Migration complète vers PrimeFaces Freya - Corrections des incompatibilités et intégration de primefaces-freya-extension

2025-12-27 00:18:31 +00:00
parent 5e272a8256
commit 5c996931a6
206 changed files with 36646 additions and 1593 deletions
--- a/configure-keycloak-test-user.sh
+++ b/configure-keycloak-test-user.sh
@@ -0,0 +1,211 @@
+#!/bin/bash
+
+# Script de configuration Keycloak - Utilisateur de test
+# Utilise l'API Admin REST de Keycloak pour créer l'utilisateur et les rôles
+
+KEYCLOAK_URL="http://localhost:8180"
+ADMIN_USER="admin"
+ADMIN_PASSWORD="admin"
+REALM="lions-user-manager"
+TEST_USER="test-user"
+TEST_PASSWORD="test123"
+TEST_EMAIL="test@lions.dev"
+
+echo "=========================================="
+echo "Configuration Keycloak - Utilisateur Test"
+echo "=========================================="
+echo ""
+
+# 1. Obtenir le token d'administration
+echo "1. Authentification admin..."
+TOKEN_RESPONSE=$(curl -s -X POST "${KEYCLOAK_URL}/realms/master/protocol/openid-connect/token" \
+  -H "Content-Type: application/x-www-form-urlencoded" \
+  -d "username=${ADMIN_USER}" \
+  -d "password=${ADMIN_PASSWORD}" \
+  -d "grant_type=password" \
+  -d "client_id=admin-cli")
+
+ACCESS_TOKEN=$(echo $TOKEN_RESPONSE | grep -o '"access_token":"[^"]*' | cut -d'"' -f4)
+
+if [ -z "$ACCESS_TOKEN" ]; then
+  echo "ERREUR: Impossible d'obtenir le token d'administration"
+  echo "Réponse: $TOKEN_RESPONSE"
+  exit 1
+fi
+
+echo "✓ Token obtenu"
+echo ""
+
+# 2. Vérifier/Créer le realm
+echo "2. Vérification du realm '${REALM}'..."
+REALM_EXISTS=$(curl -s -o /dev/null -w "%{http_code}" \
+  -X GET "${KEYCLOAK_URL}/admin/realms/${REALM}" \
+  -H "Authorization: Bearer ${ACCESS_TOKEN}")
+
+if [ "$REALM_EXISTS" != "200" ]; then
+  echo "Création du realm '${REALM}'..."
+  curl -s -X POST "${KEYCLOAK_URL}/admin/realms" \
+    -H "Authorization: Bearer ${ACCESS_TOKEN}" \
+    -H "Content-Type: application/json" \
+    -d "{
+      \"realm\": \"${REALM}\",
+      \"enabled\": true
+    }"
+  echo "✓ Realm créé"
+else
+  echo "✓ Realm existe déjà"
+fi
+echo ""
+
+# 3. Créer les rôles realm
+echo "3. Création des rôles realm..."
+ROLES=("admin" "user_manager" "user_viewer" "role_manager" "role_viewer" "auditor" "sync_manager")
+
+for ROLE in "${ROLES[@]}"; do
+  echo "  - Vérification du rôle '${ROLE}'..."
+  ROLE_EXISTS=$(curl -s -o /dev/null -w "%{http_code}" \
+    -X GET "${KEYCLOAK_URL}/admin/realms/${REALM}/roles/${ROLE}" \
+    -H "Authorization: Bearer ${ACCESS_TOKEN}")
+  
+  if [ "$ROLE_EXISTS" != "200" ]; then
+    curl -s -X POST "${KEYCLOAK_URL}/admin/realms/${REALM}/roles" \
+      -H "Authorization: Bearer ${ACCESS_TOKEN}" \
+      -H "Content-Type: application/json" \
+      -d "{
+        \"name\": \"${ROLE}\",
+        \"description\": \"Rôle ${ROLE} pour lions-user-manager\"
+      }"
+    echo "    ✓ Rôle '${ROLE}' créé"
+  else
+    echo "    ✓ Rôle '${ROLE}' existe déjà"
+  fi
+done
+echo ""
+
+# 4. Créer l'utilisateur de test
+echo "4. Création de l'utilisateur '${TEST_USER}'..."
