Coder Social home page Coder Social logo

p08dev / keycloak-hcaptcha Goto Github PK

View Code? Open in Web Editor NEW
18.0 1.0 5.0 1.49 MB

Keycloak deployment that provides similar functionality to Google reCaptcha, but with a more privacy friendly provider named hCaptcha.

License: MIT License

Java 100.00%
keycloak captcha keycloak-extension hcaptcha

keycloak-hcaptcha's Issues

How to integrate this captcha in keycloak with quarkus?

Hi!

I tried to install this provider in my keycloak 23.0.4.
And i did not find the files register-user-profile.ftl and register.ftl because the theme-folder is empty...

It looks, that the quarkus-distribution does something other than the old wildfly one.

How can i modify my keycloak to get the captcha shown?

Error on submit: java.lang.NoSuchMethodError: org.keycloak.http.HttpRequest.getDecodedFormParameters()

Hey,
just as a heads-up, right now, the following error appears on the registration form submit for the latest Keycloak version:

keycloak_1  | 2023-11-02 21:24:52,223 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-67) Uncaught server error: java.lang.NoSuchMethodError: 'javax.ws.rs.core.MultivaluedMap org.keycloak.http.HttpRequest.getDecodedFormParameters()'
keycloak_1  |   at de.itrupp.p8.keycloak.authenticator.RegistrationhCaptcha.validate(RegistrationhCaptcha.java:129)
keycloak_1  |   at org.keycloak.authentication.FormAuthenticationFlow.processAction(FormAuthenticationFlow.java:215)
keycloak_1  |   at org.keycloak.authentication.DefaultAuthenticationFlow.processAction(DefaultAuthenticationFlow.java:133)
keycloak_1  |   at org.keycloak.authentication.AuthenticationProcessor.authenticationAction(AuthenticationProcessor.java:986)
keycloak_1  |   at org.keycloak.services.resources.LoginActionsService.processFlow(LoginActionsService.java:378)
keycloak_1  |   at org.keycloak.services.resources.LoginActionsService.processRegistration(LoginActionsService.java:722)
keycloak_1  |   at org.keycloak.services.resources.LoginActionsService.registerRequest(LoginActionsService.java:778)
keycloak_1  |   at org.keycloak.services.resources.LoginActionsService.processRegister(LoginActionsService.java:756)
keycloak_1  |   at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
keycloak_1  |   at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
keycloak_1  |   at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
keycloak_1  |   at java.base/java.lang.reflect.Method.invoke(Method.java:568)
keycloak_1  |   at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:154)
keycloak_1  |   at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:118)
keycloak_1  |   at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:560)
keycloak_1  |   at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:452)
keycloak_1  |   at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$2(ResourceMethodInvoker.java:413)
keycloak_1  |   at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:321)
keycloak_1  |   at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:415)
keycloak_1  |   at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:378)
keycloak_1  |   at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:174)
keycloak_1  |   at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:131)
keycloak_1  |   at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:33)
keycloak_1  |   at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:429)
keycloak_1  |   at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:240)
keycloak_1  |   at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:154)
keycloak_1  |   at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:321)
keycloak_1  |   at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:157)
keycloak_1  |   at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:229)
keycloak_1  |   at io.quarkus.resteasy.runtime.standalone.RequestDispatcher.service(RequestDispatcher.java:82)
keycloak_1  |   at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.dispatch(VertxRequestHandler.java:147)
keycloak_1  |   at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:84)
keycloak_1  |   at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:44)
keycloak_1  |   at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284)
keycloak_1  |   at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:177)
keycloak_1  |   at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:141)
keycloak_1  |   at io.quarkus.vertx.http.runtime.options.HttpServerCommonHandlers$1.handle(HttpServerCommonHandlers.java:58)
keycloak_1  |   at io.quarkus.vertx.http.runtime.options.HttpServerCommonHandlers$1.handle(HttpServerCommonHandlers.java:36)
keycloak_1  |   at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284)
keycloak_1  |   at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:177)
keycloak_1  |   at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:141)
keycloak_1  |   at org.keycloak.quarkus.runtime.integration.web.QuarkusRequestFilter.lambda$createBlockingHandler$0(QuarkusRequestFilter.java:82)
keycloak_1  |   at io.quarkus.vertx.core.runtime.VertxCoreRecorder$14.runWith(VertxCoreRecorder.java:576)
keycloak_1  |   at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2513)
keycloak_1  |   at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1538)
keycloak_1  |   at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29)
keycloak_1  |   at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29)
keycloak_1  |   at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
keycloak_1  |   at java.base/java.lang.Thread.run(Thread.java:833)

I am looking for a fix.

X-FRAME-OPTIONS shouldn't be needed

Only adding hcaptcha.com to Content-Security-Policy > frame-src should be enough to allow hCaptcha being loaded inside an iframe.

From my understanding, adding hcaptcha.com to X-Frame-Options allows hcaptcha.com to load YOUR Keycloak page in their website inside an iframe. (X-Frame-Options as a fall-back for frame-ancestors in very old browsers)

See Mozilla:

Sites can use this [X-Frame-Options] [...] ensuring that their content is not embedded into other sites.

New Release?

Hey, any chance this is getting a new release any time soon?

I packaged this for Archlinux yesterday to fight the spam we are getting in our gitlab instance (via keycloak) and the package currently builds off the master branch.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.