sortifal/SOA
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

base: sortifal:main
Branches Tags
sortifal:main
sortifal:public
..
compare: sortifal:public
Branches Tags
sortifal:main
sortifal:public

No commits in common. "main" and "public" have entirely different histories.
main ... public

123 changed files with 36 additions and 2254 deletions
Show Stats Expand all files Collapse all files

259
README.md
View File

@ -1,261 +1,4 @@
# 🧩 SOA Service-Oriented Architecture Project # SOA
## 🏗️ Architecture Overview
This project implements a **Service-Oriented Architecture (SOA)** for an art gallery management system using Docker containerization and microservices architecture.
### System Components
```
🌐 HTTPS (Port 443)
┌──────────────────────────▼──────────────────────────────┐
│ Apache Reverse Proxy │
│ (SSL Termination + OIDC Validation) │
│ │
│ /api/public/* ──────┐ ┌────── /api/private/* │
│ (No Auth) │ │ (OIDC Required) │
└───────────────────────┼──────┼──────────────────────────┘
│ │ |
│ │ (+ OIDC Headers) |
│ │ |
┌─────────────▼──┐ ┌─▼──────────────┐ |
│ │ │ │ |
│ Public API │ │ Private API │ |
│ (Laravel) │ │ (Flask) │ |
│ Port 5001 │ │ Port 5002 │ |
└─────────┬──────┘ └─┬──────────────┘ |
│ │ |
┌─────────▼──────────▼─────────┐ ┌───────▼──────┐
│ MySQL │ │ Keycloak │
│ (Application DB) │ │ + Postgres │
└──────────────────────────────┘ └──────────────┘
┌─────────────────▼─────────────────┐
│ Redis │
│ (Cache + Events) │
└───────────────────────────────────┘
```
### Technology Stack
| Component | Technology | Purpose |
|-----------|------------|---------|
| **Reverse Proxy** | Apache HTTP Server | SSL termination, request routing |
| **Authentication** | Keycloak | OIDC/OAuth2 identity provider |
| **Public API** | Laravel 12 (PHP) | Public galleries and artworks API |
| **Private API** | Flask (Python) | User management and private content |
| **Databases** | PostgreSQL + MySQL | Data persistence |
| **Cache/Queue** | Redis | Caching and event messaging | // NOT IMPLEMENTED YET
### Service Architecture
#### 🔓 **Public API Service** (Laravel)
- **Port**: Internal 5001 (via Apache)
- **Database**: MySQL
- **Purpose**: Public access to galleries and artworks
- **Features**:
- RESTful API for public galleries
- Artist directory
- Public artwork browsing
- Pagination and filtering
#### 🔒 **Private API Service** (Flask)
- **Port**: Internal 5002 (via Apache)
- **Database**: MySQL
- **Authentication**: OIDC via Apache mod_auth_openidc
- **Purpose**: Authenticated user operations
- **Features**:
- User profile management
- Gallery creation and management
- Artwork upload and editing
- Review system for galleries/artworks
- Invitation system for gallery members
#### 🔐 **Authentication Service** (Keycloak)
- **Port**: 8080
- **Database**: PostgreSQL
- **Purpose**: Centralized identity and access management
- **Features**:
- OIDC/OAuth2 provider
- User registration and login
- Token-based authentication
- Single Sign-On (SSO)
### Request Flow
All requests enter through **Apache on port 443** (HTTPS) and are processed as follows:
1. **SSL Termination**: Apache handles SSL/TLS encryption
2. **Request Routing**: Based on URL path:
- `/api/public/*` → Routes to **Public API** (Laravel on port 5001)
- `/api/private/*` → Routes to **Private API** (Flask on port 5002)
3. **OIDC Authentication Check**:
- **Public API**: No authentication required
- **Private API**: Apache mod_auth_openidc validates OIDC tokens with Keycloak
4. **Header Injection**: Apache injects user info headers (OIDC_email, OIDC_user) for authenticated requests
5. **API Processing**: Backend services handle business logic
6. **Data Persistence**: MySQL stores application data
7. **Event Publishing**: Redis handles inter-service communication
### Security Model
- **SSL/TLS**: All external communication encrypted
- **OIDC Authentication**: Industry standard OAuth2/OIDC flow
- **Token-based Authorization**: JWT tokens for API access
- **Network Isolation**: Services communicate via internal network
- **Database Security**: Separate databases for auth and application data
## 🚀 Quick Start
1. **Start the application stack:**
```bash
docker compose up -d --build
```
2. **Initialize Keycloak configuration:**
```bash
./keycloak-setup.sh
```
3. **Seed Database:**
```bash
./seed-database.sh
```
4. **Update your `/etc/hosts` file:**
```
127.0.0.1 api.local auth.local
```
---
## 🔐 Credentials
### Keycloak Admin Panel
* 📍 URL: [http://auth.local:8080](http://auth.local:8080)
* 👤 **Username:** `admin`
* 🔑 **Password:** `admin`
### Private API User
* 👤 **Username:** `alexis`
* 🔑 **Password:** `password`
### Getting Bearer Token for API Testing
To test the private API with Bearer token authentication, get an access token from:
**Endpoint:** `http://auth.local:8080/realms/master/protocol/openid-connect/token`
**Method:** POST
**Content-Type:** `application/x-www-form-urlencoded`
**Required fields:**
- `grant_type`: `password`
- `client_id`: `soa`
- `client_secret`: `mysecret`
- `username`: `alexis`
- `password`: `password`
**Example curl command:**
```bash
curl -X POST http://auth.local:8080/realms/master/protocol/openid-connect/token \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=password" \
-d "client_id=soa" \
-d "client_secret=mysecret" \
-d "username=alexis" \
-d "password=password"
```
Use the returned `access_token` in the Authorization header:
```bash
curl -H "Authorization: Bearer <access_token>" https://api.local/api/private/me
```
---
## 🗂️ Public API Endpoints Overview
All routes are prefixed with `/api/public`.
| Method | Endpoint | Description |
| ------ | ------------------------------- | ---------------------------------- |
| GET | `/artists` | List all public artists |
| GET | `/galleries` | List all public galleries |
| GET | `/galleries/{gallery}/artworks` | List artworks for a public gallery |
---
## 🗂️ Private API Endpoints Overview
All routes are prefixed with `/api/private` and require a **Bearer token**.
### 👤 User
| Method | Endpoint | Description |
| ------ | -------- | ----------------------------- |
| GET | `/me` | Get current user's profile |
| PUT | `/me` | Update current user's profile |
### 🖼️ Galleries
| Method | Endpoint | Description |
| ------ | ----------------------- | --------------------------------- |
| GET | `/galleries` | List all accessible galleries |
| GET | `/galleries/mine` | List galleries owned by the user |
| POST | `/gallery` | Create a new gallery |
| GET | `/gallery/{gallery_id}` | Get details of a specific gallery |
| PUT | `/gallery/{gallery_id}` | Update a gallery (owner only) |
### 👥 Members
| Method | Endpoint | Description |
| ------ | ------------------------------- | ------------------------- |
| GET | `/gallery/{gallery_id}/members` | List members of a gallery |
### 📩 Invitations
| Method | Endpoint | Description |
| ------ | ----------------------------------- | --------------------------- |
| POST | `/gallery/{gallery_id}/invite` | Invite user to a gallery |
| PUT | `/invitations/{gallery_id}/respond` | Accept or reject invitation |
| GET | `/invitations/received` | List received invitations |
### 🖼️ Artworks
| Method | Endpoint | Description |
| ------ | -------------------------------- | ----------------------------------- |
| GET | `/gallery/{gallery_id}/artworks` | List artworks in a gallery |
| POST | `/gallery/{gallery_id}/artwork` | Add artwork to gallery (owner only) |
| GET | `/artwork/{artwork_id}` | Get details of an artwork |
| PUT | `/artwork/{artwork_id}` | Update an artwork (creator only) |
| GET | `/artworks/mine` | List artworks created by the user |
### 📝 Gallery Reviews
| Method | Endpoint | Description |
| ------ | ------------------------------- | ------------------------------------- |
| GET | `/gallery/{gallery_id}/reviews` | List reviews for a gallery |
| POST | `/gallery/{gallery_id}/review` | Submit a review for a gallery |
| PUT | `/galleries/review/{review_id}` | Update a gallery review (author only) |
| GET | `/galleries/reviews/given` | Reviews written by the user |
| GET | `/galleries/reviews/received` | Reviews received on users galleries |
### 📝 Artwork Reviews
| Method | Endpoint | Description |
| ------ | ------------------------------- | -------------------------------------- |
| GET | `/artwork/{artwork_id}/reviews` | List reviews for an artwork |
| POST | `/artwork/{artwork_id}/review` | Submit a review for an artwork |
| PUT | `/artworks/review/{review_id}` | Update an artwork review (author only) |
| GET | `/artworks/reviews/given` | Reviews written by the user |
| GET | `/artworks/reviews/received` | Reviews received on users artworks |
---
# Public API: # Public API:

4
apache/Dockerfile
View File

@ -4,9 +4,7 @@ FROM httpd:2.4
RUN apt-get update && \ RUN apt-get update && \
apt-get install -y libapache2-mod-auth-openidc && \ apt-get install -y libapache2-mod-auth-openidc && \
apt-get clean && \ apt-get clean && \
rm -rf /var/lib/apt/lists/* && \ rm -rf /var/lib/apt/lists/*
# Create symlink for the module in the expected location
ln -sf /usr/lib/apache2/modules/mod_auth_openidc.so /usr/local/apache2/modules/mod_auth_openidc.so
# Copy your vhost config and certs # Copy your vhost config and certs
COPY conf/extra/httpd-vhosts.conf /usr/local/apache2/conf/extra/httpd-vhosts.conf COPY conf/extra/httpd-vhosts.conf /usr/local/apache2/conf/extra/httpd-vhosts.conf

28
apache/conf/extra/httpd-vhosts.conf
View File

@ -1,5 +1,5 @@
LoadModule ssl_module modules/mod_ssl.so LoadModule ssl_module modules/mod_ssl.so
LoadModule auth_openidc_module modules/mod_auth_openidc.so LoadModule auth_openidc_module /usr/lib/apache2/modules/mod_auth_openidc.so
LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule headers_module modules/mod_headers.so LoadModule headers_module modules/mod_headers.so
@ -50,13 +50,11 @@ Listen 443
ServerName api.local ServerName api.local
ErrorLog ${APACHE_LOG_DIR}/api_error.log ErrorLog ${APACHE_LOG_DIR}/api_error.log
CustomLog ${APACHE_LOG_DIR}/api_access.log combined CustomLog ${APACHE_LOG_DIR}/api_access.log combined
SSLEngine on SSLEngine on
SSLCertificateFile /usr/local/apache2/conf/server.crt SSLCertificateFile /usr/local/apache2/conf/server.crt
SSLCertificateKeyFile /usr/local/apache2/conf/server.key SSLCertificateKeyFile /usr/local/apache2/conf/server.key
# OIDC config - point to Keycloak via auth.local # OIDC config - point to Keycloak via auth.local
# Global OIDC configuration
OIDCProviderMetadataURL https://auth.local/realms/master/.well-known/openid-configuration OIDCProviderMetadataURL https://auth.local/realms/master/.well-known/openid-configuration
OIDCClientID soa OIDCClientID soa
OIDCRedirectURI https://api.local/api/private/redirect OIDCRedirectURI https://api.local/api/private/redirect
@ -69,28 +67,18 @@ Listen 443
OIDCScope "openid email profile" OIDCScope "openid email profile"
OIDCSessionInactivityTimeout 86400 OIDCSessionInactivityTimeout 86400
OIDCSSLValidateServer Off OIDCSSLValidateServer Off
# Configure OAuth2 Bearer token validation (commented out - not available in this version)
# OIDCOAuth2IntrospectionEndpoint https://auth.local/realms/master/protocol/openid-connect/token/introspect
# OIDCOAuth2IntrospectionEndpointAuth client_secret_basic
# OIDCOAuth2IntrospectionClientID soa
# OIDCOAuth2IntrospectionClientSecret mysecret
# Proxy public API (no auth) # Proxy public API (no auth)
ProxyPass /api/public http://public_api:5001/api/public ProxyPass /api/public http://public_api:5001/
ProxyPassReverse /api/public http://public_api:5001/api/public ProxyPassReverse /api/public http://public_api:5001/
# Proxy private API (supports both OIDC and Bearer tokens) # Proxy private API (OIDC protected)
ProxyPass /api/private http://private_api:5002/api/private ProxyPass /api/private http://private_api:5002/api/private
ProxyPassReverse /api/private http://private_api:5002/api/private ProxyPassReverse /api/private http://private_api:5002/api/private
<Location /api/private> <Location /api/private>
# Let Flask handle all authentication - pass through all requests AuthType openid-connect
# Apache will only inject OIDC headers if user is already authenticated via OIDC Require valid-user
AuthType auth-openidc RequestHeader set X-User-Email "%{HTTP_OIDC_EMAIL}i"
OIDCUnAuthAction pass RequestHeader set X-User-Name "%{HTTP_OIDC_PREFERRED_USERNAME}i"
Require all granted
# Don't modify the Authorization header - let it pass through naturally
</Location> </Location>
</VirtualHost> </VirtualHost>