+USER_EXISTS=$(curl -s -o /dev/null -w "%{http_code}" \
+  -X GET "${KEYCLOAK_URL}/admin/realms/${REALM}/users?username=${TEST_USER}" \
+  -H "Authorization: Bearer ${ACCESS_TOKEN}")
+
+if [ "$USER_EXISTS" != "200" ]; then
+  # Créer l'utilisateur
+  USER_ID=$(curl -s -X POST "${KEYCLOAK_URL}/admin/realms/${REALM}/users" \
+    -H "Authorization: Bearer ${ACCESS_TOKEN}" \
+    -H "Content-Type: application/json" \
+    -d "{
+      \"username\": \"${TEST_USER}\",
+      \"email\": \"${TEST_EMAIL}\",
+      \"firstName\": \"Test\",
+      \"lastName\": \"User\",
+      \"enabled\": true,
+      \"emailVerified\": true
+    }" | grep -o '"id":"[^"]*' | cut -d'"' -f4)
+  
+  if [ -z "$USER_ID" ]; then
+    # Récupérer l'ID de l'utilisateur existant
+    USER_ID=$(curl -s -X GET "${KEYCLOAK_URL}/admin/realms/${REALM}/users?username=${TEST_USER}" \
+      -H "Authorization: Bearer ${ACCESS_TOKEN}" | grep -o '"id":"[^"]*' | cut -d'"' -f4 | head -1)
+  fi
+  
+  if [ -z "$USER_ID" ]; then
+    echo "ERREUR: Impossible de créer ou récupérer l'utilisateur"
+    exit 1
+  fi
+  
+  echo "  ✓ Utilisateur créé (ID: ${USER_ID})"
+  
+  # Définir le mot de passe
+  curl -s -X PUT "${KEYCLOAK_URL}/admin/realms/${REALM}/users/${USER_ID}/reset-password" \
+    -H "Authorization: Bearer ${ACCESS_TOKEN}" \
+    -H "Content-Type: application/json" \
+    -d "{
+      \"type\": \"password\",
+      \"value\": \"${TEST_PASSWORD}\",
+      \"temporary\": false
+    }"
+  echo "  ✓ Mot de passe défini"
+else
+  # Récupérer l'ID de l'utilisateur existant
+  USER_ID=$(curl -s -X GET "${KEYCLOAK_URL}/admin/realms/${REALM}/users?username=${TEST_USER}" \
+    -H "Authorization: Bearer ${ACCESS_TOKEN}" | grep -o '"id":"[^"]*' | cut -d'"' -f4 | head -1)
+  echo "  ✓ Utilisateur existe déjà (ID: ${USER_ID})"
+fi
+echo ""
+
+# 5. Assigner les rôles à l'utilisateur
+echo "5. Attribution des rôles à l'utilisateur..."
+
+# Récupérer les représentations des rôles
+ROLE_REPRESENTATIONS="["
+for i in "${!ROLES[@]}"; do
+  ROLE="${ROLES[$i]}"
+  ROLE_REP=$(curl -s -X GET "${KEYCLOAK_URL}/admin/realms/${REALM}/roles/${ROLE}" \
+    -H "Authorization: Bearer ${ACCESS_TOKEN}")
+  
+  if [ $i -gt 0 ]; then
+    ROLE_REPRESENTATIONS+=","
+  fi
+  ROLE_REPRESENTATIONS+="${ROLE_REP}"
+done
+ROLE_REPRESENTATIONS+="]"
+
+# Assigner tous les rôles
+curl -s -X POST "${KEYCLOAK_URL}/admin/realms/${REALM}/users/${USER_ID}/role-mappings/realm" \
+  -H "Authorization: Bearer ${ACCESS_TOKEN}" \
+  -H "Content-Type: application/json" \
+  -d "${ROLE_REPRESENTATIONS}"
+
+echo "  ✓ Rôles assignés"
+echo ""
+
+# 6. Vérifier le client et le mapper de rôles
+echo "6. Vérification du client 'lions-user-manager-client'..."
+CLIENT_ID=$(curl -s -X GET "${KEYCLOAK_URL}/admin/realms/${REALM}/clients?clientId=lions-user-manager-client" \
+  -H "Authorization: Bearer ${ACCESS_TOKEN}" | grep -o '"id":"[^"]*' | cut -d'"' -f4 | head -1)
+
+if [ -z "$CLIENT_ID" ]; then
+  echo "  ⚠ Client 'lions-user-manager-client' non trouvé"
+  echo "  Veuillez créer le client manuellement dans Keycloak"
+else
+  echo "  ✓ Client trouvé (ID: ${CLIENT_ID})"
+  
+  # Vérifier le mapper de rôles realm
+  MAPPER_EXISTS=$(curl -s -X GET "${KEYCLOAK_URL}/admin/realms/${REALM}/clients/${CLIENT_ID}/protocol-mappers/models" \
+    -H "Authorization: Bearer ${ACCESS_TOKEN}" | grep -o '"name":"realm roles"')
+  
+  if [ -z "$MAPPER_EXISTS" ]; then
+    echo "  Création du mapper 'realm roles'..."
+    curl -s -X POST "${KEYCLOAK_URL}/admin/realms/${REALM}/clients/${CLIENT_ID}/protocol-mappers/models" \
+      -H "Authorization: Bearer ${ACCESS_TOKEN}" \
+      -H "Content-Type: application/json" \
+      -d "{
+        \"name\": \"realm roles\",
+        \"protocol\": \"openid-connect\",
+        \"protocolMapper\": \"oidc-usermodel-realm-role-mapper\",
+        \"config\": {
+          \"claim.name\": \"realm_access.roles\",
+          \"access.token.claim\": \"true\",
+          \"id.token.claim\": \"true\",
+          \"userinfo.token.claim\": \"true\"
+        }
+      }"
+    echo "  ✓ Mapper créé"
+  else
+    echo "  ✓ Mapper existe déjà"
+  fi
+fi
+echo ""
+
+echo "=========================================="
+echo "Configuration terminée !"
+echo "=========================================="
+echo ""
+echo "Informations de connexion:"
+echo "  Username: ${TEST_USER}"
+echo "  Password: ${TEST_PASSWORD}"
+echo "  Email: ${TEST_EMAIL}"
+echo ""
+echo "Rôles assignés: ${ROLES[*]}"
+echo ""
+