lionsdev/unionflow-client-quarkus-primefaces-freya
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4ac376b7e7df859e850d29e59a448d64df478273
unionflow-client-quarkus-pr…/create-test-user.sh
DahoudG f89f6167cc feat(mobile): Implement Keycloak WebView authentication with HTTP callback 
- Replace flutter_appauth with custom WebView implementation to resolve deep link issues
- Add KeycloakWebViewAuthService with integrated WebView for seamless authentication
- Configure Android manifest for HTTP cleartext traffic support
- Add network security config for development environment (192.168.1.11)
- Update Keycloak client to use HTTP callback endpoint (http://192.168.1.11:8080/auth/callback)
- Remove obsolete keycloak_auth_service.dart and temporary scripts
- Clean up dependencies and regenerate injection configuration
- Tested successfully on multiple Android devices (Xiaomi 2201116TG, SM A725F)

BREAKING CHANGE: Authentication flow now uses WebView instead of external browser
- Users will see Keycloak login page within the app instead of browser redirect
- Resolves ERR_CLEARTEXT_NOT_PERMITTED and deep link state management issues
- Maintains full OIDC compliance with PKCE flow and secure token storage

Technical improvements:
- WebView with custom navigation delegate for callback handling
- Automatic token extraction and user info parsing from JWT
- Proper error handling and user feedback
- Consistent authentication state management across app lifecycle
2025-09-15 01:44:16 +00:00

129 lines
4.6 KiB
Bash
Raw Blame History

#!/bin/bash
# Script pour créer un utilisateur de test dans Keycloak
echo "👤 Création d'un utilisateur de test dans Keycloak"
# Variables
KEYCLOAK_URL="http://localhost:8180"
REALM_NAME="unionflow"
# Obtenir le token admin
echo "📡 Obtention du token admin..."
TOKEN_RESPONSE=$(curl -s -X POST "$KEYCLOAK_URL/realms/master/protocol/openid-connect/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "username=admin&password=admin&grant_type=password&client_id=admin-cli")
ACCESS_TOKEN=$(echo $TOKEN_RESPONSE | grep -o '"access_token":"[^"]*' | cut -d'"' -f4)
if [ -z "$ACCESS_TOKEN" ]; then
echo "❌ Impossible d'obtenir le token admin"
exit 1
fi
echo "✅ Token admin obtenu"
# Créer un utilisateur simple
echo "👤 Création de l'utilisateur 'testuser'..."
USER_CONFIG='{
"username": "testuser",
"email": "test@unionflow.dev",
"firstName": "Test",
"lastName": "User",
"enabled": true,
"emailVerified": true
}'
# Créer l'utilisateur
RESPONSE=$(curl -s -X POST "$KEYCLOAK_URL/admin/realms/$REALM_NAME/users" \
-H "Authorization: Bearer $ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d "$USER_CONFIG" \
-w "%{http_code}")
if [[ "$RESPONSE" == *"201"* ]]; then
echo "✅ Utilisateur créé"
# Récupérer l'ID de l'utilisateur
USER_ID=$(curl -s -X GET "$KEYCLOAK_URL/admin/realms/$REALM_NAME/users?username=testuser" \
-H "Authorization: Bearer $ACCESS_TOKEN" | \
grep -o '"id":"[^"]*' | head -1 | cut -d'"' -f4)
if [ -n "$USER_ID" ]; then
echo "✅ ID utilisateur récupéré: $USER_ID"
# Définir le mot de passe
echo "🔑 Définition du mot de passe..."
PASSWORD_CONFIG='{
"type": "password",
"value": "test123",
"temporary": false
}'
curl -s -X PUT "$KEYCLOAK_URL/admin/realms/$REALM_NAME/users/$USER_ID/reset-password" \
-H "Authorization: Bearer $ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d "$PASSWORD_CONFIG"
echo "✅ Mot de passe défini"
# Assigner le rôle MEMBRE
echo "👥 Attribution du rôle MEMBRE..."
ROLE_DATA=$(curl -s -X GET "$KEYCLOAK_URL/admin/realms/$REALM_NAME/roles/MEMBRE" \
-H "Authorization: Bearer $ACCESS_TOKEN")
if [[ "$ROLE_DATA" == *'"name"'* ]]; then
ROLE_ASSIGNMENT="[$ROLE_DATA]"
curl -s -X POST "$KEYCLOAK_URL/admin/realms/$REALM_NAME/users/$USER_ID/role-mappings/realm" \
-H "Authorization: Bearer $ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d "$ROLE_ASSIGNMENT"
echo "✅ Rôle MEMBRE assigné"
fi
echo ""
echo "🎉 Utilisateur de test créé avec succès !"
echo " • Username: testuser"
echo " • Password: test123"
echo " • Email: test@unionflow.dev"
echo " • Rôle: MEMBRE"
# Test d'authentification
echo ""
echo "🧪 Test d'authentification..."
AUTH_RESPONSE=$(curl -s -X POST "$KEYCLOAK_URL/realms/$REALM_NAME/protocol/openid-connect/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "username=testuser&password=test123&grant_type=password&client_id=unionflow-server&client_secret=unionflow-secret-2025")
AUTH_TOKEN=$(echo $AUTH_RESPONSE | grep -o '"access_token":"[^"]*' | cut -d'"' -f4)
if [ -n "$AUTH_TOKEN" ]; then
echo "✅ Authentification réussie !"
echo "🔑 Token obtenu (tronqué): ${AUTH_TOKEN:0:50}..."
# Test d'accès à l'API UnionFlow
echo ""
echo "🧪 Test d'accès à l'API UnionFlow..."
API_RESPONSE=$(curl -s -w "%{http_code}" -H "Authorization: Bearer $AUTH_TOKEN" "http://localhost:8080/api/organisations")
HTTP_CODE=$(echo "$API_RESPONSE" | tail -c 4)
BODY=$(echo "$API_RESPONSE" | head -c -4)
if [ "$HTTP_CODE" = "200" ]; then
echo "✅ Accès API réussi !"
echo "📋 Réponse: ${BODY:0:100}..."
else
echo "⚠️ Accès API échoué (Code: $HTTP_CODE)"
echo "📋 Réponse: $BODY"
fi
else
echo "❌ Échec de l'authentification"
echo "Réponse: $AUTH_RESPONSE"
fi
fi
else
echo "❌ Échec de la création de l'utilisateur"
echo "Réponse: $RESPONSE"
fi
Reference in New Issue View Git Blame Copy Permalink