From 3246adc31cf3a66a7b9eeff672759d124e1f3920 Mon Sep 17 00:00:00 2001
From: jasquat <jasquat@users.noreply.github.com>
Date: Fri, 8 Jul 2022 15:40:16 -0400
Subject: [PATCH] get_token is working now w/ burnettk

---
 bin/get_token | 34 +++++++++++++++++++---------------
 1 file changed, 19 insertions(+), 15 deletions(-)

diff --git a/bin/get_token b/bin/get_token
index bc155bbb..433b5ceb 100755
--- a/bin/get_token
+++ b/bin/get_token
@@ -48,23 +48,27 @@ token=$(jq -r '.access_token' <<< "$result")
 
 if [[ "$token" != 'null' ]]; then
   echo "token: $token"
-  echo "getting user info"
+
   # curl -s "http://localhost:7002/realms/spiffworkflow/protocol/openid-connect/userinfo" -H "Authorization: Bearer $token"
   resource_result=$(curl -s "http://localhost:7002/realms/spiffworkflow/authz/protection/resource_set?matchingUri=true&deep=true&max=-1&exactName=false&uri=%2Fprocess-models%2Fcategory_number_one%2Fprocess-model-with-repeating-form" -H "Authorization: Bearer $token")
 
+  resource_ids=$(jq -r '.[] | ._id' <<<"$resource_result" || echo '')
+  if [[ -z "$resource_ids" || "$resource_ids" == "null" ]]; then
+    >&2 echo "ERROR: Could not find the resource id from the result: ${resource_result}"
+    exit 1
+  fi
 
-
-  # # -H "Authorization: Basic $basic_auth" \
-  # basic_auth=$(echo -n "${CLIENT_ID}:${CLIENT_SECRET}" | base64 -w0)
-  # # -H "Authorization: Bearer $token" \
-  # curl -s -X POST "$KEYCLOAK_URL" "$INSECURE" \
-  #   -H "Content-Type: application/x-www-form-urlencoded" \
-  #   -H "Authorization: Basic $basic_auth" \
-  #   -d "audience=${CLIENT_ID}" \
-  #   --data-urlencode "grant_type=urn:ietf:params:oauth:grant-type:uma-ticket" \
-  #   -d "permission=e294304c-796e-4c56-bdf2-8c854f65db59" \
-  #   -d "subject_token=${token}" \
-  #   | jq .
-  else
-    echo "Failed auth result: $result"
+  for resource_id in $resource_ids ; do
+    basic_auth=$(echo -n "${CLIENT_ID}:${CLIENT_SECRET}" | base64 -w0)
+    curl -s -X POST "$KEYCLOAK_URL" "$INSECURE" \
+      -H "Content-Type: application/x-www-form-urlencoded" \
+      -H "Authorization: Basic $basic_auth" \
+      -d "audience=${CLIENT_ID}" \
+      --data-urlencode "grant_type=urn:ietf:params:oauth:grant-type:uma-ticket" \
+      -d "permission=${resource_id}" \
+      -d "subject_token=${token}" \
+      | jq .
+  done
+else
+  echo "Failed auth result: $result"
 fi