diff --git a/bin/get_token b/bin/get_token index 11e8bbf9..b5e76820 100755 --- a/bin/get_token +++ b/bin/get_token @@ -28,13 +28,16 @@ if [[ -z "${BACKEND_BASE_URL:-}" ]]; then # BACKEND_BASE_URL=http://localhost:7000 BACKEND_BASE_URL=https://api.dev.spiffworkflow.org fi -REALM_NAME=spiffworkflow +if [[ -z "${BACKEND_CLIENT_ID:-}" ]]; then + export BACKEND_CLIENT_ID=spiffworkflow-backend +fi +if [[ -z "${BACKEND_CLIENT_SECRET:-}" ]]; then + export BACKEND_CLIENT_SECRET="JXeQExm0JhQPLumgHtIIqf52bDalHz0q" # noqa: S105 +fi USERNAME=${1-fin} PASSWORD=${2-fin} +REALM_NAME=${3-spiffworkflow} -FRONTEND_CLIENT_ID=spiffworkflow-frontend -BACKEND_CLIENT_ID=spiffworkflow-backend -BACKEND_CLIENT_SECRET="JXeQExm0JhQPLumgHtIIqf52bDalHz0q" # noqa: S105 SECURE=false BACKEND_BASIC_AUTH=$(echo -n "${BACKEND_CLIENT_ID}:${BACKEND_CLIENT_SECRET}" | base64) @@ -42,7 +45,7 @@ KEYCLOAK_URL=$KEYCLOAK_BASE_URL/realms/$REALM_NAME/protocol/openid-connect/token >&2 echo "Using Keycloak: $KEYCLOAK_URL" >&2 echo "realm: $REALM_NAME" ->&2 echo "client-id: $FRONTEND_CLIENT_ID" +>&2 echo "client-id: $BACKEND_CLIENT_ID" >&2 echo "username: $USERNAME" >&2 echo "password: $PASSWORD" >&2 echo "secure: $SECURE" diff --git a/bin/login_with_users b/bin/login_with_users index 1bb95409..3d73e036 100755 --- a/bin/login_with_users +++ b/bin/login_with_users @@ -23,11 +23,18 @@ if [[ -z "${1:-}" ]]; then >&2 echo "usage: $(basename "$0") [user_list]" exit 1 fi +REALM_NAME=${2-spiffworkflow} while read -r input_line; do if ! grep -qE '(^#|email)' <<<"$input_line" ; then username=$(awk -F '@' '{print $1}' <<<"$input_line") - access_token=$("${script_dir}/get_token" "$username" "$username") - curl -v -X POST "${BACKEND_BASE_URL}/v1.0/login_with_access_token?access_token=${access_token}" -H "Authorization: Bearer $access_token" + access_token=$("${script_dir}/get_token" "$username" "$username" "$REALM_NAME") + if [[ -z "$access_token" || "$access_token" == "null" ]]; then + >&2 echo "ERROR: failed to get access token for '$username'" + else + + echo "access_token: ${access_token}" + curl -v -X POST "${BACKEND_BASE_URL}/v1.0/login_with_access_token?access_token=${access_token}" -H "Authorization: Bearer $access_token" + fi fi done <"$user_list" diff --git a/keycloak/test_user_lists/status b/keycloak/test_user_lists/status index 555d9306..4da1297f 100644 --- a/keycloak/test_user_lists/status +++ b/keycloak/test_user_lists/status @@ -1,5 +1,5 @@ email,spiffworkflow-employeeid -admin@spiffworkflow.org +# admin@spiffworkflow.org amir@status.im app.program.lead@status.im,121 core@status.im,113