A Keycloak module to assist storing data in a GDPR compliant way, using Crypto Shredding. It stores the users keys and encrypt/decrypt the data, so that cryptographic keys will never leave the system.
The module is currently a Proof-of-Concept and has not yet been tested in production use cases.
Prerequisites:
- JDK 11+
- Docker
Build and start:
# Start keycloak and MySQL database
docker-compose up -d
# Build the GDPR module
mvn clean package -DskipTests
# Copy the Build artifact into the Keycloak container
.bin/update-spi.shThe Keycloak server will now be available on http://localhost:8888. You can log into the Administration Console using “admin” as both username and password.
Copy the built artifact from ./deployment/target/gdpr-module-for-keycloak-${project.incremental.version}.ear into the directory ${keycloak.home}/standalone/deployments of a keycloak server.
NOTE: If the server is running during deployment you need to restart it!
For performance we're using (Gatling)[https://gatling.io/docs/current/quickstart/]:
(cd spi/ && ../mvnw gatling:test)
To debug the deployed module:
$ docker compose up
$ .bin/update-spi.shthen connect via Remote Debugging:
-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:9097