diff --git a/bin/get_token b/bin/get_token index bc155bbb..433b5ceb 100755 --- a/bin/get_token +++ b/bin/get_token @@ -48,23 +48,27 @@ token=$(jq -r '.access_token' <<< "$result") if [[ "$token" != 'null' ]]; then echo "token: $token" - echo "getting user info" + # curl -s "http://localhost:7002/realms/spiffworkflow/protocol/openid-connect/userinfo" -H "Authorization: Bearer $token" resource_result=$(curl -s "http://localhost:7002/realms/spiffworkflow/authz/protection/resource_set?matchingUri=true&deep=true&max=-1&exactName=false&uri=%2Fprocess-models%2Fcategory_number_one%2Fprocess-model-with-repeating-form" -H "Authorization: Bearer $token") + resource_ids=$(jq -r '.[] | ._id' <<<"$resource_result" || echo '') + if [[ -z "$resource_ids" || "$resource_ids" == "null" ]]; then + >&2 echo "ERROR: Could not find the resource id from the result: ${resource_result}" + exit 1 + fi - - # # -H "Authorization: Basic $basic_auth" \ - # basic_auth=$(echo -n "${CLIENT_ID}:${CLIENT_SECRET}" | base64 -w0) - # # -H "Authorization: Bearer $token" \ - # curl -s -X POST "$KEYCLOAK_URL" "$INSECURE" \ - # -H "Content-Type: application/x-www-form-urlencoded" \ - # -H "Authorization: Basic $basic_auth" \ - # -d "audience=${CLIENT_ID}" \ - # --data-urlencode "grant_type=urn:ietf:params:oauth:grant-type:uma-ticket" \ - # -d "permission=e294304c-796e-4c56-bdf2-8c854f65db59" \ - # -d "subject_token=${token}" \ - # | jq . - else - echo "Failed auth result: $result" + for resource_id in $resource_ids ; do + basic_auth=$(echo -n "${CLIENT_ID}:${CLIENT_SECRET}" | base64 -w0) + curl -s -X POST "$KEYCLOAK_URL" "$INSECURE" \ + -H "Content-Type: application/x-www-form-urlencoded" \ + -H "Authorization: Basic $basic_auth" \ + -d "audience=${CLIENT_ID}" \ + --data-urlencode "grant_type=urn:ietf:params:oauth:grant-type:uma-ticket" \ + -d "permission=${resource_id}" \ + -d "subject_token=${token}" \ + | jq . + done +else + echo "Failed auth result: $result" fi