https://blog.0xf4de.com/blog Offensive security, C2 infrastructure, shellcode, and lab builds from 0xf4de. en-us (Chad Wilson) (Chad Wilson) Wed, 20 Sep 2023 00:00:00 GMT https://blog.0xf4de.com/blog/authentik-sso-with-fastapi https://blog.0xf4de.com/blog/authentik-sso-with-fastapi Set up Authentik as a self-hosted SSO provider and wire it into the FastAPI todo app. We compare Authentik to Keycloak so you can pick the right tool for your setup. Wed, 20 Sep 2023 00:00:00 GMT (Chad Wilson) fastapiauthentikoauth2ssopythonsecurityhomelab https://blog.0xf4de.com/blog/keycloak-sso-with-fastapi https://blog.0xf4de.com/blog/keycloak-sso-with-fastapi Replace our homegrown JWT auth with Keycloak as a dedicated identity provider. We cover standing up Keycloak with Docker, configuring a realm and client, and wiring FastAPI to validate tokens issued by Keycloak. Fri, 15 Sep 2023 00:00:00 GMT (Chad Wilson) fastapikeycloakoauth2ssopythonsecurity https://blog.0xf4de.com/blog/fastapi-security https://blog.0xf4de.com/blog/fastapi-security Add real authentication to the FastAPI todo API using OAuth2 password flow and JWT tokens. We cover password hashing, token issuance, protected routes, and the honest tradeoffs you need to understand before shipping this. Sun, 12 Mar 2023 00:00:00 GMT (Chad Wilson) fastapijwtoauth2pythonsecurity