Migration complète vers PrimeFaces Freya - Corrections des incompatibilités et intégration de primefaces-freya-extension
This commit is contained in:
lionsdev
159
test-keycloak-config.ps1
Normal file
159
test-keycloak-config.ps1
Normal file
@@ -0,0 +1,159 @@
|
||||
# Script de test de la configuration Keycloak pour lions-user-manager
|
||||
# Usage: .\test-keycloak-config.ps1
|
||||
|
||||
$ErrorActionPreference = "Stop"
|
||||
|
||||
$KEYCLOAK_URL = "http://localhost:8180"
|
||||
$REALM = "lions-user-manager"
|
||||
$CLIENT_ID = "lions-user-manager-client"
|
||||
$CLIENT_SECRET = "NTuaQpk5E6qiMqAWTFrCOcIkOABzZzKO"
|
||||
$USERNAME = "testadmin"
|
||||
$PASSWORD = "admin123"
|
||||
$BACKEND_URL = "http://localhost:8081"
|
||||
|
||||
Write-Host "==========================================" -ForegroundColor Cyan
|
||||
Write-Host "Test de configuration Keycloak" -ForegroundColor Cyan
|
||||
Write-Host "==========================================" -ForegroundColor Cyan
|
||||
Write-Host ""
|
||||
|
||||
# Test 1: Vérifier que Keycloak est accessible
|
||||
Write-Host "[1/4] Vérification de l'accès à Keycloak..." -ForegroundColor Yellow
|
||||
try {
|
||||
$response = Invoke-WebRequest -Uri $KEYCLOAK_URL -Method GET -UseBasicParsing -ErrorAction Stop
|
||||
Write-Host "✅ Keycloak est accessible sur $KEYCLOAK_URL" -ForegroundColor Green
|
||||
} catch {
|
||||
Write-Host "❌ Keycloak n'est pas accessible sur $KEYCLOAK_URL" -ForegroundColor Red
|
||||
Write-Host " Assurez-vous que Keycloak est démarré." -ForegroundColor Red
|
||||
exit 1
|
||||
}
|
||||
Write-Host ""
|
||||
|
||||
# Test 2: Obtenir un token
|
||||
Write-Host "[2/4] Obtention d'un token d'accès..." -ForegroundColor Yellow
|
||||
$tokenUrl = "$KEYCLOAK_URL/realms/$REALM/protocol/openid-connect/token"
|
||||
$body = @{
|
||||
client_id = $CLIENT_ID
|
||||
client_secret = $CLIENT_SECRET
|
||||
grant_type = "password"
|
||||
username = $USERNAME
|
||||
password = $PASSWORD
|
||||
scope = "openid profile email roles"
|
||||
}
|
||||
|
||||
try {
|
||||
$tokenResponse = Invoke-RestMethod -Uri $tokenUrl -Method Post -Body $body -ContentType "application/x-www-form-urlencoded" -ErrorAction Stop
|
||||
$ACCESS_TOKEN = $tokenResponse.access_token
|
||||
Write-Host "✅ Token obtenu avec succès" -ForegroundColor Green
|
||||
Write-Host " Token (premiers 50 caractères): $($ACCESS_TOKEN.Substring(0, [Math]::Min(50, $ACCESS_TOKEN.Length)))..." -ForegroundColor Gray
|
||||
} catch {
|
||||
Write-Host "❌ Impossible d'obtenir un token" -ForegroundColor Red
|
||||
Write-Host " Erreur: $($_.Exception.Message)" -ForegroundColor Red
|
||||
Write-Host ""
|
||||
Write-Host "Vérifiez que:" -ForegroundColor Yellow
|
||||
Write-Host " - Le realm '$REALM' existe" -ForegroundColor Yellow
|
||||
Write-Host " - Le client '$CLIENT_ID' existe avec le bon secret" -ForegroundColor Yellow
|
||||
Write-Host " - L'utilisateur '$USERNAME' existe avec le mot de passe '$PASSWORD'" -ForegroundColor Yellow
|
||||
exit 1
|
||||
}
|
||||
Write-Host ""
|
||||
|
||||
# Test 3: Vérifier le contenu du token
|
||||
Write-Host "[3/4] Vérification du contenu du token..." -ForegroundColor Yellow
|
||||
$tokenParts = $ACCESS_TOKEN.Split('.')