2
bruno/SOA/Public/Artists.bru
View File

@ -5,7 +5,7 @@ meta {
} }
get { get {
url: {{URL}}/api/public/artists url: {{URL}}/api/artists
body: none body: none
auth: inherit auth: inherit
} }

4
bruno/SOA/Public/Galleries.bru
View File

@ -5,7 +5,7 @@ meta {
} }
get { get {
url: {{URL}}/api/public/galleries url: {{URL}}/api/galleries
body: json body: none
auth: inherit auth: inherit
} }

2
bruno/SOA/Public/Gallery Artwork.bru
View File

@ -5,7 +5,7 @@ meta {
} }
get { get {
url: {{URL}}/api/public/galleries/{{gallery_id}}/artworks url: {{URL}}/api/galleries/{{gallery_id}}/artworks
body: none body: none
auth: inherit auth: inherit
} }

4
bruno/SOA/environments/env.bru
View File

@ -1,6 +1,4 @@
vars { vars {
gallery_id: 6 gallery_id: 6
URL: https://api.local URL: http://localhost:8000
baseUrl: https://api.local/api/private
authUrl: http://auth.local:8080
} }

16
bruno/SOA/private/artwork-reviews/artwork-reviews.bru
View File

@ -1,16 +0,0 @@
meta {
name: Get Artwork Reviews
type: http
seq: 1
}
get {
url: {{baseUrl}}/artwork/1/reviews
body: none
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}

25
bruno/SOA/private/artwork-reviews/create-artwork-review.bru
View File

@ -1,25 +0,0 @@
meta {
name: Create Artwork Review
type: http
seq: 2
}
post {
url: {{baseUrl}}/artwork/1/review
body: json
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"grade": 5,
"description": "Absolutely stunning artwork! The colors and technique are magnificent.",
"parent_ar_id": null
}
}

16
bruno/SOA/private/artwork-reviews/given-artwork-reviews.bru
View File

@ -1,16 +0,0 @@
meta {
name: Get Given Artwork Reviews
type: http
seq: 4
}
get {
url: {{baseUrl}}/artworks/reviews/given
body: none
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}

16
bruno/SOA/private/artwork-reviews/received-artwork-reviews.bru
View File

@ -1,16 +0,0 @@
meta {
name: Get Received Artwork Reviews
type: http
seq: 5
}
get {
url: {{baseUrl}}/artworks/reviews/received
body: none
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}

24
bruno/SOA/private/artwork-reviews/update-artwork-review.bru
View File

@ -1,24 +0,0 @@
meta {
name: Update Artwork Review
type: http
seq: 3
}
put {
url: {{baseUrl}}/artworks/review/1
body: json
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"grade": 4,
"description": "Updated: Very beautiful artwork! Great technique and composition."
}
}

31
bruno/SOA/private/artworks/create-artwork.bru
View File

@ -1,31 +0,0 @@
meta {
name: Create Artwork
type: http
seq: 3
}
post {
url: {{baseUrl}}/gallery/1/artwork
body: json
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"title": "Sunset Over Mountains",
"description": "A beautiful landscape painting capturing the golden hour",
"image_url": "https://example.com/artwork1.jpg",
"medium": "Oil on Canvas",
"dimensions": "24x36 inches",
"creation_year": 2024,
"price": 1500.00,
"is_visible": true,
"is_for_sale": true
}
}

16
bruno/SOA/private/artworks/gallery-artworks.bru
View File

@ -1,16 +0,0 @@
meta {
name: Get Gallery Artworks
type: http
seq: 1
}
get {
url: {{baseUrl}}/gallery/1/artworks
body: none
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}

16
bruno/SOA/private/artworks/get-artwork.bru
View File

@ -1,16 +0,0 @@
meta {
name: Get Artwork Details
type: http
seq: 2
}
get {
url: {{baseUrl}}/artwork/1
body: none
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}

16
bruno/SOA/private/artworks/my-artworks.bru
View File

@ -1,16 +0,0 @@
meta {
name: Get My Artworks
type: http
seq: 5
}
get {
url: {{baseUrl}}/artworks/mine
body: none
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}

26
bruno/SOA/private/artworks/update-artwork.bru
View File

@ -1,26 +0,0 @@
meta {
name: Update Artwork
type: http
seq: 4
}
put {
url: {{baseUrl}}/artwork/1
body: json
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"title": "Updated Sunset Over Mountains",
"description": "An updated beautiful landscape painting",
"price": 1800.00,
"is_for_sale": false
}
}

14
bruno/SOA/private/auth/debug-headers.bru
View File

@ -1,14 +0,0 @@
meta {
name: Debug Headers
type: http
seq: 1
}
get {
url: {{baseUrl}}/debug-headers
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}

