# Script pour recuperer ou generer le secret du client btpxpress-frontend $KEYCLOAK_URL = "https://security.lions.dev" $REALM = "btpxpress" $CLIENT_ID = "btpxpress-frontend" Write-Host "Recuperation du secret pour $CLIENT_ID..." -ForegroundColor Yellow # Obtenir le token $body = @{ grant_type = "password" client_id = "admin-cli" username = "admin" password = "KeycloakAdmin2025!" } $tokenResponse = Invoke-RestMethod -Uri "$KEYCLOAK_URL/realms/master/protocol/openid-connect/token" -Method Post -ContentType "application/x-www-form-urlencoded" -Body $body $token = $tokenResponse.access_token $headers = @{ Authorization = "Bearer $token" "Content-Type" = "application/json" } # Recuperer le client $clients = Invoke-RestMethod -Uri "$KEYCLOAK_URL/admin/realms/$REALM/clients" -Method Get -Headers $headers $client = $clients | Where-Object { $_.clientId -eq $CLIENT_ID } Write-Host "" Write-Host "Configuration actuelle:" -ForegroundColor Cyan Write-Host " Client ID: $($client.clientId)" -ForegroundColor White Write-Host " Type: $(if ($client.publicClient) { 'Public' } else { 'Confidential' })" -ForegroundColor White # Verifier si le client est public if ($client.publicClient) { Write-Host "" Write-Host "Le client est actuellement PUBLIC. Conversion en CONFIDENTIAL..." -ForegroundColor Yellow # Convertir en confidential $client.publicClient = $false $client.serviceAccountsEnabled = $true $body = $client | ConvertTo-Json -Depth 10 try { Invoke-RestMethod -Uri "$KEYCLOAK_URL/admin/realms/$REALM/clients/$($client.id)" ` -Method Put ` -Headers $headers ` -Body $body | Out-Null Write-Host "Client converti en CONFIDENTIAL" -ForegroundColor Green } catch { Write-Host "Erreur lors de la conversion: $_" -ForegroundColor Red exit 1 } } # Recuperer le secret du client Write-Host "" Write-Host "Recuperation du secret..." -ForegroundColor Yellow try { $secretResponse = Invoke-RestMethod -Uri "$KEYCLOAK_URL/admin/realms/$REALM/clients/$($client.id)/client-secret" ` -Method Get ` -Headers $headers $clientSecret = $secretResponse.value Write-Host "" Write-Host "========================================" -ForegroundColor Green Write-Host "CLIENT SECRET RECUPERE!" -ForegroundColor Green Write-Host "========================================" -ForegroundColor Green Write-Host "" Write-Host "Client ID: $CLIENT_ID" -ForegroundColor Cyan Write-Host "Client Secret: $clientSecret" -ForegroundColor Yellow Write-Host "" Write-Host "Ajoutez cette ligne dans application.properties:" -ForegroundColor Cyan Write-Host "quarkus.oidc.credentials.secret=$clientSecret" -ForegroundColor White Write-Host "" } catch { Write-Host "Erreur lors de la recuperation du secret: $_" -ForegroundColor Red Write-Host "Le secret n'existe peut-etre pas. Generation d'un nouveau secret..." -ForegroundColor Yellow try { $newSecretResponse = Invoke-RestMethod -Uri "$KEYCLOAK_URL/admin/realms/$REALM/clients/$($client.id)/client-secret" ` -Method Post ` -Headers $headers $clientSecret = $newSecretResponse.value Write-Host "" Write-Host "========================================" -ForegroundColor Green Write-Host "NOUVEAU CLIENT SECRET GENERE!" -ForegroundColor Green Write-Host "========================================" -ForegroundColor Green Write-Host "" Write-Host "Client ID: $CLIENT_ID" -ForegroundColor Cyan Write-Host "Client Secret: $clientSecret" -ForegroundColor Yellow Write-Host "" Write-Host "Ajoutez cette ligne dans application.properties:" -ForegroundColor Cyan Write-Host "quarkus.oidc.credentials.secret=$clientSecret" -ForegroundColor White Write-Host "" } catch { Write-Host "Erreur lors de la generation du secret: $_" -ForegroundColor Red } }