|
||||
$payload = $tokenParts[1]
|
||||
|
||||
# Ajouter padding si nécessaire
|
||||
while ($payload.Length % 4 -ne 0) {
|
||||
$payload += "="
|
||||
}
|
||||
|
||||
try {
|
||||
$payloadBytes = [Convert]::FromBase64String($payload)
|
||||
$payloadJson = [System.Text.Encoding]::UTF8.GetString($payloadBytes)
|
||||
$tokenData = $payloadJson | ConvertFrom-Json
|
||||
|
||||
if ($tokenData.realm_access) {
|
||||
Write-Host "✅ Le token contient les rôles (realm_access)" -ForegroundColor Green
|
||||
$roles = $tokenData.realm_access.roles -join ", "
|
||||
Write-Host " Rôles trouvés: $roles" -ForegroundColor Gray
|
||||
|
||||
if ($tokenData.realm_access.roles -contains "admin" -or $tokenData.realm_access.roles -contains "user_manager") {
|
||||
Write-Host "✅ L'utilisateur a le rôle 'admin' ou 'user_manager'" -ForegroundColor Green
|
||||
} else {
|
||||
Write-Host "⚠️ L'utilisateur n'a pas le rôle 'admin' ou 'user_manager'" -ForegroundColor Yellow
|
||||
Write-Host " L'endpoint /api/users/search nécessite un de ces rôles" -ForegroundColor Yellow
|
||||
Write-Host " Assignez le rôle 'admin' ou 'user_manager' à l'utilisateur '$USERNAME'" -ForegroundColor Yellow
|
||||
}
|
||||
} else {
|
||||
Write-Host "❌ Le token ne contient pas realm_access.roles" -ForegroundColor Red
|
||||
Write-Host " Vérifiez la configuration du client scope 'roles' dans Keycloak" -ForegroundColor Red
|
||||
}
|
||||
} catch {
|
||||
Write-Host "⚠️ Impossible de décoder le token" -ForegroundColor Yellow
|
||||
}
|
||||
Write-Host ""
|
||||
|
||||
# Test 4: Tester l'API backend
|
||||
Write-Host "[4/4] Test de l'endpoint /api/users/search..." -ForegroundColor Yellow
|
||||
$apiUrl = "$BACKEND_URL/api/users/search"
|
||||
$headers = @{
|
||||
"Authorization" = "Bearer $ACCESS_TOKEN"
|
||||
"Content-Type" = "application/json"
|
||||
}
|
||||
$searchBody = @{
|
||||
realmName = $REALM
|
||||
page = 0
|
||||
pageSize = 20
|
||||
} | ConvertTo-Json
|
||||
|
||||
try {
|
||||
$apiResponse = Invoke-RestMethod -Uri $apiUrl -Method Post -Headers $headers -Body $searchBody -ErrorAction Stop
|
||||
Write-Host "✅ Endpoint /api/users/search accessible (HTTP 200)" -ForegroundColor Green
|
||||
Write-Host " Nombre d'utilisateurs trouvés: $($apiResponse.totalCount)" -ForegroundColor Gray
|
||||
$success = $true
|
||||
} catch {
|
||||
$statusCode = $_.Exception.Response.StatusCode.value__
|
||||
|
||||
if ($null -eq $statusCode) {
|
||||
Write-Host "❌ Le backend n'est pas accessible sur $BACKEND_URL" -ForegroundColor Red
|
||||
Write-Host " Assurez-vous que lions-user-manager-server est démarré (mvn quarkus:dev)" -ForegroundColor Red
|
||||
} elseif ($statusCode -eq 401) {
|
||||
Write-Host "❌ Erreur 401 Unauthorized" -ForegroundColor Red
|
||||
Write-Host " Le token n'est pas accepté par le backend" -ForegroundColor Red
|
||||
Write-Host " Vérifiez que le serveur utilise le même realm dans application.properties" -ForegroundColor Red
|
||||
} elseif ($statusCode -eq 403) {
|
||||
Write-Host "❌ Erreur 403 Forbidden" -ForegroundColor Red
|
||||
Write-Host " L'utilisateur n'a pas les permissions nécessaires" -ForegroundColor Red
|
||||
Write-Host " Assignez le rôle 'admin' ou 'user_manager' à l'utilisateur" -ForegroundColor Red
|
||||
} elseif ($statusCode -eq 405) {
|
||||
Write-Host "❌ Erreur 405 Method Not Allowed" -ForegroundColor Red
|
||||
Write-Host " C'est l'erreur que vous rencontriez !" -ForegroundColor Red
|
||||
Write-Host " Vérifiez que le serveur backend est bien configuré avec le realm '$REALM'" -ForegroundColor Red
|
||||
} else {
|
||||
Write-Host "⚠️ Réponse HTTP $statusCode" -ForegroundColor Yellow
|
||||
Write-Host " Erreur: $($_.Exception.Message)" -ForegroundColor Yellow
|
||||
}
|
||||
$success = $false
|
||||
}
|
||||
Write-Host ""
|
||||
|
||||
# Résumé
|
||||
Write-Host "==========================================" -ForegroundColor Cyan
|
||||
Write-Host "Résumé du test" -ForegroundColor Cyan
|
||||
Write-Host "==========================================" -ForegroundColor Cyan
|
||||
Write-Host ""
|
||||
|
||||
if ($success) {
|
||||
Write-Host "🎉 Configuration correcte ! Tout fonctionne." -ForegroundColor Green
|
||||
Write-Host ""
|
||||
Write-Host "Vous pouvez maintenant:" -ForegroundColor Cyan
|
||||
Write-Host " 1. Démarrer le client: cd lions-user-manager-client-quarkus-primefaces-freya && mvn quarkus:dev" -ForegroundColor Gray
|
||||
Write-Host " 2. Accéder à: http://localhost:8082" -ForegroundColor Gray
|
||||
Write-Host " 3. Se connecter avec: $USERNAME / $PASSWORD" -ForegroundColor Gray
|
||||
Write-Host " 4. Naviguer vers: /pages/user-manager/users/list.xhtml" -ForegroundColor Gray
|
||||
} else {
|
||||
Write-Host "❌ La configuration nécessite des ajustements." -ForegroundColor Red
|
||||
Write-Host ""
|
||||
Write-Host "Consultez le fichier KEYCLOAK_DEV_SETUP.md pour les instructions complètes." -ForegroundColor Yellow
|
||||
}
|
||||
Write-Host ""
|
||||
Reference in New Issue
Block a user