13
bruno/SOA/private/auth/redirect.bru
View File

@ -1,13 +0,0 @@
meta {
name: OIDC Redirect
type: http
seq: 2
}
get {
url: {{baseUrl}}/redirect
}
params:query {
code: authorization_code_here
}

19
bruno/SOA/private/environments/Token User.bru
View File

@ -1,19 +0,0 @@
meta {
name: Token User
type: http
seq: 2
}
post {
url: {{authUrl}}/realms/master/protocol/openid-connect/token
body: formUrlEncoded
auth: inherit
}
body:form-urlencoded {
grant_type: password
client_id: soa
client_secret: mysecret
username: alexis
password: password
}

11
bruno/SOA/private/environments/Token.bru
View File

@ -1,11 +0,0 @@
meta {
name: Token
type: http
seq: 1
}
get {
url: /realms/master/protocol/openid-connect/token
body: none
auth: inherit
}

15
bruno/SOA/private/environments/debug.bru
View File

@ -1,15 +0,0 @@
meta {
name: debug
type: http
seq: 3
}
get {
url: https://api.local/api/private/debug-headers
body: none
auth: bearer
}
auth:bearer {
token: eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJiVFNWa29jT2dpQm1kWm9TQzM1ZXdTWVZsaHllTGV5WmF4WWZSUjhFbkVzIn0.eyJleHAiOjE3NTEyMjEzODksImlhdCI6MTc1MTIyMTMyOSwianRpIjoiOWM2OTQwMzYtMmYyYi00OWQ0LThiZGYtNTliZWEzOGRkZWUzIiwiaXNzIjoiaHR0cHM6Ly9hdXRoLmxvY2FsL3JlYWxtcy9tYXN0ZXIiLCJhdWQiOiJhY2NvdW50Iiwic3ViIjoiNWFkMDA5ZDktMTkwOC00MTU3LThhM2MtYjhlMjNkNGRiOGZjIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoic29hIiwic2Vzc2lvbl9zdGF0ZSI6ImM0MDU1ODc2LWZiYzAtNGQzOS1iNDk3LWM2NDljNzllZTYwYiIsImFjciI6IjEiLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsiZGVmYXVsdC1yb2xlcy1tYXN0ZXIiLCJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJwcm9maWxlIGVtYWlsIiwic2lkIjoiYzQwNTU4NzYtZmJjMC00ZDM5LWI0OTctYzY0OWM3OWVlNjBiIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsInByZWZlcnJlZF91c2VybmFtZSI6ImFsZXhpcyJ9.KH61uqBCgbktgP0VdRYDH7Fa6_SDrZTMw1Lg7Hza_tufy7MmOoOQa-hLy08rsFGCfBXSrhh4RUI8xnxDMmjV1dyVfTPRWXsl4Pcs_YSSkQto1Nf2pjwimmeQ8MVha3tUQcjP4gbsvJhfBAxDs3Ol23Ne40b0bMcWiRrPRgffC31cJPBwqMNYmEnB0fuQhpEIGf53ZH3mLk_V6xTAGdFpTLZhnUHb3PMBtmdL8LfBkiS6LInjaUGY8Ayb1sm5YgV0x5mBOdtfi8FYPLRu1VnPhU9Is3zaxssVLJvpWI1b-Ww97unQetvJdU0WyhAVlI4araTjdlm2jTX1kzYCLKm9DA
}

5
bruno/SOA/private/environments/local.bru
View File

@ -1,5 +0,0 @@
vars {
baseUrl: https://api.local/api/private
email: alexis@example.com
username: alexis
}

15
bruno/SOA/private/environments/test_auth.bru
View File

@ -1,15 +0,0 @@
meta {
name: test_auth
type: http
seq: 4
}
get {
url: https://api.local/api/private/test-auth
body: none
auth: bearer
}
auth:bearer {
token: eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJiVFNWa29jT2dpQm1kWm9TQzM1ZXdTWVZsaHllTGV5WmF4WWZSUjhFbkVzIn0.eyJleHAiOjE3NTEyMjIxNTEsImlhdCI6MTc1MTIyMjA5MSwianRpIjoiMjhhN2ZmNzgtNjg0Ni00YWExLTgxNjYtZWUwM2E5YzUyYTliIiwiaXNzIjoiaHR0cHM6Ly9hdXRoLmxvY2FsL3JlYWxtcy9tYXN0ZXIiLCJhdWQiOiJhY2NvdW50Iiwic3ViIjoiNWFkMDA5ZDktMTkwOC00MTU3LThhM2MtYjhlMjNkNGRiOGZjIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoic29hIiwic2Vzc2lvbl9zdGF0ZSI6IjFmOTM5YjIwLTgxMTMtNDU0Zi1hYjkzLWQ3MmU4M2Q0N2MzOCIsImFjciI6IjEiLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsiZGVmYXVsdC1yb2xlcy1tYXN0ZXIiLCJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJwcm9maWxlIGVtYWlsIiwic2lkIjoiMWY5MzliMjAtODExMy00NTRmLWFiOTMtZDcyZTgzZDQ3YzM4IiwiZW1haWxfdmVyaWZpZWQiOnRydWUsInByZWZlcnJlZF91c2VybmFtZSI6ImFsZXhpcyJ9.GFKPO1ykfNh7km-yU8bQCKyAbZqjqJnT62AYGiOFHb5aQOvAoFwSNIsH0j0DRYyB46JjKvWBeOqNsSc8pZQBnIT980dCog-0vdTe8oeI8lO-TUyIWEHo8R1DF-FFJavp-05opBTxbDKMr__aQAMTsRhh-GxsaJsi3WACL9NyvRiouuTOVywOeigogZO4tRB08dc17mMa1fekYLtkqDfbrfJ9zrBf-BUxDsOkpzoXLqWwR5sdhp49-ICZTIfbkKqx2r3vZFxOMsSjphNn6cmVGv1ZTWKio_w6VHGuEKbvlVtN8D66LV9FNlDqHLAfvfPlQQlC265gHpLDrjd0xJ1U_g
}

