Migration complète vers PrimeFaces Freya - Corrections des incompatibilités et intégration de primefaces-freya-extension

configure-keycloak-test-user.ps1

@@ -0,0 +1,179 @@
+# Script PowerShell de configuration Keycloak - Utilisateur de test
+# Utilise l'API Admin REST de Keycloak pour créer l'utilisateur et les rôles
+
+$KEYCLOAK_URL = "http://localhost:8180"
+$ADMIN_USER = "admin"
+$ADMIN_PASSWORD = "admin"
+$REALM = "lions-user-manager"
+$TEST_USER = "test-user"
+$TEST_PASSWORD = "test123"
+$TEST_EMAIL = "test@lions.dev"
+
+Write-Host "==========================================" -ForegroundColor Cyan
+Write-Host "Configuration Keycloak - Utilisateur Test" -ForegroundColor Cyan
+Write-Host "==========================================" -ForegroundColor Cyan
+Write-Host ""
+
+# 1. Obtenir le token d'administration
+Write-Host "1. Authentification admin..." -ForegroundColor Yellow
+$tokenParams = "username=$ADMIN_USER&password=$ADMIN_PASSWORD&grant_type=password&client_id=admin-cli"
+$tokenResponse = Invoke-RestMethod -Uri "$KEYCLOAK_URL/realms/master/protocol/openid-connect/token" -Method Post -ContentType "application/x-www-form-urlencoded" -Body $tokenParams
+
+$ACCESS_TOKEN = $tokenResponse.access_token
+
+if (-not $ACCESS_TOKEN) {
+    Write-Host "ERREUR: Impossible d'obtenir le token d'administration" -ForegroundColor Red
+    exit 1
+}
+
+Write-Host "✓ Token obtenu" -ForegroundColor Green
+Write-Host ""
+
+# 2. Vérifier/Créer le realm
+Write-Host "2. Vérification du realm '$REALM'..." -ForegroundColor Yellow
+$headers = @{Authorization = "Bearer $ACCESS_TOKEN"}
+try {
+    $realmCheck = Invoke-RestMethod -Uri "$KEYCLOAK_URL/admin/realms/$REALM" -Method Get -Headers $headers -ErrorAction Stop
+    Write-Host "✓ Realm existe déjà" -ForegroundColor Green
+} catch {
+    Write-Host "Création du realm '$REALM'..." -ForegroundColor Yellow
+    $realmBody = @{
+        realm = $REALM
+        enabled = $true
+    } | ConvertTo-Json
+    
+    $headersWithContent = @{Authorization = "Bearer $ACCESS_TOKEN"; "Content-Type" = "application/json"}
+    Invoke-RestMethod -Uri "$KEYCLOAK_URL/admin/realms" -Method Post -Headers $headersWithContent -Body $realmBody | Out-Null
+    Write-Host "✓ Realm créé" -ForegroundColor Green
+}
+Write-Host ""
+
+# 3. Créer les rôles realm
+Write-Host "3. Création des rôles realm..." -ForegroundColor Yellow
+$ROLES = @("admin", "user_manager", "user_viewer", "role_manager", "role_viewer", "auditor", "sync_manager")
+
+foreach ($ROLE in $ROLES) {
+    Write-Host "  - Vérification du rôle '$ROLE'..." -ForegroundColor Gray
+    try {
+        $roleCheck = Invoke-RestMethod -Uri "$KEYCLOAK_URL/admin/realms/$REALM/roles/$ROLE" -Method Get -Headers $headers -ErrorAction Stop
+        Write-Host "    ✓ Rôle '$ROLE' existe déjà" -ForegroundColor Green
+    } catch {
+        $roleBody = @{
+            name = $ROLE
+            description = "Rôle $ROLE pour lions-user-manager"
+        } | ConvertTo-Json
+        
+        $headersWithContent = @{Authorization = "Bearer $ACCESS_TOKEN"; "Content-Type" = "application/json"}
+        Invoke-RestMethod -Uri "$KEYCLOAK_URL/admin/realms/$REALM/roles" -Method Post -Headers $headersWithContent -Body $roleBody | Out-Null
+        Write-Host "    ✓ Rôle '$ROLE' créé" -ForegroundColor Green
+    }
+}
+Write-Host ""
+
+# 4. Créer l'utilisateur de test
+Write-Host "4. Création de l'utilisateur '$TEST_USER'..." -ForegroundColor Yellow
+$users = $null
+try {
+    $users = Invoke-RestMethod -Uri "$KEYCLOAK_URL/admin/realms/$REALM/users?username=$TEST_USER" -Method Get -Headers $headers -ErrorAction Stop
+} catch {
+    $users = $null
+}
+
+if ($users -and $users.Count -gt 0) {
+    $USER_ID = $users[0].id
+    Write-Host "  ✓ Utilisateur existe déjà (ID: $USER_ID)" -ForegroundColor Green
+} else {
+    $userBody = @{
+        username = $TEST_USER
+        email = $TEST_EMAIL
+        firstName = "Test"
+        lastName = "User"
+        enabled = $true
+        emailVerified = $true
+    } | ConvertTo-Json
+    
