search

keycloak / keycloak-benchmark

Keycloak Benchmark
https://www.keycloak.org/keycloak-benchmark/
Apache License 2.0
127 stars 70 forks source link

Added dataset options for setting password hashing algorithm and iterations. #778

Closed tkyjovsk closed 4 months ago

tkyjovsk commented 4 months ago

Added options -g ALGORITHM and -i ITERATIONS to the dataset-import.sh script for adjusting the realm password policy. Both are optional. The DatasetResourceProvider will only apply the options which were provided.

kami619 commented 4 months ago

@tkyjovsk thanks a lot for adding this back in a proper way. I think we have to update the docs.

Ref., from last time when we modified them - https://github.com/keycloak/keycloak-benchmark/pull/751/files#diff-cdf53b413cfe9e2a53e09baeed0645f6744d883049fb1f458d6d8e4155921496L34

kami619 commented 4 months ago

@tkyjovsk I am going to add the docs and test it.

kami619 commented 4 months ago

Tested with different hashing algorithm values and iterations that are set for KC22, KC24, KC25 and users are created as expected in the specific realms.

> ./dataset-import.sh -a create-realms -r 1 -g argon2 -i 10 -c 100 -u 200 -l https://client.gh-keycloak-a-gh-keycloak-b-xxxxx.keycloak-benchmark.com/realms/master/dataset
Action: [create-realms]
Creating 1 realms with 100 clients and 200 users with 10 password-hashing iterations using the argon2 algorithm.
{"status":"Task started successfully","task":{"startTimeMs":"1713533453546","message":"Creation of 1 realms from realm-0 to realm-0"},"task-status-url":"https://client.gh-keycloak-a-gh-keycloak-b-xxxxx.keycloak-benchmark.com/realms/master/dataset/status"}
> ./dataset-import.sh -a create-realms -r 1 -g pbkdf2-sha512 -i 210000 -c 100 -u 200 -l https://client.gh-keycloak-a-gh-keycloak-b-xxxx.keycloak-benchmark.com/realms/master/dataset
Action: [create-realms]
Creating 1 realms with 100 clients and 200 users with 210000 password-hashing iterations using the pbkdf2-sha512 algorithm.
{"status":"Task started successfully","task":{"startTimeMs":"1713534853780","message":"Creation of 1 realms from realm-1 to realm-1"},"task-status-url":"https://client.gh-keycloak-a-gh-keycloak-b-xxxxx.keycloak-benchmark.com/realms/master/dataset/status"}
> ./dataset-import.sh -a create-realms -r 1 -g pbkdf2-sha256 -i 210000 -c 100 -u 200 -l https://client.gh-keycloak-a-gh-keycloak-b-xxxxx.keycloak-benchmark.com/realms/master/dataset
Action: [create-realms]
Creating 1 realms with 100 clients and 200 users with 210000 password-hashing iterations using the pbkdf2-sha256 algorithm.
{"status":"Task started successfully","task":{"startTimeMs":"1713535141813","message":"Creation of 1 realms from realm-2 to realm-2"},"task-status-url":"https://client.gh-keycloak-a-gh-keycloak-b-xxxx.keycloak-benchmark.com/realms/master/dataset/status"}