12
bruno/SOA/private/folder.bru
View File

@ -1,12 +0,0 @@
meta {
name: private
seq: 1
}
auth {
mode: bearer
}
auth:bearer {
token: eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI3MWRQaTVMaVRxMzF1QXRXWFZueWFLYWQtNlktUE5PWC1mSENyd1cwdnRjIn0.eyJleHAiOjE3NTEyMjkwODUsImlhdCI6MTc1MTIyNTQ4NSwianRpIjoiNmQxZjBlOTgtZTA2NC00YWY1LTgyYzctOGQ1ZDU4MGFjZjM2IiwiaXNzIjoiaHR0cHM6Ly9hdXRoLmxvY2FsL3JlYWxtcy9tYXN0ZXIiLCJhdWQiOiJhY2NvdW50Iiwic3ViIjoiMjlkNjc5YjMtOWZjMS00NDFjLWIyYTEtNzA5ZDE5NWEyYjZmIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoic29hIiwic2Vzc2lvbl9zdGF0ZSI6ImZmNzJhN2Q1LTNmZGItNGQ0OC04Mjc4LTI5NDAxNzlmNWFiOSIsImFjciI6IjEiLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsiZGVmYXVsdC1yb2xlcy1tYXN0ZXIiLCJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJlbWFpbCBwcm9maWxlIiwic2lkIjoiZmY3MmE3ZDUtM2ZkYi00ZDQ4LTgyNzgtMjk0MDE3OWY1YWI5IiwiZW1haWxfdmVyaWZpZWQiOnRydWUsInByZWZlcnJlZF91c2VybmFtZSI6ImFsZXhpcyJ9.MrrORbBnN4z-UUhf-9pSDKlBy4sIHrXCPPbM4SKiwGx9qGTABNbaw-wstlLLoi8UsiwcZBfavjmaJO89ctXIn0zxb4rMKhKYSxnSw59lgpl6RK7oKAdvbq53imZgPvAlGO1twzJiIr3V5Eci6xudvdREvva2wMlYr3xpSdPGXjIb1IJ-O4bpxYiHhIVQ1x0YezppzqElII6K6S39Ht0kNxu0IA6KwydBRTLLJW6G0OTZ87upRhX2h6PN1IosCTsPs8_gA6uB8S88bYUg4aHxYE11SjYZxDMu-ttx59qIovzGAXv4YGzgQibK9PBZ5uupPQNKklNBObqqZX8NPm9MDA
}

26
bruno/SOA/private/galleries/create-gallery.bru
View File

@ -1,26 +0,0 @@
meta {
name: Create Gallery
type: http
seq: 3
}
post {
url: {{baseUrl}}/gallery
body: json
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"title": "Modern Art Collection",
"description": "A curated collection of contemporary artworks",
"is_public": true,
"publication_date": "2025-06-28T10:00:00Z"
}
}

16
bruno/SOA/private/galleries/gallery-members.bru
View File

@ -1,16 +0,0 @@
meta {
name: Get Gallery Members
type: http
seq: 6
}
get {
url: {{baseUrl}}/gallery/1/members
body: none
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}

16
bruno/SOA/private/galleries/get-gallery.bru
View File

@ -1,16 +0,0 @@
meta {
name: Get Gallery Details
type: http
seq: 2
}
get {
url: {{baseUrl}}/gallery/1
body: none
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}

16
bruno/SOA/private/galleries/list-galleries.bru
View File

@ -1,16 +0,0 @@
meta {
name: List All Galleries
type: http
seq: 1
}
get {
url: {{baseUrl}}/galleries
body: none
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}

16
bruno/SOA/private/galleries/my-galleries.bru
View File

@ -1,16 +0,0 @@
meta {
name: Get My Galleries
type: http
seq: 5
}
get {
url: {{baseUrl}}/galleries/mine
body: json
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}

25
bruno/SOA/private/galleries/update-gallery.bru
View File

@ -1,25 +0,0 @@
meta {
name: Update Gallery
type: http
seq: 4
}
put {
url: {{baseUrl}}/gallery/1
body: json
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"title": "Updated Modern Art Collection",
"description": "An updated curated collection of contemporary artworks",
"is_public": false
}
}

25
bruno/SOA/private/gallery-reviews/create-gallery-review.bru
View File

@ -1,25 +0,0 @@
meta {
name: Create Gallery Review
type: http
seq: 2
}
post {
url: {{baseUrl}}/gallery/1/review
body: json
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"grade": 5,
"description": "Excellent gallery with amazing artwork collection!",
"parent_gr_id": null
}
}

16
bruno/SOA/private/gallery-reviews/gallery-reviews.bru
View File

@ -1,16 +0,0 @@
meta {
name: Get Gallery Reviews
type: http
seq: 1
}
get {
url: {{baseUrl}}/gallery/1/reviews
body: none
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}

16
bruno/SOA/private/gallery-reviews/given-gallery-reviews.bru
View File

@ -1,16 +0,0 @@
meta {
name: Get Given Gallery Reviews
type: http
seq: 4
}
get {
url: {{baseUrl}}/galleries/reviews/given
body: json
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}

16
bruno/SOA/private/gallery-reviews/received-gallery-reviews.bru
View File

@ -1,16 +0,0 @@
meta {
name: Get Received Gallery Reviews
type: http
seq: 5
}
get {
url: {{baseUrl}}/galleries/reviews/received
body: none
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}

24
bruno/SOA/private/gallery-reviews/update-gallery-review.bru
View File

@ -1,24 +0,0 @@
meta {
name: Update Gallery Review
type: http
seq: 3
}
put {
url: {{baseUrl}}/galleries/review/1
body: json
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"grade": 4,
"description": "Updated: Very good gallery with great artwork collection!"
}
}

24
bruno/SOA/private/invitations/invite-user.bru
View File

@ -1,24 +0,0 @@
meta {
name: Invite User to Gallery
type: http
seq: 1
}
post {
url: {{baseUrl}}/gallery/1/invite
body: json
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"user_id": 2,
"role": "viewer"
}
}

