Work · Mr. Buch

Table of Contents

Projects I’ve built or contributed to. Mostly scratching my own itches — tools I needed that didn’t exist, or existing ones I wanted to improve.

Keycloak extensions
#

Standard Keycloak SPIs — drop the JAR in, configure, done.

Bot and brute-force protection
#

Mr Buch / Keycloak / Keycloak PoW

Adds proof-of-work challenges to Keycloak login, registration, and password-reset flows. Uses Argon2 or SHA-256 with IP-adaptive difficulty. Three-layer defense: honeypot detection, solve-time validation, and nonce replay prevention.

Read the writeup →

Per-client webhooks
#

Mr Buch / Keycloak / Keycloak Client Webhook

POSTs Keycloak user events to your backend on a per-client basis — no polling, no database queries. Supports registration, login, logout, password reset, and more. Runs async so Keycloak never blocks on your endpoint.

Read the writeup →

Disposable email blocking
#

Mr Buch / Keycloak / Keycloak Block Disposable Email

Blocks disposable and throwaway email addresses at Keycloak registration. Checks against a maintained provider list and rejects before the account is created.

Keycloak extensions#

Bot and brute-force protection#

Per-client webhooks#

Disposable email blocking#

Keycloak extensions
#

Bot and brute-force protection
#

Per-client webhooks
#

Disposable email blocking
#