justinc1 · September 20, 2022 08:07
diff --git a/keycloak-curl.sh b/keycloak-curl.sh
 #!/bin/bash
 # based on https://github.com/akoserwal/keycloak-integrations/blob/master/curl-post-request/keycloak-curl.sh

 # Usage:
 # Start test server (IP 172.17.0.2)
 # docker run -it -p 8080:80 -p 8433:443 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin quay.io/keycloak/keycloak:15.0.2 -b 0.0.0.0
 # Get token
 # PASSWORD=admin ./keycloak-curl.sh https://172.17.0.2:8443 master admin admin-cli 0
 # List realms
 # curl -H "Authorization: Bearer $(PASSWORD=admin ./keycloak-curl.sh https://172.17.0.2:8443 master admin admin-cli 0)" -k https://172.17.0.2:8443/auth/admin/realms/ | jq
 # partial-export realm
 # curl -H "Authorization: Bearer $(PASSWORD=admin ./keycloak-curl.sh https://172.17.0.2:8443 master admin admin-cli 0)" -k -X POST 'https://172.17.0.2:8443/auth/admin/realms/myrealm/partial-export?exportClients=1&exportGroupsAndRoles=1' > myrealm-partial-export.json
 # partial-import realm
 # curl -H "Authorization: Bearer $(PASSWORD=admin ./keycloak-curl.sh https://172.17.0.2:8443 master admin admin-cli 0)" -k -X POST https://172.17.0.2:8443/auth/admin/realms -H "Content-Type: application/json" --data @myrealm-partial-export.json

 if [ $# -ne 5 ]; then
  echo 1>&2 "Usage: . $0 hostname realm username clientid"
  echo 1>&2 "  options:"
  echo 1>&2 "    hostname: localhost:8081"
  echo 1>&2 "    realm:keycloak-demo"
  echo 1>&2 "    clientid:demo"
  echo 1>&2 "    For verify ssl: use 'y' (otherwise it will send curl post with --insecure)"
  
  return
 fi

 BASE_URL=$1
 REALM_NAME=$2
 USERNAME=$3
 CLIENT_ID=$4
 SECURE=$5



 KEYCLOAK_URL=$BASE_URL/auth/realms/$REALM_NAME/protocol/openid-connect/token



 echo 1>&2 "Using Keycloak: $KEYCLOAK_URL"
 echo 1>&2 "realm: $REALM_NAME"
 echo 1>&2 "client-id: $CLIENT_ID"
 echo 1>&2 "username: $USERNAME"
 echo 1>&2 "secure: $SECURE"


 if [[ $SECURE = 'y' ]]; then
 	INSECURE=
 else 
 	INSECURE=--insecure
 fi


 # echo -n Password: 
 # read -s PASSWORD
 if [[ -z $PASSWORD ]]; then
  echo 1>&2 password not in environ
  exit 1
 fi

 token_data=$(curl -X POST "$KEYCLOAK_URL" "$INSECURE" \
 -H "Content-Type: application/x-www-form-urlencoded" \
 -d "username=$USERNAME" \
 -d "password=$PASSWORD" \
 -d 'grant_type=password' \
 -d "client_id=$CLIENT_ID")
 # echo token_data=$token_data
 export TOKEN=$(echo $token_data | python -c 'import json, sys; d=json.loads(sys.stdin.read()); print(d["access_token"]);')
 # -d "client_id=$CLIENT_ID" | jq -r '.access_token')
 echo $TOKEN

 if [[ $(echo $TOKEN) != 'null' ]]; then
 	export KEYCLOAK_TOKEN=$TOKEN
 fi
	#!/bin/bash
	# based on https://github.com/akoserwal/keycloak-integrations/blob/master/curl-post-request/keycloak-curl.sh

	# Usage:
	# Start test server (IP 172.17.0.2)
	# docker run -it -p 8080:80 -p 8433:443 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin quay.io/keycloak/keycloak:15.0.2 -b 0.0.0.0
	# Get token
	# PASSWORD=admin ./keycloak-curl.sh https://172.17.0.2:8443 master admin admin-cli 0
	# List realms
	# curl -H "Authorization: Bearer $(PASSWORD=admin ./keycloak-curl.sh https://172.17.0.2:8443 master admin admin-cli 0)" -k https://172.17.0.2:8443/auth/admin/realms/ \| jq
	# partial-export realm
	# curl -H "Authorization: Bearer $(PASSWORD=admin ./keycloak-curl.sh https://172.17.0.2:8443 master admin admin-cli 0)" -k -X POST 'https://172.17.0.2:8443/auth/admin/realms/myrealm/partial-export?exportClients=1&exportGroupsAndRoles=1' > myrealm-partial-export.json
	# partial-import realm
	# curl -H "Authorization: Bearer $(PASSWORD=admin ./keycloak-curl.sh https://172.17.0.2:8443 master admin admin-cli 0)" -k -X POST https://172.17.0.2:8443/auth/admin/realms -H "Content-Type: application/json" --data @myrealm-partial-export.json

	if [ $# -ne 5 ]; then
	echo 1>&2 "Usage: . $0 hostname realm username clientid"
	echo 1>&2 " options:"
	echo 1>&2 " hostname: localhost:8081"
	echo 1>&2 " realm:keycloak-demo"
	echo 1>&2 " clientid:demo"
	echo 1>&2 " For verify ssl: use 'y' (otherwise it will send curl post with --insecure)"

	return
	fi

	BASE_URL=$1
	REALM_NAME=$2
	USERNAME=$3
	CLIENT_ID=$4
	SECURE=$5



	KEYCLOAK_URL=$BASE_URL/auth/realms/$REALM_NAME/protocol/openid-connect/token



	echo 1>&2 "Using Keycloak: $KEYCLOAK_URL"
	echo 1>&2 "realm: $REALM_NAME"
	echo 1>&2 "client-id: $CLIENT_ID"
	echo 1>&2 "username: $USERNAME"
	echo 1>&2 "secure: $SECURE"


	if [[ $SECURE = 'y' ]]; then
	INSECURE=
	else
	INSECURE=--insecure
	fi


	# echo -n Password:
	# read -s PASSWORD
	if [[ -z $PASSWORD ]]; then
	echo 1>&2 password not in environ
	exit 1
	fi

	token_data=$(curl -X POST "$KEYCLOAK_URL" "$INSECURE" \
	-H "Content-Type: application/x-www-form-urlencoded" \
	-d "username=$USERNAME" \
	-d "password=$PASSWORD" \
	-d 'grant_type=password' \
	-d "client_id=$CLIENT_ID")
	# echo token_data=$token_data
	export TOKEN=$(echo $token_data \| python -c 'import json, sys; d=json.loads(sys.stdin.read()); print(d["access_token"]);')
	# -d "client_id=$CLIENT_ID" \| jq -r '.access_token')
	echo $TOKEN

	if [[ $(echo $TOKEN) != 'null' ]]; then
	export KEYCLOAK_TOKEN=$TOKEN
	fi