16
bruno/SOA/private/invitations/received-invitations.bru
View File

@ -1,16 +0,0 @@
meta {
name: Get Received Invitations
type: http
seq: 3
}
get {
url: {{baseUrl}}/invitations/received
body: none
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}

23
bruno/SOA/private/invitations/respond-invitation.bru
View File

@ -1,23 +0,0 @@
meta {
name: Respond to Invitation
type: http
seq: 2
}
put {
url: {{baseUrl}}/invitations/1/respond
body: json
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"status": "accepted"
}
}

16
bruno/SOA/private/user/get-me.bru
View File

@ -1,16 +0,0 @@
meta {
name: Get My Profile
type: http
seq: 1
}
get {
url: {{baseUrl}}/me
body: none
auth: inherit
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}

25
bruno/SOA/private/user/update-me.bru
View File

@ -1,25 +0,0 @@
meta {
name: Update My Profile
type: http
seq: 2
}
put {
url: {{baseUrl}}/me
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"alias": "Alexis Updated",
"first_name": "Alexis",
"last_name": "Doe",
"bio": "Art enthusiast and gallery curator",
"profile_picture_url": "https://example.com/avatar.jpg"
}
}

765
bruno/bruno.sh
View File

@ -1,765 +0,0 @@
#!/bin/bash
# Bruno API Collection Generator for Private API
# Creates a complete Bruno collection structure for testing the private API endpoints
set -e
# Configuration
COLLECTION_NAME="private"
BASE_URL="https://api.local/api/private"
DEFAULT_EMAIL="alexis@example.com"
DEFAULT_USERNAME="alexis"
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
echo_info() {
echo -e "${BLUE} $1${NC}"
}
echo_success() {
echo -e "${GREEN}$1${NC}"
}
echo_warning() {
echo -e "${YELLOW}⚠️ $1${NC}"
}
echo_error() {
echo -e "${RED}$1${NC}"
}
# Function to create directory structure
create_directories() {
local base_dir="$1"
echo_info "Creating directory structure..."
mkdir -p "${base_dir}"/{environments,auth,user,invitations,galleries,artworks,gallery-reviews,artwork-reviews}
echo_success "Directory structure created"
}
# Function to create a file with content
create_file() {
local filepath="$1"
local content="$2"
echo "$content" > "$filepath"
echo_success "Created: $filepath"
}
# Generate collection files
generate_files() {
local base_dir="$1"
echo_info "Generating Bruno collection files..."
# Main collection file
cat > "${base_dir}/bruno.json" << EOF
{
"version": "1",
"name": "Private API",
"type": "collection"
}
EOF
echo_success "Created: ${base_dir}/bruno.json"
# Environment file
cat > "${base_dir}/environments/local.bru" << EOF
vars {
baseUrl: ${BASE_URL}
email: ${DEFAULT_EMAIL}
username: ${DEFAULT_USERNAME}
}
EOF
echo_success "Created: ${base_dir}/environments/local.bru"
# Auth files
cat > "${base_dir}/auth/debug-headers.bru" << 'EOF'
meta {
name: Debug Headers
type: http
seq: 1
}
get {
url: {{baseUrl}}/debug-headers
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}
EOF
echo_success "Created: ${base_dir}/auth/debug-headers.bru"
cat > "${base_dir}/auth/redirect.bru" << 'EOF'
meta {
name: OIDC Redirect
type: http
seq: 2
}
get {
url: {{baseUrl}}/redirect
}
params:query {
code: authorization_code_here
}
EOF
echo_success "Created: ${base_dir}/auth/redirect.bru"
# User files
cat > "${base_dir}/user/get-me.bru" << 'EOF'
meta {
name: Get My Profile
type: http
seq: 1
}
get {
url: {{baseUrl}}/me
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}
EOF
echo_success "Created: ${base_dir}/user/get-me.bru"
cat > "${base_dir}/user/update-me.bru" << 'EOF'
meta {
name: Update My Profile
type: http
seq: 2
}
put {
url: {{baseUrl}}/me
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"alias": "Alexis Updated",
"first_name": "Alexis",
"last_name": "Doe",
"bio": "Art enthusiast and gallery curator",
"profile_picture_url": "https://example.com/avatar.jpg"
}
}
EOF
echo_success "Created: ${base_dir}/user/update-me.bru"
# Invitation files
cat > "${base_dir}/invitations/invite-user.bru" << 'EOF'
meta {
name: Invite User to Gallery
type: http
seq: 1
}
post {
url: {{baseUrl}}/gallery/1/invite
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"user_id": 2,
"role": "viewer"
}
}
EOF
echo_success "Created: ${base_dir}/invitations/invite-user.bru"
cat > "${base_dir}/invitations/respond-invitation.bru" << 'EOF'
meta {
name: Respond to Invitation
type: http
seq: 2
}
put {
url: {{baseUrl}}/invitations/1/respond
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"status": "accepted"
}
}
EOF
echo_success "Created: ${base_dir}/invitations/respond-invitation.bru"
cat > "${base_dir}/invitations/received-invitations.bru" << 'EOF'
meta {
name: Get Received Invitations
type: http
seq: 3
}
get {
url: {{baseUrl}}/invitations/received
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}
EOF
echo_success "Created: ${base_dir}/invitations/received-invitations.bru"
# Gallery files
cat > "${base_dir}/galleries/list-galleries.bru" << 'EOF'
meta {
name: List All Galleries
type: http
seq: 1
}
get {
url: {{baseUrl}}/galleries
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}
EOF
echo_success "Created: ${base_dir}/galleries/list-galleries.bru"
cat > "${base_dir}/galleries/get-gallery.bru" << 'EOF'
meta {
name: Get Gallery Details
type: http
seq: 2
}
get {
url: {{baseUrl}}/gallery/1
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}
EOF
echo_success "Created: ${base_dir}/galleries/get-gallery.bru"
cat > "${base_dir}/galleries/create-gallery.bru" << 'EOF'
meta {
name: Create Gallery
type: http
seq: 3
}
post {
url: {{baseUrl}}/gallery
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"title": "Modern Art Collection",
"description": "A curated collection of contemporary artworks",
"is_public": true,
"publication_date": "2025-06-28T10:00:00Z"
}
}
EOF
echo_success "Created: ${base_dir}/galleries/create-gallery.bru"
cat > "${base_dir}/galleries/update-gallery.bru" << 'EOF'
meta {
name: Update Gallery
type: http
seq: 4
}
put {
url: {{baseUrl}}/gallery/1
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"title": "Updated Modern Art Collection",
"description": "An updated curated collection of contemporary artworks",
"is_public": false
}
}
EOF
echo_success "Created: ${base_dir}/galleries/update-gallery.bru"
cat > "${base_dir}/galleries/my-galleries.bru" << 'EOF'
meta {
name: Get My Galleries
type: http
seq: 5
}
get {
url: {{baseUrl}}/galleries/mine
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}
EOF
echo_success "Created: ${base_dir}/galleries/my-galleries.bru"
cat > "${base_dir}/galleries/gallery-members.bru" << 'EOF'
meta {
name: Get Gallery Members
type: http
seq: 6
}
get {
url: {{baseUrl}}/gallery/1/members
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}
EOF
echo_success "Created: ${base_dir}/galleries/gallery-members.bru"
# Artwork files
cat > "${base_dir}/artworks/gallery-artworks.bru" << 'EOF'
meta {
name: Get Gallery Artworks
type: http
seq: 1
}
get {
url: {{baseUrl}}/gallery/1/artworks
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}
EOF
echo_success "Created: ${base_dir}/artworks/gallery-artworks.bru"
