From 0edae2f5938d89c08420717aa56a0407fda69f3e Mon Sep 17 00:00:00 2001
From: root <josepmaria@isardvdi.com>
Date: Wed, 9 Jun 2021 13:55:23 +0200
Subject: [PATCH 1/3] Avatars endpoint

---
 docker/api/default.conf           | 12 ++++++------
 docker/api/src/api/lib/avatars.py | 28 ++++++++++++++++++++--------
 2 files changed, 26 insertions(+), 14 deletions(-)

diff --git a/docker/api/default.conf b/docker/api/default.conf
index c16124f..70825a7 100644
--- a/docker/api/default.conf
+++ b/docker/api/default.conf
@@ -13,12 +13,12 @@ server {
 
     add_header  Access-Control-Allow-Origin *;
 
-    # location /header/json {
-    #     proxy_pass http://127.0.0.1:7039/header/json;
-    #     expires max;
-    #     log_not_found off;
-    #     access_log off;
-    # }
+    location /avatar {
+        proxy_pass http://127.0.0.1:7039/avatar;
+        expires max;
+        log_not_found off;
+        access_log off;
+    }
 
     location /json {
         alias /api/api/static/templates/header.json;
diff --git a/docker/api/src/api/lib/avatars.py b/docker/api/src/api/lib/avatars.py
index 6b694b8..1ba9f96 100644
--- a/docker/api/src/api/lib/avatars.py
+++ b/docker/api/src/api/lib/avatars.py
@@ -9,21 +9,33 @@ import logging
 import traceback
 import yaml, json
 
-from jinja2 import Environment, FileSystemLoader
-
+import os
 from keycloak import KeycloakAdmin
 
 
 
 class Avatars():
-    def __init__(self):
-        self.keycloak_admin = KeycloakAdmin(server_url="http://isard-sso-keycloak:8080/auth/",
-                                    username='admin',
-                                    password='keycloakkeycloak',
-                                    realm_name="master",
-                                    verify=True)
+    def __init__(self,
+                url="http://isard-sso-keycloak:8080/auth/",
+                username=os.environ['KEYCLOAK_USER'],
+                password=os.environ['KEYCLOAK_PASSWORD'],
+                realm='master',
+                verify=True):
+        self.url=url
+        self.username=username
+        self.password=password
+        self.realm=realm
+        self.verify=verify
+
+    def connect(self):
+        self.keycloak_admin = KeycloakAdmin(server_url=self.url,
+                                    username=self.username,
+                                    password=self.password,
+                                    realm_name=self.realm,
+                                    verify=self.verify)
 
     def get_user_avatar(self,username):
+        self.connect()
         return self.keycloak_admin.get_user_id(username)
 
 

From daade6e1bafef4413c4a869b4e11f0b22a012ae3 Mon Sep 17 00:00:00 2001
From: root <josepmaria@isardvdi.com>
Date: Thu, 10 Jun 2021 12:08:32 +0200
Subject: [PATCH 2/3] Added script to get clients json from keycloak

---
 init/keycloak/keycloak.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/init/keycloak/keycloak.sh b/init/keycloak/keycloak.sh
index bce2a6f..29a31a5 100644
--- a/init/keycloak/keycloak.sh
+++ b/init/keycloak/keycloak.sh
@@ -18,3 +18,8 @@
 
 
 # get-roles --cclientid test-client --rolename operations
+
+docker exec -ti isard-sso-keycloak sh -c " 
+/opt/jboss/keycloak/bin/kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin --password keycloakkeycloak \
+&& /opt/jboss/keycloak/bin/kcadm.sh get clients/bef873f0-2079-4876-8657-067de27d01b7 -r master"""
+

From bef5844acba8df37da406b44a697e8ff0656d298 Mon Sep 17 00:00:00 2001
From: root <josepmaria@isardvdi.com>
Date: Thu, 10 Jun 2021 23:29:44 +0200
Subject: [PATCH 3/3] The default users should not have a temporary password by
 now

---
 admin/src/admin/lib/admin.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/admin/src/admin/lib/admin.py b/admin/src/admin/lib/admin.py
index 94169bc..d98114e 100644
--- a/admin/src/admin/lib/admin.py
+++ b/admin/src/admin/lib/admin.py
@@ -184,7 +184,7 @@ class Admin():
         try:
             log.warning('KEYCLOAK: Adding user ddadmin and adding to group and role admin')
             ## Assign group admin to this dduser for nextcloud
-            uid=self.keycloak.add_user(dduser,'DD','Admin',ddmail,ddpassword,group='admin')
+            uid=self.keycloak.add_user(dduser,'DD','Admin',ddmail,ddpassword,group='admin',temporary=False)
             ## Assign role admin to this user for keycloak, moodle and wordpress
             self.keycloak.assign_realm_roles(uid,'admin')
             log.warning('KEYCLOAK: OK')
@@ -194,11 +194,11 @@ class Admin():
 
         try:
             log.warning('KEYCLOAK: Adding default users system_teacher, system_manager and system_student users')
-            uid=self.keycloak.add_user('system_manager','Manager','System','fakemanager@fake.com','m@n@g3r',group='manager')
+            uid=self.keycloak.add_user('system_manager','Manager','System','fakemanager@fake.com','m@n@g3r',group='manager',temporary=False)
             self.keycloak.assign_realm_roles(uid,'manager')
-            uid=self.keycloak.add_user('system_teacher','Teacher','System','faketeacher@fake.com','t3@ch3r',group='teacher')
+            uid=self.keycloak.add_user('system_teacher','Teacher','System','faketeacher@fake.com','t3@ch3r',group='teacher',temporary=False)
             self.keycloak.assign_realm_roles(uid,'teacher')
-            uid=self.keycloak.add_user('system_student','Student','System','fakestudent@fake.com','stud3nt',group='student')
+            uid=self.keycloak.add_user('system_student','Student','System','fakestudent@fake.com','stud3nt',group='student',temporary=False)
             self.keycloak.assign_realm_roles(uid,'student')
             log.warning('KEYCLOAK: OK')
         except: