A minimal fork of Keycloak BCrypt to also support passwords hashed with SHA-1 (in addition to BCrypt)
Add a password hash provider to handle BCrypt passwords inside Keycloak. Add a password hash provider to handle SHA-1 passwords inside Keycloak.
./gradlew assemble -Pdependency.keycloak.version=${KEYCLOAK_VERSION}
docker build \
--build-arg keycloak_version=${KEYCLOAK_VERSION} \
-t ghcr.io/jcschaff/keycloak-sha1 \
.
docker-compose up -d
curl -L https://github.com/jcschaff/keycloak-sha1/releases/download/${KEYCLOAK_SHA1_VERSION}/keycloak-sha1-${KEYCLOAK_SHA1_VERSION}.jar > ${KEYCLOAK_HOME}/providers/keycloak-sha1-${KEYCLOAK_SHA1_VERSION}.jar
You need to restart Keycloak.
curl -L https://github.com/jcschaff/keycloak-sha1/releases/download/${KEYCLOAK_SHA1_VERSION}/keycloak-sha1-${KEYCLOAK_SHA1_VERSION}.jar > ${KEYCLOAK_HOME}/standalone/deployments/keycloak-sha1-${KEYCLOAK_SHA1
_VERSION}.jar
You need to restart Keycloak.
docker run \
-e KEYCLOAK_ADMIN=${KEYCLOAK_ADMIN} \
-e KEYCLOAK_ADMIN_PASSWORD=${KEYCLOAK_ADMIN_PASSWORD} \
-e KC_HOSTNAME=${KC_HOSTNAME} \
ghcr.io/jcschaff/keycloak-sha1 \
start
The image is based on Keycloak official one.
Go to Authentication
/ Policies
/ Password policy
and add hashing algorithm policy with value bcrypt
.
Go to Authentication
/ Policies
/ Password policy
and add hashing algorithm policy with value sha1
.
To test if installation works, create new user and set its credentials.