lionsdev/unionflow-server-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3f2398a55d13daeb19c87111eba765fb0c529ee2
unionflow-server-api/setup-simple.sh
DahoudG 3f2398a55d Refactoring
2025-09-19 16:09:21 +00:00

186 lines
6.5 KiB
Bash
Raw Blame History

#!/bin/bash
set -e
echo "============================================================================="
echo "🚀 CONFIGURATION SIMPLE UNIONFLOW KEYCLOAK"
echo "============================================================================="
# Configuration
KEYCLOAK_URL="http://192.168.1.145:8180"
REALM="unionflow"
ADMIN_USER="admin"
ADMIN_PASSWORD="admin"
# Obtenir le token admin
echo "1. Obtention du token admin..."
TOKEN_RESPONSE=$(curl -s -X POST \
"${KEYCLOAK_URL}/realms/master/protocol/openid-connect/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "username=${ADMIN_USER}&password=${ADMIN_PASSWORD}&grant_type=password&client_id=admin-cli")
TOKEN=$(echo "$TOKEN_RESPONSE" | grep -o '"access_token":"[^"]*' | cut -d'"' -f4)
if [ -z "$TOKEN" ]; then
echo "ERREUR: Impossible d'obtenir le token"
exit 1
fi
echo "✓ Token obtenu"
# Créer les rôles
echo ""
echo "2. Création des rôles..."
declare -A ROLES=(
["SUPER_ADMINISTRATEUR"]="100"
["ADMINISTRATEUR_ORGANISATION"]="85"
["RESPONSABLE_TECHNIQUE"]="80"
["RESPONSABLE_FINANCIER"]="75"
["RESPONSABLE_MEMBRES"]="70"
["MEMBRE_ACTIF"]="50"
["MEMBRE_SIMPLE"]="30"
["VISITEUR"]="0"
)
for role_name in "${!ROLES[@]}"; do
level="${ROLES[$role_name]}"
echo -n " Création $role_name... "
ROLE_DATA="{\"name\":\"$role_name\",\"description\":\"$role_name - Niveau $level\",\"attributes\":{\"level\":[\"$level\"]}}"
HTTP_CODE=$(curl -s -w "%{http_code}" -X POST \
"${KEYCLOAK_URL}/admin/realms/${REALM}/roles" \
-H "Authorization: Bearer ${TOKEN}" \
-H "Content-Type: application/json" \
-d "$ROLE_DATA")
CODE="${HTTP_CODE: -3}"
if [ "$CODE" = "201" ]; then
echo "✓"
elif [ "$CODE" = "409" ]; then
echo "✓ (existe déjà)"
else
echo "✗ (code: $CODE)"
fi
done
# Créer les utilisateurs
echo ""
echo "3. Création des utilisateurs..."
declare -A USERS=(
["superadmin"]="superadmin@unionflow.dev:SuperAdmin123!:Super:Admin:SUPER_ADMINISTRATEUR"
["admin.org"]="admin@association-dev.fr:AdminOrg123!:Admin:Organisation:ADMINISTRATEUR_ORGANISATION"
["tech.lead"]="tech@association-dev.fr:TechLead123!:Tech:Lead:RESPONSABLE_TECHNIQUE"
["tresorier"]="tresorier@association-dev.fr:Tresorier123!:Tresorier:Finance:RESPONSABLE_FINANCIER"
["rh.manager"]="rh@association-dev.fr:RhManager123!:RH:Manager:RESPONSABLE_MEMBRES"
["marie.active"]="marie@association-dev.fr:Marie123!:Marie:Active:MEMBRE_ACTIF"
["jean.simple"]="jean@association-dev.fr:Jean123!:Jean:Simple:MEMBRE_SIMPLE"
["visiteur"]="visiteur@example.com:Visiteur123!:Visiteur:Public:VISITEUR"
)
for username in "${!USERS[@]}"; do
IFS=':' read -r email password firstname lastname role <<< "${USERS[$username]}"
echo -n " Création $username... "
USER_DATA="{\"username\":\"$username\",\"email\":\"$email\",\"firstName\":\"$firstname\",\"lastName\":\"$lastname\",\"enabled\":true,\"emailVerified\":true,\"credentials\":[{\"type\":\"password\",\"value\":\"$password\",\"temporary\":false}]}"
