lionsdev/unionflow-server-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4ac376b7e7df859e850d29e59a448d64df478273
unionflow-server-api/create-server-client.ps1
DahoudG f89f6167cc feat(mobile): Implement Keycloak WebView authentication with HTTP callback 
- Replace flutter_appauth with custom WebView implementation to resolve deep link issues
- Add KeycloakWebViewAuthService with integrated WebView for seamless authentication
- Configure Android manifest for HTTP cleartext traffic support
- Add network security config for development environment (192.168.1.11)
- Update Keycloak client to use HTTP callback endpoint (http://192.168.1.11:8080/auth/callback)
- Remove obsolete keycloak_auth_service.dart and temporary scripts
- Clean up dependencies and regenerate injection configuration
- Tested successfully on multiple Android devices (Xiaomi 2201116TG, SM A725F)

BREAKING CHANGE: Authentication flow now uses WebView instead of external browser
- Users will see Keycloak login page within the app instead of browser redirect
- Resolves ERR_CLEARTEXT_NOT_PERMITTED and deep link state management issues
- Maintains full OIDC compliance with PKCE flow and secure token storage

Technical improvements:
- WebView with custom navigation delegate for callback handling
- Automatic token extraction and user info parsing from JWT
- Proper error handling and user feedback
- Consistent authentication state management across app lifecycle
2025-09-15 01:44:16 +00:00

105 lines
3.8 KiB
PowerShell
Raw Blame History

# Script pour créer le client unionflow-server dans Keycloak
param(
[string]$KeycloakUrl = "http://192.168.1.11:8180",
[string]$Realm = "unionflow",
[string]$AdminUser = "admin",
[string]$AdminPassword = "admin",
[string]$ClientId = "unionflow-server",
[string]$ClientSecret = "unionflow-secret-2025"
)
Write-Host "🖥️ Création du client serveur dans Keycloak..." -ForegroundColor Cyan
Write-Host "📍 Keycloak URL: $KeycloakUrl" -ForegroundColor Gray
Write-Host "🏛️ Realm: $Realm" -ForegroundColor Gray
Write-Host "🖥️ Client ID: $ClientId" -ForegroundColor Gray
Write-Host ""
try {
# 1. Obtenir le token d'administration
Write-Host "🔑 Obtention du token d'administration..." -ForegroundColor Yellow
$tokenBody = @{
username = $AdminUser
password = $AdminPassword
grant_type = "password"
client_id = "admin-cli"
}
$tokenResponse = Invoke-RestMethod -Uri "$KeycloakUrl/realms/master/protocol/openid-connect/token" `
-Method Post `
-ContentType "application/x-www-form-urlencoded" `
-Body $tokenBody
$accessToken = $tokenResponse.access_token
Write-Host "✅ Token obtenu avec succès" -ForegroundColor Green
# 2. Créer le client serveur
Write-Host "🖥️ Création du client serveur '$ClientId'..." -ForegroundColor Yellow
$clientConfig = @{
clientId = $ClientId
name = "UnionFlow Server API"
description = "Client pour l'API serveur UnionFlow"
enabled = $true
clientAuthenticatorType = "client-secret"
secret = $ClientSecret
publicClient = $false
standardFlowEnabled = $true
implicitFlowEnabled = $false
directAccessGrantsEnabled = $true
serviceAccountsEnabled = $true
authorizationServicesEnabled = $false
redirectUris = @("http://192.168.1.11:8080/*")
webOrigins = @("http://192.168.1.11:8080", "http://localhost:8080")
protocol = "openid-connect"
attributes = @{
"access.token.lifespan" = "900"
"client.session.idle.timeout" = "1800"
"client.session.max.lifespan" = "43200"
}
defaultClientScopes = @("openid", "profile", "email", "roles")
optionalClientScopes = @()
} | ConvertTo-Json -Depth 10
$headers = @{
"Authorization" = "Bearer $accessToken"
"Content-Type" = "application/json"
}
try {
$clientResponse = Invoke-RestMethod -Uri "$KeycloakUrl/admin/realms/$Realm/clients" `
-Method Post `
-Headers $headers `
-Body $clientConfig
Write-Host "✅ Client serveur créé avec succès" -ForegroundColor Green
}
catch {
if ($_.Exception.Response.StatusCode -eq 409) {
Write-Host "⚠️ Le client existe déjà, mise à jour..." -ForegroundColor Yellow
}
else {
throw
}
}
Write-Host ""
Write-Host "🎉 CLIENT SERVEUR CRÉÉ AVEC SUCCÈS !" -ForegroundColor Green
Write-Host "🖥️ Client ID: $ClientId" -ForegroundColor White
Write-Host "🔒 Client Secret: $ClientSecret" -ForegroundColor White
Write-Host ""
Write-Host "Le serveur Quarkus peut maintenant s'authentifier avec Keycloak !" -ForegroundColor Cyan
}
catch {
Write-Host ""
Write-Host "ERREUR lors de la creation du client serveur !" -ForegroundColor Red
Write-Host "Details: $($_.Exception.Message)" -ForegroundColor Red
if ($_.Exception.Response) {
$statusCode = $_.Exception.Response.StatusCode.value__
Write-Host "Code de statut HTTP: $statusCode" -ForegroundColor Red
}
exit 1
}
Reference in New Issue View Git Blame Copy Permalink