From 33b52733698aa3016f70b68d73a296aa4f09eedf Mon Sep 17 00:00:00 2001
From: alma <alma@governance-labs.org>
Date: Wed, 21 Jan 2026 19:43:20 +0100
Subject: [PATCH] missions finition

---
 .../[groupId]/members/[userId]/route.ts       | 76 +++++++++++++++++++
 1 file changed, 76 insertions(+)
 create mode 100644 app/api/groups/[groupId]/members/[userId]/route.ts

diff --git a/app/api/groups/[groupId]/members/[userId]/route.ts b/app/api/groups/[groupId]/members/[userId]/route.ts
new file mode 100644
index 0000000..68bf86e
--- /dev/null
+++ b/app/api/groups/[groupId]/members/[userId]/route.ts
@@ -0,0 +1,76 @@
+import { getServerSession } from "next-auth/next";
+import { authOptions } from "@/app/api/auth/options";
+import { NextResponse } from "next/server";
+
+export async function DELETE(
+  req: Request, 
+  props: { params: Promise<{ groupId: string; userId: string }> }
+) {
+  const params = await props.params;
+  const session = await getServerSession(authOptions);
+
+  if (!session) {
+    return NextResponse.json({ error: "Non autorisé" }, { status: 401 });
+  }
+
+  try {
+    const { groupId, userId } = await params;
+
+    // Get client credentials token
+    const tokenResponse = await fetch(
+      `${process.env.KEYCLOAK_BASE_URL}/realms/${process.env.KEYCLOAK_REALM}/protocol/openid-connect/token`,
+      {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/x-www-form-urlencoded',
+        },
+        body: new URLSearchParams({
+          grant_type: 'client_credentials',
+          client_id: process.env.KEYCLOAK_CLIENT_ID!,
+          client_secret: process.env.KEYCLOAK_CLIENT_SECRET!,
+        }),
+      }
+    );
+
+    const tokenData = await tokenResponse.json();
+
+    if (!tokenResponse.ok) {
+      console.error("Failed to get token:", tokenData);
+      return NextResponse.json({ error: "Failed to get token" }, { status: 500 });
+    }
+
+    // Remove user from group
+    const removeResponse = await fetch(
+      `${process.env.KEYCLOAK_BASE_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/users/${userId}/groups/${groupId}`,
+      {
+        method: 'DELETE',
+        headers: {
+          'Authorization': `Bearer ${tokenData.access_token}`,
+        },
+      }
+    );
+
+    if (!removeResponse.ok) {
+      const errorData = await removeResponse.text();
+      console.error("Failed to remove user from group:", {
+        status: removeResponse.status,
+        statusText: removeResponse.statusText,
+        error: errorData,
+        userId,
+        groupId,
+      });
+      return NextResponse.json(
+        { error: "Failed to remove user from group" }, 
+        { status: removeResponse.status }
+      );
+    }
+
+    return NextResponse.json({ success: true });
+  } catch (error) {
+    console.error("Error in remove user from group:", error);
+    return NextResponse.json(
+      { error: "Internal server error" }, 
+      { status: 500 }
+    );
+  }
+}