209 lines
7.3 KiB
Python
209 lines
7.3 KiB
Python
#!/usr/bin/env python3
|
|
"""
|
|
Script pour réinitialiser les mots de passe des comptes existants
|
|
"""
|
|
|
|
import requests
|
|
import json
|
|
import time
|
|
|
|
class PasswordResetter:
|
|
def __init__(self, base_url: str = "http://localhost:8180"):
|
|
self.base_url = base_url
|
|
self.session = requests.Session()
|
|
self.admin_token = None
|
|
|
|
def get_admin_token(self) -> bool:
|
|
"""Obtient le token admin"""
|
|
try:
|
|
data = {
|
|
"username": "admin",
|
|
"password": "admin",
|
|
"grant_type": "password",
|
|
"client_id": "admin-cli"
|
|
}
|
|
|
|
response = self.session.post(
|
|
f"{self.base_url}/realms/master/protocol/openid-connect/token",
|
|
data=data,
|
|
headers={"Content-Type": "application/x-www-form-urlencoded"}
|
|
)
|
|
|
|
if response.status_code == 200:
|
|
token_data = response.json()
|
|
self.admin_token = token_data.get("access_token")
|
|
return self.admin_token is not None
|
|
|
|
except Exception as e:
|
|
print(f"Erreur obtention token: {e}")
|
|
|
|
return False
|
|
|
|
def reset_user_password(self, realm_name: str, username: str, new_password: str) -> bool:
|
|
"""Réinitialise le mot de passe d'un utilisateur existant"""
|
|
print(f"🔑 Réinitialisation du mot de passe pour {username}...")
|
|
|
|
try:
|
|
# 1. Trouver l'utilisateur
|
|
response = self.session.get(
|
|
f"{self.base_url}/admin/realms/{realm_name}/users?username={username}",
|
|
headers={"Authorization": f"Bearer {self.admin_token}"}
|
|
)
|
|
|
|
if response.status_code != 200:
|
|
print(f" ❌ Impossible de trouver l'utilisateur")
|
|
return False
|
|
|
|
users = response.json()
|
|
if not users:
|
|
print(f" ❌ Utilisateur {username} non trouvé")
|
|
return False
|
|
|
|
user_id = users[0]["id"]
|
|
print(f" ✓ Utilisateur trouvé (ID: {user_id})")
|
|
|
|
# 2. Réinitialiser le mot de passe
|
|
password_data = {
|
|
"type": "password",
|
|
"value": new_password,
|
|
"temporary": False
|
|
}
|
|
|
|
response = self.session.put(
|
|
f"{self.base_url}/admin/realms/{realm_name}/users/{user_id}/reset-password",
|
|
json=password_data,
|
|
headers={
|
|
"Authorization": f"Bearer {self.admin_token}",
|
|
"Content-Type": "application/json"
|
|
}
|
|
)
|
|
|
|
if response.status_code == 204:
|
|
print(f" ✓ Mot de passe réinitialisé")
|
|
|
|
# 3. Test immédiat
|
|
time.sleep(1)
|
|
if self.test_user_auth(realm_name, username, new_password):
|
|
print(f" ✅ {username} FONCTIONNE MAINTENANT !")
