81 lines
2.3 KiB
TypeScript
81 lines
2.3 KiB
TypeScript
import { getServerSession } from "next-auth/next";
|
|
import { authOptions } from "@/app/api/auth/[...nextauth]/route";
|
|
import { NextResponse } from "next/server";
|
|
|
|
async function getAdminToken() {
|
|
try {
|
|
const tokenResponse = await fetch(
|
|
`${process.env.KEYCLOAK_BASE_URL}/realms/${process.env.KEYCLOAK_REALM}/protocol/openid-connect/token`,
|
|
{
|
|
method: 'POST',
|
|
headers: {
|
|
'Content-Type': 'application/x-www-form-urlencoded',
|
|
},
|
|
body: new URLSearchParams({
|
|
grant_type: 'client_credentials',
|
|
client_id: process.env.KEYCLOAK_CLIENT_ID!,
|
|
client_secret: process.env.KEYCLOAK_CLIENT_SECRET!,
|
|
}),
|
|
}
|
|
);
|
|
|
|
const data = await tokenResponse.json();
|
|
|
|
if (!tokenResponse.ok || !data.access_token) {
|
|
console.error('Token Error:', data);
|
|
return null;
|
|
}
|
|
|
|
return data.access_token;
|
|
} catch (error) {
|
|
console.error('Token Error:', error);
|
|
return null;
|
|
}
|
|
}
|
|
|
|
export async function GET() {
|
|
const session = await getServerSession(authOptions);
|
|
|
|
if (!session) {
|
|
return NextResponse.json({ error: "Non autorisé" }, { status: 401 });
|
|
}
|
|
|
|
try {
|
|
const token = await getAdminToken();
|
|
if (!token) {
|
|
return NextResponse.json({ error: "Erreur d'authentification" }, { status: 401 });
|
|
}
|
|
|
|
const response = await fetch(
|
|
`${process.env.KEYCLOAK_BASE_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/roles`,
|
|
{
|
|
headers: {
|
|
Authorization: `Bearer ${token}`,
|
|
},
|
|
}
|
|
);
|
|
|
|
if (!response.ok) {
|
|
const errorData = await response.json();
|
|
console.error("Failed to fetch roles:", errorData);
|
|
return NextResponse.json({ error: "Erreur lors de la récupération des rôles" }, { status: response.status });
|
|
}
|
|
|
|
const roles = await response.json();
|
|
|
|
// Filter out only Keycloak system roles
|
|
const filteredRoles = roles.filter((role: any) =>
|
|
!role.name.startsWith('default-roles-') &&
|
|
!['offline_access', 'uma_authorization'].includes(role.name)
|
|
);
|
|
|
|
console.log("Available roles:", filteredRoles);
|
|
return NextResponse.json(filteredRoles);
|
|
} catch (error) {
|
|
console.error("Error fetching roles:", error);
|
|
return NextResponse.json(
|
|
{ error: "Une erreur est survenue" },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|