iteratec / kcwarden

Keycloak Configuration Auditor
https://iteratec.github.io/kcwarden/
Apache License 2.0
11 stars 0 forks source link

New check: Detect Keycloak extensions (SPIs) #28

Open malexmave opened 1 month ago

malexmave commented 1 month ago

Can we somehow detect if any non-standard Keycloak extensions (SPIs) are enabled?

malexmave commented 1 month ago

Not present in the default config dump we are pulling right now, would likely require accessing the serverinfo endpoint at /auth/admin/serverinfo, and then traversing the resulting JSON and potentially matching it against different reference responses from different Keycloak versions. Would require a larger refactoring to include the additional information in the dump and as a CLI input.