|
|
return True
|
|
else:
|
|
print(f" ❌ {username} ne fonctionne toujours pas")
|
|
return False
|
|
else:
|
|
print(f" ❌ Erreur réinitialisation: {response.status_code}")
|
|
print(f" Réponse: {response.text}")
|
|
return False
|
|
|
|
except Exception as e:
|
|
print(f" ❌ Exception: {e}")
|
|
return False
|
|
|
|
def test_user_auth(self, realm_name: str, username: str, password: str) -> bool:
|
|
"""Teste l'authentification d'un utilisateur"""
|
|
try:
|
|
data = {
|
|
"username": username,
|
|
"password": password,
|
|
"grant_type": "password",
|
|
"client_id": "unionflow-mobile"
|
|
}
|
|
|
|
response = self.session.post(
|
|
f"{self.base_url}/realms/{realm_name}/protocol/openid-connect/token",
|
|
data=data,
|
|
headers={"Content-Type": "application/x-www-form-urlencoded"}
|
|
)
|
|
|
|
return response.status_code == 200 and "access_token" in response.json()
|
|
|
|
except:
|
|
return False
|
|
|
|
def reset_all_passwords(self):
|
|
"""Réinitialise tous les mots de passe"""
|
|
print("=" * 80)
|
|
print("🔑 RÉINITIALISATION DES MOTS DE PASSE UNIONFLOW")
|
|
print("=" * 80)
|
|
print()
|
|
|
|
# 1. Token admin
|
|
if not self.get_admin_token():
|
|
print("❌ Impossible d'obtenir le token admin")
|
|
return False
|
|
|
|
print("✅ Token admin obtenu")
|
|
print()
|
|
|
|
# 2. Réinitialiser tous les mots de passe
|
|
users = [
|
|
("marie.active", "Marie123!"),
|
|
("superadmin", "SuperAdmin123!"),
|
|
("jean.simple", "Jean123!"),
|
|
("tech.lead", "TechLead123!"),
|
|
("rh.manager", "RhManager123!")
|
|
]
|
|
|
|
success_count = 0
|
|
working_users = []
|
|
|
|
for username, password in users:
|
|
if self.reset_user_password("unionflow", username, password):
|
|
success_count += 1
|
|
working_users.append((username, password))
|
|
print()
|
|
|
|
print("=" * 80)
|
|
print(f"📊 RÉSULTAT FINAL: {success_count}/{len(users)} comptes fonctionnent")
|
|
print("=" * 80)
|
|
|
|
if success_count > 0:
|
|
print()
|
|
print("🎉 SUCCÈS ! LES COMPTES SUIVANTS FONCTIONNENT :")
|
|
print()
|
|
for username, password in working_users:
|
|
print(f" ✅ {username} / {password}")
|
|
|
|
print()
|
|
print("🚀 PRÊT POUR L'APPLICATION MOBILE UNIONFLOW !")
|
|
print()
|
|
print("📱 TESTEZ MAINTENANT SUR VOTRE SAMSUNG :")
|
|
print(" 1. Ouvrez l'app UnionFlow")
|
|
print(" 2. Cliquez sur 'Se connecter avec Keycloak'")
|
|
print(f" 3. Utilisez: {working_users[0][0]} / {working_users[0][1]}")
|
|
print(" 4. Vérifiez que l'authentification fonctionne")
|
|
print()
|
|
print("✅ TOUS LES COMPTES UNIONFLOW SONT MAINTENANT OPÉRATIONNELS !")
|
|
|
|
return True
|
|
else:
|
|
print()
|
|
print("❌ Aucun compte ne fonctionne")
|
|
print()
|
|
print("🔧 SOLUTION MANUELLE :")
|
|
print("1. Ouvrez http://localhost:8180/admin/")
|
|
print("2. Connectez-vous comme admin/admin")
|
|
print("3. Allez dans le realm 'unionflow' > Users")
|
|
print("4. Sélectionnez 'marie.active'")
|
|
print("5. Allez dans l'onglet 'Credentials'")
|
|
print("6. Cliquez 'Set password'")
|
|
print("7. Entrez 'Marie123!' et décochez 'Temporary'")
|
|
print("8. Testez avec votre application mobile")
|
|
|
|
return False
|
|
|
|
|
|
def main():
|
|
resetter = PasswordResetter()
|
|
success = resetter.reset_all_passwords()
|
|
|
|
if success:
|
|
print()
|
|
print("=" * 80)
|
|
print("🎯 TOUS LES COMPTES DOIVENT MAINTENANT FONCTIONNER !")
|
|
print(" Testez avec: python test_auth.py")
|
|
print("=" * 80)
|
|
|
|
|
|
if __name__ == "__main__":
|
|
main()
|