Migration complète vers PrimeFaces Freya - Corrections des incompatibilités et intégration de primefaces-freya-extension
This commit is contained in:
lionsdev
114
test-keycloak-token.ps1
Normal file
114
test-keycloak-token.ps1
Normal file
@@ -0,0 +1,114 @@
|
||||
# Script de test pour vérifier le token JWT Keycloak
|
||||
# Ce script obtient un token et le décode pour vérifier la présence des rôles
|
||||
|
||||
$KEYCLOAK_URL = "http://localhost:8180"
|
||||
$REALM = "lions-user-manager"
|
||||
$CLIENT_ID = "lions-user-manager-client"
|
||||
$CLIENT_SECRET = "NTuaQpk5E6qiMqAWTFrCOcIkOABzZzKO"
|
||||
$USERNAME = "test-user"
|
||||
$PASSWORD = "test123"
|
||||
|
||||
Write-Host "==========================================" -ForegroundColor Cyan
|
||||
Write-Host "Test Token JWT Keycloak" -ForegroundColor Cyan
|
||||
Write-Host "==========================================" -ForegroundColor Cyan
|
||||
Write-Host ""
|
||||
|
||||
# 1. Obtenir un token
|
||||
Write-Host "1. Obtention du token..." -ForegroundColor Yellow
|
||||
$tokenParams = "username=$USERNAME&password=$PASSWORD&grant_type=password&client_id=$CLIENT_ID&client_secret=$CLIENT_SECRET&scope=openid profile email roles"
|
||||
$tokenResponse = Invoke-RestMethod -Uri "$KEYCLOAK_URL/realms/$REALM/protocol/openid-connect/token" -Method Post -ContentType "application/x-www-form-urlencoded" -Body $tokenParams
|
||||
|
||||
$ACCESS_TOKEN = $tokenResponse.access_token
|
||||
$ID_TOKEN = $tokenResponse.id_token
|
||||
|
||||
if (-not $ACCESS_TOKEN) {
|
||||
Write-Host "ERREUR: Impossible d'obtenir le token" -ForegroundColor Red
|
||||
exit 1
|
||||
}
|
||||
|
||||
Write-Host "✓ Token obtenu" -ForegroundColor Green
|
||||
Write-Host ""
|
||||
|
||||
# 2. Décoder le token (JWT = 3 parties séparées par des points)
|
||||
Write-Host "2. Décodage du token..." -ForegroundColor Yellow
|
||||
$tokenParts = $ACCESS_TOKEN -split '\.'
|
||||
if ($tokenParts.Count -ne 3) {
|
||||
Write-Host "ERREUR: Token JWT invalide (doit avoir 3 parties)" -ForegroundColor Red
|
||||
exit 1
|
||||
}
|
||||
|
||||
# Décoder le payload (2ème partie)
|
||||
$payload = $tokenParts[1]
|
||||
# Ajouter du padding si nécessaire (Base64URL)
|
||||
while ($payload.Length % 4) {
|
||||
$payload += "="
|
||||
}
|
||||
$payload = $payload -replace '-', '+' -replace '_', '/'
|
||||
|
||||
try {
|
||||
$bytes = [System.Convert]::FromBase64String($payload)
|
||||
$json = [System.Text.Encoding]::UTF8.GetString($bytes)
|
||||
$tokenData = $json | ConvertFrom-Json
|
||||
|
||||
Write-Host "✓ Token décodé" -ForegroundColor Green
|
||||
Write-Host ""
|
||||
|
||||
# 3. Afficher les informations du token
|
||||
Write-Host "3. Informations du token:" -ForegroundColor Yellow
|
||||
Write-Host " Username: $($tokenData.preferred_username)" -ForegroundColor Gray
|
||||
Write-Host " Email: $($tokenData.email)" -ForegroundColor Gray
|
||||
Write-Host " Subject: $($tokenData.sub)" -ForegroundColor Gray
|
||||
Write-Host ""
|
||||
|
||||
# 4. Vérifier les rôles
|
||||
Write-Host "4. Vérification des rôles:" -ForegroundColor Yellow
|
||||
|
||||
# Vérifier realm_access.roles
|
||||
if ($tokenData.realm_access) {
|
||||
if ($tokenData.realm_access.roles) {
|
||||
Write-Host " ✓ realm_access.roles trouvé:" -ForegroundColor Green
|
||||
$tokenData.realm_access.roles | ForEach-Object {
|
||||
Write-Host " - $_" -ForegroundColor Gray
|
||||
}
|
||||
} else {
|
||||
Write-Host " ✗ realm_access.roles non trouvé dans realm_access" -ForegroundColor Red
|
||||
}
|
||||
} else {
|
||||
Write-Host " ✗ realm_access non trouvé dans le token" -ForegroundColor Red
|
||||
}
|
||||
|
||||
# Vérifier roles directement
|
||||
if ($tokenData.roles) {
|
||||
Write-Host " ✓ roles trouvé directement:" -ForegroundColor Green
|
||||
$tokenData.roles | ForEach-Object {
|
||||
Write-Host " - $_" -ForegroundColor Gray
|
||||
}
|
||||
} else {
|
||||
Write-Host " ✗ roles non trouvé directement dans le token" -ForegroundColor Yellow
|
||||
}
|
||||
|
||||
Write-Host ""
|
||||
|
||||
# 5. Afficher le token complet pour inspection
|
||||
Write-Host "5. Token complet (pour inspection sur jwt.io):" -ForegroundColor Yellow
|
||||
Write-Host $ACCESS_TOKEN -ForegroundColor Gray
|
||||
Write-Host ""
|
||||
|
||||
# 6. Afficher le JSON complet
|
||||
Write-Host "6. Contenu complet du token (JSON):" -ForegroundColor Yellow
|
||||
$json | ConvertFrom-Json | ConvertTo-Json -Depth 10 | Write-Host -ForegroundColor Gray
|
||||
Write-Host ""
|
||||
|
||||
} catch {
|
||||
Write-Host "ERREUR lors du décodage: $_" -ForegroundColor Red
|
||||
Write-Host "Payload brut: $payload" -ForegroundColor Gray
|
||||
}
|
||||
|
||||
Write-Host "==========================================" -ForegroundColor Cyan
|
||||
Write-Host "Test terminé" -ForegroundColor Cyan
|
||||
Write-Host "==========================================" -ForegroundColor Cyan
|
||||
Write-Host ""
|
||||
Write-Host "Pour inspecter le token visuellement, allez sur https://jwt.io" -ForegroundColor Yellow
|
||||
Write-Host "et collez le token ci-dessus." -ForegroundColor Yellow
|
||||
Write-Host ""
|
||||
|
||||
Reference in New Issue
Block a user