+    $headersWithContent = @{Authorization = "Bearer $ACCESS_TOKEN"; "Content-Type" = "application/json"}
+    Invoke-RestMethod -Uri "$KEYCLOAK_URL/admin/realms/$REALM/users" -Method Post -Headers $headersWithContent -Body $userBody | Out-Null
+    
+    $users = Invoke-RestMethod -Uri "$KEYCLOAK_URL/admin/realms/$REALM/users?username=$TEST_USER" -Method Get -Headers $headers
+    $USER_ID = $users[0].id
+    
+    Write-Host "  ✓ Utilisateur créé (ID: $USER_ID)" -ForegroundColor Green
+    
+    $passwordBody = @{
+        type = "password"
+        value = $TEST_PASSWORD
+        temporary = $false
+    } | ConvertTo-Json
+    
+    Invoke-RestMethod -Uri "$KEYCLOAK_URL/admin/realms/$REALM/users/$USER_ID/reset-password" -Method Put -Headers $headersWithContent -Body $passwordBody | Out-Null
+    Write-Host "  ✓ Mot de passe défini" -ForegroundColor Green
+}
+Write-Host ""
+
+# 5. Assigner les rôles à l'utilisateur
+Write-Host "5. Attribution des rôles à l'utilisateur..." -ForegroundColor Yellow
+
+$roleRepresentations = @()
+foreach ($ROLE in $ROLES) {
+    $roleRep = Invoke-RestMethod -Uri "$KEYCLOAK_URL/admin/realms/$REALM/roles/$ROLE" -Method Get -Headers $headers
+    $roleRepresentations += $roleRep
+}
+
+$headersWithContent = @{Authorization = "Bearer $ACCESS_TOKEN"; "Content-Type" = "application/json"}
+Invoke-RestMethod -Uri "$KEYCLOAK_URL/admin/realms/$REALM/users/$USER_ID/role-mappings/realm" -Method Post -Headers $headersWithContent -Body ($roleRepresentations | ConvertTo-Json) | Out-Null
+
+Write-Host "  ✓ Rôles assignés" -ForegroundColor Green
+Write-Host ""
+
+# 6. Vérifier le client et le mapper de rôles
+Write-Host "6. Vérification du client 'lions-user-manager-client'..." -ForegroundColor Yellow
+try {
+    $clients = Invoke-RestMethod -Uri "$KEYCLOAK_URL/admin/realms/$REALM/clients?clientId=lions-user-manager-client" -Method Get -Headers $headers
+    
+    if ($clients.Count -gt 0) {
+        $CLIENT_ID = $clients[0].id
+        Write-Host "  ✓ Client trouvé (ID: $CLIENT_ID)" -ForegroundColor Green
+        
+        $mappers = Invoke-RestMethod -Uri "$KEYCLOAK_URL/admin/realms/$REALM/clients/$CLIENT_ID/protocol-mappers/models" -Method Get -Headers $headers
+        $mapperExists = $mappers | Where-Object { $_.name -eq "realm roles" }
+        
+        if (-not $mapperExists) {
+            Write-Host "  Création du mapper 'realm roles'..." -ForegroundColor Yellow
+            $mapperBody = @{
+                name = "realm roles"
+                protocol = "openid-connect"
+                protocolMapper = "oidc-usermodel-realm-role-mapper"
+                config = @{
+                    "claim.name" = "realm_access.roles"
+                    "access.token.claim" = "true"
+                    "id.token.claim" = "true"
+                    "userinfo.token.claim" = "true"
+                }
+            } | ConvertTo-Json -Depth 10
+            
+            Invoke-RestMethod -Uri "$KEYCLOAK_URL/admin/realms/$REALM/clients/$CLIENT_ID/protocol-mappers/models" -Method Post -Headers $headersWithContent -Body $mapperBody | Out-Null
+            Write-Host "  ✓ Mapper créé" -ForegroundColor Green
+        } else {
+            Write-Host "  ✓ Mapper existe déjà" -ForegroundColor Green
+        }
+    } else {
+        Write-Host "  ⚠ Client 'lions-user-manager-client' non trouvé" -ForegroundColor Yellow
+        Write-Host "  Veuillez créer le client manuellement dans Keycloak" -ForegroundColor Yellow
+    }
+} catch {
+    Write-Host "  ⚠ Erreur lors de la vérification du client: $_" -ForegroundColor Yellow
+}
+Write-Host ""
+
+Write-Host "==========================================" -ForegroundColor Cyan
+Write-Host "Configuration terminée !" -ForegroundColor Green
+Write-Host "==========================================" -ForegroundColor Cyan
+Write-Host ""
+Write-Host "Informations de connexion:" -ForegroundColor Yellow
+Write-Host "  Username: $TEST_USER"
+Write-Host "  Password: $TEST_PASSWORD"
+Write-Host "  Email: $TEST_EMAIL"
+Write-Host ""
+Write-Host "Rôles assignés: $($ROLES -join ', ')" -ForegroundColor Yellow
+Write-Host ""