cat > "${base_dir}/artworks/get-artwork.bru" << 'EOF'
meta {
name: Get Artwork Details
type: http
seq: 2
}
get {
url: {{baseUrl}}/artwork/1
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}
EOF
echo_success "Created: ${base_dir}/artworks/get-artwork.bru"
cat > "${base_dir}/artworks/create-artwork.bru" << 'EOF'
meta {
name: Create Artwork
type: http
seq: 3
}
post {
url: {{baseUrl}}/gallery/1/artwork
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"title": "Sunset Over Mountains",
"description": "A beautiful landscape painting capturing the golden hour",
"image_url": "https://example.com/artwork1.jpg",
"medium": "Oil on Canvas",
"dimensions": "24x36 inches",
"creation_year": 2024,
"price": 1500.00,
"is_visible": true,
"is_for_sale": true
}
}
EOF
echo_success "Created: ${base_dir}/artworks/create-artwork.bru"
cat > "${base_dir}/artworks/update-artwork.bru" << 'EOF'
meta {
name: Update Artwork
type: http
seq: 4
}
put {
url: {{baseUrl}}/artwork/1
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"title": "Updated Sunset Over Mountains",
"description": "An updated beautiful landscape painting",
"price": 1800.00,
"is_for_sale": false
}
}
EOF
echo_success "Created: ${base_dir}/artworks/update-artwork.bru"
cat > "${base_dir}/artworks/my-artworks.bru" << 'EOF'
meta {
name: Get My Artworks
type: http
seq: 5
}
get {
url: {{baseUrl}}/artworks/mine
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}
EOF
echo_success "Created: ${base_dir}/artworks/my-artworks.bru"
# Gallery review files
cat > "${base_dir}/gallery-reviews/gallery-reviews.bru" << 'EOF'
meta {
name: Get Gallery Reviews
type: http
seq: 1
}
get {
url: {{baseUrl}}/gallery/1/reviews
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}
EOF
echo_success "Created: ${base_dir}/gallery-reviews/gallery-reviews.bru"
cat > "${base_dir}/gallery-reviews/create-gallery-review.bru" << 'EOF'
meta {
name: Create Gallery Review
type: http
seq: 2
}
post {
url: {{baseUrl}}/gallery/1/review
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"grade": 5,
"description": "Excellent gallery with amazing artwork collection!",
"parent_gr_id": null
}
}
EOF
echo_success "Created: ${base_dir}/gallery-reviews/create-gallery-review.bru"
cat > "${base_dir}/gallery-reviews/update-gallery-review.bru" << 'EOF'
meta {
name: Update Gallery Review
type: http
seq: 3
}
put {
url: {{baseUrl}}/galleries/review/1
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"grade": 4,
"description": "Updated: Very good gallery with great artwork collection!"
}
}
EOF
echo_success "Created: ${base_dir}/gallery-reviews/update-gallery-review.bru"
cat > "${base_dir}/gallery-reviews/given-gallery-reviews.bru" << 'EOF'
meta {
name: Get Given Gallery Reviews
type: http
seq: 4
}
get {
url: {{baseUrl}}/galleries/reviews/given
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}
EOF
echo_success "Created: ${base_dir}/gallery-reviews/given-gallery-reviews.bru"
cat > "${base_dir}/gallery-reviews/received-gallery-reviews.bru" << 'EOF'
meta {
name: Get Received Gallery Reviews
type: http
seq: 5
}
get {
url: {{baseUrl}}/galleries/reviews/received
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}
EOF
echo_success "Created: ${base_dir}/gallery-reviews/received-gallery-reviews.bru"
# Artwork review files
cat > "${base_dir}/artwork-reviews/artwork-reviews.bru" << 'EOF'
meta {
name: Get Artwork Reviews
type: http
seq: 1
}
get {
url: {{baseUrl}}/artwork/1/reviews
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}
EOF
echo_success "Created: ${base_dir}/artwork-reviews/artwork-reviews.bru"
cat > "${base_dir}/artwork-reviews/create-artwork-review.bru" << 'EOF'
meta {
name: Create Artwork Review
type: http
seq: 2
}
post {
url: {{baseUrl}}/artwork/1/review
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"grade": 5,
"description": "Absolutely stunning artwork! The colors and technique are magnificent.",
"parent_ar_id": null
}
}
EOF
echo_success "Created: ${base_dir}/artwork-reviews/create-artwork-review.bru"
cat > "${base_dir}/artwork-reviews/update-artwork-review.bru" << 'EOF'
meta {
name: Update Artwork Review
type: http
seq: 3
}
put {
url: {{baseUrl}}/artworks/review/1
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
Content-Type: application/json
}
body:json {
{
"grade": 4,
"description": "Updated: Very beautiful artwork! Great technique and composition."
}
}
EOF
echo_success "Created: ${base_dir}/artwork-reviews/update-artwork-review.bru"
cat > "${base_dir}/artwork-reviews/given-artwork-reviews.bru" << 'EOF'
meta {
name: Get Given Artwork Reviews
type: http
seq: 4
}
get {
url: {{baseUrl}}/artworks/reviews/given
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}
EOF
echo_success "Created: ${base_dir}/artwork-reviews/given-artwork-reviews.bru"
cat > "${base_dir}/artwork-reviews/received-artwork-reviews.bru" << 'EOF'
meta {
name: Get Received Artwork Reviews
type: http
seq: 5
}
get {
url: {{baseUrl}}/artworks/reviews/received
}
headers {
OIDC_email: {{email}}
OIDC_user: {{username}}
}
EOF
echo_success "Created: ${base_dir}/artwork-reviews/received-artwork-reviews.bru"
}
# Main function
main() {
echo_info "🚀 Generating Bruno API Collection for Private API..."
echo_info "📁 Collection name: ${COLLECTION_NAME}"
echo_info "🌐 Base URL: ${BASE_URL}"
echo_info "👤 Default user: ${DEFAULT_USERNAME} (${DEFAULT_EMAIL})"
echo ""
# Get current directory or use provided path
local target_dir="${1:-$(pwd)}"
local base_dir="${target_dir}/${COLLECTION_NAME}"
echo_info "📍 Creating collection in: ${base_dir}"
echo ""
# Create directory structure
create_directories "$base_dir"
echo ""
# Generate all files
generate_files "$base_dir"
echo ""
echo_success "Bruno collection generated successfully!"
echo ""
echo_info "📋 Next steps:"
echo " 1. Open Bruno and import the collection"
echo " 2. Select the 'local' environment"
echo " 3. Update variables in environments/local.bru if needed"
echo " 4. Start testing with auth/debug-headers.bru"
echo ""
echo_info "🔧 To customize:"
echo " - Edit environments/local.bru to change baseUrl, email, username"
echo " - Update gallery/artwork IDs in individual requests"
echo " - Modify request bodies to match your test data"
echo ""
echo_warning "💡 Don't forget to update the OIDC headers if your user changes!"
}
# Help function
show_help() {
echo "Bruno API Collection Generator"
echo ""
echo "Usage: $0 [target_directory]"
echo ""
echo "Arguments:"
echo " target_directory Directory where to create the collection (default: current directory)"
echo ""
echo "Examples:"
echo " $0 # Create in current directory"
echo " $0 ~/bruno # Create in ~/bruno directory"
echo " $0 /path/to/bruno # Create in specific path"
echo ""
echo "Configuration (edit script to change):"
echo " Collection name: ${COLLECTION_NAME}"
echo " Base URL: ${BASE_URL}"
echo " Default email: ${DEFAULT_EMAIL}"
echo " Default username: ${DEFAULT_USERNAME}"
}
# Check for help flag
if [[ "$1" == "-h" || "$1" == "--help" ]]; then
show_help
exit 0
fi
# Run main function
main "$@"}

