86 lines
3.4 KiB
PowerShell
86 lines
3.4 KiB
PowerShell
# Script de mise à jour de la configuration du client Keycloak
|
|
Write-Host "Mise a jour de la configuration client Keycloak..." -ForegroundColor Cyan
|
|
|
|
# Obtenir un token admin
|
|
$tokenResponse = Invoke-RestMethod -Uri "http://localhost:8180/realms/master/protocol/openid-connect/token" -Method POST -Body @{
|
|
client_id = "admin-cli"
|
|
grant_type = "password"
|
|
username = "admin"
|
|
password = "admin"
|
|
} -ContentType "application/x-www-form-urlencoded"
|
|
|
|
$token = $tokenResponse.access_token
|
|
Write-Host "✅ Token admin obtenu" -ForegroundColor Green
|
|
|
|
# Configuration du client
|
|
$clientConfig = @{
|
|
id = "b759720f-2a25-4118-9dc8-f167b79ad532"
|
|
clientId = "lions-user-manager-client"
|
|
name = "Lions User Manager Client"
|
|
description = "Interface web pour la gestion des utilisateurs"
|
|
rootUrl = "http://localhost:8082"
|
|
adminUrl = "http://localhost:8082"
|
|
baseUrl = "/"
|
|
enabled = $true
|
|
clientAuthenticatorType = "client-secret"
|
|
secret = "NTuaQpk5E6qiMqAWTFrCOcIkOABzZzKO"
|
|
redirectUris = @(
|
|
"http://localhost:8082/*"
|
|
"http://localhost:8082/auth/callback"
|
|
"http://localhost:8082/pages/user-manager/*"
|
|
)
|
|
webOrigins = @("http://localhost:8082")
|
|
bearerOnly = $false
|
|
consentRequired = $false
|
|
standardFlowEnabled = $true
|
|
implicitFlowEnabled = $false
|
|
directAccessGrantsEnabled = $true
|
|
serviceAccountsEnabled = $false
|
|
publicClient = $false
|
|
frontchannelLogout = $true
|
|
protocol = "openid-connect"
|
|
attributes = @{
|
|
"access.token.lifespan" = "1800"
|
|
"client.session.idle.timeout" = "1800"
|
|
"client.session.max.lifespan" = "36000"
|
|
"pkce.code.challenge.method" = "S256"
|
|
"backchannel.logout.session.required" = "true"
|
|
"post.logout.redirect.uris" = "http://localhost:8082/*"
|
|
}
|
|
fullScopeAllowed = $true
|
|
defaultClientScopes = @("web-origins", "acr", "profile", "roles", "basic", "email")
|
|
optionalClientScopes = @("address", "phone", "offline_access", "microprofile-jwt")
|
|
}
|
|
|
|
$headers = @{
|
|
Authorization = "Bearer $token"
|
|
"Content-Type" = "application/json"
|
|
}
|
|
|
|
$body = $clientConfig | ConvertTo-Json -Depth 10
|
|
|
|
try {
|
|
Invoke-RestMethod -Uri "http://localhost:8180/admin/realms/lions-user-manager/clients/b759720f-2a25-4118-9dc8-f167b79ad532" `
|
|
-Method PUT `
|
|
-Headers $headers `
|
|
-Body $body
|
|
|
|
Write-Host "✅ Configuration client mise a jour avec succes!" -ForegroundColor Green
|
|
Write-Host ""
|
|
Write-Host "Corrections appliquees:" -ForegroundColor Cyan
|
|
Write-Host " - rootUrl: http://localhost:8081 → http://localhost:8082" -ForegroundColor Yellow
|
|
Write-Host " - adminUrl: → http://localhost:8082" -ForegroundColor Yellow
|
|
Write-Host " - redirectUris: suppression du wildcard '*'" -ForegroundColor Yellow
|
|
Write-Host " - webOrigins: * → http://localhost:8082" -ForegroundColor Yellow
|
|
Write-Host " - Access token lifespan: 3600s → 1800s" -ForegroundColor Yellow
|
|
Write-Host " - Session timeouts configures" -ForegroundColor Yellow
|
|
Write-Host ""
|
|
Write-Host "Prochaine etape:" -ForegroundColor Cyan
|
|
Write-Host " 1. Supprimez les cookies du navigateur pour localhost:8082" -ForegroundColor Gray
|
|
Write-Host " 2. Redemarrez le client JSF si necessaire" -ForegroundColor Gray
|
|
Write-Host " 3. Testez l'acces a http://localhost:8082" -ForegroundColor Gray
|
|
|
|
} catch {
|
|
Write-Host "❌ Erreur lors de la mise a jour: $($_.Exception.Message)" -ForegroundColor Red
|
|
}
|