p08dev / keycloak-hcaptcha Goto Github PK
View Code? Open in Web Editor NEWKeycloak deployment that provides similar functionality to Google reCaptcha, but with a more privacy friendly provider named hCaptcha.
License: MIT License
Keycloak deployment that provides similar functionality to Google reCaptcha, but with a more privacy friendly provider named hCaptcha.
License: MIT License
Hey,
just as a heads-up, right now, the following error appears on the registration form submit for the latest Keycloak version:
keycloak_1 | 2023-11-02 21:24:52,223 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-67) Uncaught server error: java.lang.NoSuchMethodError: 'javax.ws.rs.core.MultivaluedMap org.keycloak.http.HttpRequest.getDecodedFormParameters()'
keycloak_1 | at de.itrupp.p8.keycloak.authenticator.RegistrationhCaptcha.validate(RegistrationhCaptcha.java:129)
keycloak_1 | at org.keycloak.authentication.FormAuthenticationFlow.processAction(FormAuthenticationFlow.java:215)
keycloak_1 | at org.keycloak.authentication.DefaultAuthenticationFlow.processAction(DefaultAuthenticationFlow.java:133)
keycloak_1 | at org.keycloak.authentication.AuthenticationProcessor.authenticationAction(AuthenticationProcessor.java:986)
keycloak_1 | at org.keycloak.services.resources.LoginActionsService.processFlow(LoginActionsService.java:378)
keycloak_1 | at org.keycloak.services.resources.LoginActionsService.processRegistration(LoginActionsService.java:722)
keycloak_1 | at org.keycloak.services.resources.LoginActionsService.registerRequest(LoginActionsService.java:778)
keycloak_1 | at org.keycloak.services.resources.LoginActionsService.processRegister(LoginActionsService.java:756)
keycloak_1 | at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
keycloak_1 | at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
keycloak_1 | at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
keycloak_1 | at java.base/java.lang.reflect.Method.invoke(Method.java:568)
keycloak_1 | at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:154)
keycloak_1 | at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:118)
keycloak_1 | at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:560)
keycloak_1 | at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:452)
keycloak_1 | at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$2(ResourceMethodInvoker.java:413)
keycloak_1 | at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:321)
keycloak_1 | at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:415)
keycloak_1 | at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:378)
keycloak_1 | at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:174)
keycloak_1 | at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:131)
keycloak_1 | at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:33)
keycloak_1 | at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:429)
keycloak_1 | at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:240)
keycloak_1 | at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:154)
keycloak_1 | at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:321)
keycloak_1 | at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:157)
keycloak_1 | at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:229)
keycloak_1 | at io.quarkus.resteasy.runtime.standalone.RequestDispatcher.service(RequestDispatcher.java:82)
keycloak_1 | at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.dispatch(VertxRequestHandler.java:147)
keycloak_1 | at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:84)
keycloak_1 | at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:44)
keycloak_1 | at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284)
keycloak_1 | at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:177)
keycloak_1 | at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:141)
keycloak_1 | at io.quarkus.vertx.http.runtime.options.HttpServerCommonHandlers$1.handle(HttpServerCommonHandlers.java:58)
keycloak_1 | at io.quarkus.vertx.http.runtime.options.HttpServerCommonHandlers$1.handle(HttpServerCommonHandlers.java:36)
keycloak_1 | at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284)
keycloak_1 | at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:177)
keycloak_1 | at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:141)
keycloak_1 | at org.keycloak.quarkus.runtime.integration.web.QuarkusRequestFilter.lambda$createBlockingHandler$0(QuarkusRequestFilter.java:82)
keycloak_1 | at io.quarkus.vertx.core.runtime.VertxCoreRecorder$14.runWith(VertxCoreRecorder.java:576)
keycloak_1 | at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2513)
keycloak_1 | at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1538)
keycloak_1 | at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29)
keycloak_1 | at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29)
keycloak_1 | at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
keycloak_1 | at java.base/java.lang.Thread.run(Thread.java:833)
I am looking for a fix.
Only adding hcaptcha.com to Content-Security-Policy > frame-src
should be enough to allow hCaptcha being loaded inside an iframe.
From my understanding, adding hcaptcha.com to X-Frame-Options
allows hcaptcha.com to load YOUR Keycloak page in their website inside an iframe. (X-Frame-Options as a fall-back for frame-ancestors
in very old browsers)
Sites can use this [X-Frame-Options] [...] ensuring that their content is not embedded into other sites.
Hey, any chance this is getting a new release any time soon?
I packaged this for Archlinux yesterday to fight the spam we are getting in our gitlab instance (via keycloak) and the package currently builds off the master
branch.
Hi!
I tried to install this provider in my keycloak 23.0.4.
And i did not find the files register-user-profile.ftl and register.ftl because the theme-folder is empty...
It looks, that the quarkus-distribution does something other than the old wildfly one.
How can i modify my keycloak to get the captcha shown?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.