A collection of authentication and authorization JavaScript artifacts for use with OpenAM
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
ExternalJWTVerifier.groovy
OAuth2Validator.js
PATSValidator.js
README.md
ResponsiveContextCheck.js
authenticationPasswordUpdate.js
create-and-add-self-signed-cert-to-am-keystore.sh
get-oauth2-access-token.sh
stress-test-am.sh

README.md

ForgeRock OpenAM/Access Management Scripted authentication and authorization artifacts

authenticationPasswordUpdate.js
Captures the submitted password from the sharedState object and stores against the users DJ profile - useful when migrating users from existing stores and then using the Dynamic Profile creation option in OpenAM

ExternalJWTVerifier.groovy
Scripted policy condition used to check the HMAC signature on an externally generated JWT

PATSValidator.js
Scripted policy condition used to check the submitted Personal Access Tokens

OAuth2Validator.js
Scripted policy condition, that allows PDP decisions to be made against an AM issued OAuth2 access_token

ResponsiveContextCheck.js
Scripted policy condition, that compares previously stored context to the current access request.

stress-test-am.sh
Basic bash script to perform configurable number of authentication, failed authentication, OAuth2 grants etc to generate monitoring stats for Grafana et al.

create-and-add-self-signed-cert-to-am-keystore
Basic script to create a 2048 bit RSA private key for demo signing. Adds into the AM default keystore.jceks

get-oauth2-access-token.sh
Basic script for testing OAuth2 key rotation

Use as-is, no warranty.