HTTP_CODE=$(curl -s -w "%{http_code}" -X POST \
"${KEYCLOAK_URL}/admin/realms/${REALM}/users" \
-H "Authorization: Bearer ${TOKEN}" \
-H "Content-Type: application/json" \
-d "$USER_DATA")
CODE="${HTTP_CODE: -3}"
if [ "$CODE" = "201" ]; then
echo "✓"
# Assigner le rôle
sleep 1
# Obtenir l'ID utilisateur
USER_SEARCH=$(curl -s -X GET \
"${KEYCLOAK_URL}/admin/realms/${REALM}/users?username=${username}" \
-H "Authorization: Bearer ${TOKEN}")
USER_ID=$(echo "$USER_SEARCH" | grep -o '"id":"[^"]*' | head -1 | cut -d'"' -f4)
if [ -n "$USER_ID" ]; then
# Obtenir le rôle
ROLE_INFO=$(curl -s -X GET \
"${KEYCLOAK_URL}/admin/realms/${REALM}/roles/${role}" \
-H "Authorization: Bearer ${TOKEN}")
ROLE_ID=$(echo "$ROLE_INFO" | grep -o '"id":"[^"]*' | cut -d'"' -f4)
if [ -n "$ROLE_ID" ]; then
ROLE_ASSIGNMENT="[{\"id\":\"$ROLE_ID\",\"name\":\"$role\"}]"
curl -s -X POST \
"${KEYCLOAK_URL}/admin/realms/${REALM}/users/${USER_ID}/role-mappings/realm" \
-H "Authorization: Bearer ${TOKEN}" \
-H "Content-Type: application/json" \
-d "$ROLE_ASSIGNMENT" > /dev/null
echo " → Rôle $role assigné"
fi
fi
elif [ "$CODE" = "409" ]; then
echo "✓ (existe déjà)"
else
echo "✗ (code: $CODE)"
fi
done
echo ""
echo "4. Test d'authentification..."
# Tester avec marie.active
AUTH_RESPONSE=$(curl -s -X POST \
"${KEYCLOAK_URL}/realms/${REALM}/protocol/openid-connect/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "username=marie.active&password=Marie123!&grant_type=password&client_id=unionflow-mobile")
if echo "$AUTH_RESPONSE" | grep -q "access_token"; then
echo "✓ Test authentification marie.active réussi"
# Obtenir les infos utilisateur
ACCESS_TOKEN=$(echo "$AUTH_RESPONSE" | grep -o '"access_token":"[^"]*' | cut -d'"' -f4)
USER_INFO=$(curl -s -X GET \
"${KEYCLOAK_URL}/realms/${REALM}/protocol/openid-connect/userinfo" \
-H "Authorization: Bearer ${ACCESS_TOKEN}")
if echo "$USER_INFO" | grep -q "email"; then
EMAIL=$(echo "$USER_INFO" | grep -o '"email":"[^"]*' | cut -d'"' -f4)
echo " → Email: $EMAIL"
fi
else
echo "✗ Test authentification échoué"
echo " Réponse: ${AUTH_RESPONSE:0:100}..."
fi
echo ""
echo "============================================================================="
echo "✅ CONFIGURATION TERMINÉE"
echo "============================================================================="
echo ""
echo "🔐 COMPTES CRÉÉS :"
echo "• marie.active / Marie123! (MEMBRE_ACTIF)"
echo "• superadmin / SuperAdmin123! (SUPER_ADMINISTRATEUR)"
echo "• jean.simple / Jean123! (MEMBRE_SIMPLE)"
echo "• tech.lead / TechLead123! (RESPONSABLE_TECHNIQUE)"
echo "• rh.manager / RhManager123! (RESPONSABLE_MEMBRES)"
echo "• admin.org / AdminOrg123! (ADMINISTRATEUR_ORGANISATION)"
echo "• tresorier / Tresorier123! (RESPONSABLE_FINANCIER)"
echo "• visiteur / Visiteur123! (VISITEUR)"
echo ""
echo "🚀 TESTEZ MAINTENANT L'APPLICATION MOBILE !"
echo " Utilisez: marie.active / Marie123!"
echo ""
Reference in New Issue View Git Blame Copy Permalink