b | .env.development | View secret |
3178153 | Generic High Entropy Secret | ecdcd12 | .env.development | View secret |
3178153 | Generic High Entropy Secret | 55d8a90 | .env.development | View secret |
3178153 | Generic High Entropy Secret | bc39902 | .env.development | View secret |
3356537 | Generic High Entropy Secret | 65df1ed | .kube-workflow/templates/realm.configmap.yaml | View secret |
3356537 | Generic High Entropy Secret | 15a0502 | config/keycloak/realm.json | View secret |
3356537 | Generic High Entropy Secret | eb30d43 | config/realm-export.json | View secret |
3356537 | Generic High Entropy Secret | 70a2cfe | .kube-workflow/templates/realm.configmap.yaml | View secret |
3178153 | Generic High Entropy Secret | 2b87cf4 | .env.development | View secret |
3178153 | Generic High Entropy Secret | 0fca6ea | .env.development | View secret |
3178153 | Generic High Entropy Secret | 0fca6ea | .env.development | View secret |
3178153 | Generic High Entropy Secret | cd67c69 | .env.development | View secret |
3513932 | Generic High Entropy Secret | cd67c69 | .env.development | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secrets safely. Learn here the best practices.
- Revoke and rotate these secrets.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
Our GitHub checks need improvements? Share your feedbacks!
Co-authored-by: Julien Bouquillon <julien.bouquillon@sg.social.gouv.fr>
Co-authored-by: Julien Bouquillon <julien.bouquillon@sg.social.gouv.fr>
Please retry analysis of this Pull-Request directly on SonarCloud. |
Co-authored-by: Julien Bouquillon <julien.bouquillon@sg.social.gouv.fr>
Co-authored-by: Julien Bouquillon <julien.bouquillon@sg.social.gouv.fr>
On en a besoin au niveau du build, car celui-ci est utilisé pour générer le bon |
Co-authored-by: Julien Bouquillon <julien.bouquillon@sg.social.gouv.fr>
Merci pour les retours @revolunet. C'est réglé ;) |
* docker-compose: use keycloak 18 * feat: use kontinuous deployments * fix: fix logout flow * fix: realm export * fix: weborigins * fix: use secure password and prevent bruteforce * fix: FC secrets * fix: add NEXT_PUBLIC_APP_VERSION_COMMIT and NEXT_PUBLIC_IS_PRODUCTION_DEPLOYMENT * ci: add ks-review-deactivate * fix: dummy * fix: realm * docs * Update CODEOWNERS * fix: secrets * fix: log KC events * docs * fix: prod build args * fix: deactivate * fix: dummy
Socket Security Report📜 New install scripts detectedA dependency change in this PR is introducing new install scripts to your install step.
Socket.dev scan summary
Powered by socket.dev |
Kudos, SonarCloud Quality Gate passed!
|
🎉 Deployment for commit 0f8453d : IngressesDocker images
|
fix SocialGouv/support#185
DONE :
withAuth
qui verifie si le client est connecté côté server side propsnext-auth
au lieu dereact-keycloak
kube-workflow
pour l'appkube-workflow
pour keycloakmain
etstatic