import { getServerSession } from "next-auth/next"; import { authOptions } from "../../auth/[...nextauth]/route"; import { NextResponse } from "next/server"; async function getAdminToken() { const tokenResponse = await fetch( `${process.env.KEYCLOAK_BASE_URL}/realms/${process.env.KEYCLOAK_REALM}/protocol/openid-connect/token`, { method: 'POST', headers: { 'Content-Type': 'application/x-www-form-urlencoded', }, body: new URLSearchParams({ grant_type: 'client_credentials', client_id: process.env.KEYCLOAK_CLIENT_ID!, client_secret: process.env.KEYCLOAK_CLIENT_SECRET!, }), } ); const data = await tokenResponse.json(); if (!tokenResponse.ok) { throw new Error(data.error_description || 'Failed to get admin token'); } return data.access_token; } export async function GET( req: Request, { params }: { params: { groupId: string } } ) { try { const session = await getServerSession(authOptions); if (!session) { return NextResponse.json({ error: "Non autorisé" }, { status: 401 }); } const token = await getAdminToken(); const response = await fetch( `${process.env.KEYCLOAK_BASE_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/groups/${params.groupId}`, { headers: { Authorization: `Bearer ${token}`, }, } ); if (!response.ok) { throw new Error('Failed to fetch group'); } const data = await response.json(); return NextResponse.json(data); } catch (error) { console.error('Get Group Error:', error); return NextResponse.json( { error: "Erreur lors de la récupération du groupe" }, { status: 500 } ); } } export async function PUT( req: Request, { params }: { params: { groupId: string } } ) { try { const session = await getServerSession(authOptions); if (!session) { return NextResponse.json({ error: "Non autorisé" }, { status: 401 }); } const token = await getAdminToken(); const body = await req.json(); const response = await fetch( `${process.env.KEYCLOAK_BASE_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/groups/${params.groupId}`, { method: "PUT", headers: { Authorization: `Bearer ${token}`, 'Content-Type': 'application/json', }, body: JSON.stringify(body), } ); if (!response.ok) { throw new Error('Failed to update group'); } return NextResponse.json({ success: true }); } catch (error) { console.error('Update Group Error:', error); return NextResponse.json( { error: "Erreur lors de la mise à jour du groupe" }, { status: 500 } ); } } export async function PATCH( req: Request, { params }: { params: { groupId: string } } ) { try { const session = await getServerSession(authOptions); if (!session) { return NextResponse.json({ error: "Non autorisé" }, { status: 401 }); } const token = await getAdminToken(); const body = await req.json(); const response = await fetch( `${process.env.KEYCLOAK_BASE_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/groups/${params.groupId}`, { method: "PUT", // Keycloak doesn't support PATCH, so we use PUT headers: { Authorization: `Bearer ${token}`, 'Content-Type': 'application/json', }, body: JSON.stringify(body), } ); if (!response.ok) { throw new Error('Failed to update group'); } return NextResponse.json({ success: true }); } catch (error) { console.error('Update Group Error:', error); return NextResponse.json( { error: "Erreur lors de la mise à jour du groupe" }, { status: 500 } ); } } export async function DELETE( req: Request, { params }: { params: { groupId: string } } ) { try { const session = await getServerSession(authOptions); if (!session) { return NextResponse.json({ error: "Non autorisé" }, { status: 401 }); } const token = await getAdminToken(); const response = await fetch( `${process.env.KEYCLOAK_BASE_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/groups/${params.groupId}`, { method: "DELETE", headers: { Authorization: `Bearer ${token}`, }, } ); if (!response.ok) { throw new Error('Failed to delete group'); } return NextResponse.json({ success: true }); } catch (error) { console.error('Delete Group Error:', error); return NextResponse.json( { error: "Erreur lors de la suppression du groupe" }, { status: 500 } ); } }