12
docker-compose.yml
View File

@ -9,7 +9,7 @@ services:
POSTGRES_USER: keycloak # CHANGE THIS IN PROD POSTGRES_USER: keycloak # CHANGE THIS IN PROD
POSTGRES_PASSWORD: password # CHANGE THIS IN PROD POSTGRES_PASSWORD: password # CHANGE THIS IN PROD
volumes: volumes:
- postgres_data:/var/lib/postgresql/data - ./data/keycloak-db:/var/lib/postgresql/data
networks: networks:
- soa - soa
@ -32,11 +32,10 @@ services:
- keycloak-db - keycloak-db
networks: networks:
- soa - soa
public_api: public_api:
build: build:
context: ./public context: ./laravel
depends_on: depends_on:
- keycloak - keycloak
- mysql - mysql
@ -84,7 +83,7 @@ services:
ports: ports:
- "3306:3306" - "3306:3306"
volumes: volumes:
- mysql_data:/var/lib/mysql - ./data/mysql-data:/var/lib/mysql
networks: networks:
- soa - soa
@ -100,8 +99,3 @@ networks:
soa: soa:
driver: bridge driver: bridge
volumes:
postgres_data:
mysql_data:

103
keyclock-setup.sh
View File

@ -1,4 +1,5 @@
#!/bin/bash #!/bin/bash
# Variables # Variables
KC_HOST="http://localhost:8080" KC_HOST="http://localhost:8080"
REALM="master" REALM="master"
@ -6,10 +7,6 @@ CLIENT_ID="soa"
CLIENT_SECRET="mysecret" CLIENT_SECRET="mysecret"
USERNAME="alexis" USERNAME="alexis"
PASSWORD="password" PASSWORD="password"
USERNAME2="fabio"
PASSWORD2="password"
PERSONAL_TOKEN="personaltoken"
PERSONAL_TOKEN2="personaltoken2"
# Fonction d'attente # Fonction d'attente
wait_for_keycloak() { wait_for_keycloak() {
@ -31,16 +28,9 @@ get_admin_token() {
jq -r .access_token jq -r .access_token
} }
# Générer une date d'expiration (1 an à partir de maintenant)
generate_expiry_date() {
date -d "+1 year" --iso-8601=seconds
}
# Créer un realm, client et utilisateur # Créer un realm, client et utilisateur
setup_keycloak() { setup_keycloak() {
TOKEN=$(get_admin_token) TOKEN=$(get_admin_token)
CURRENT_DATE=$(date --iso-8601=seconds)
EXPIRY_DATE=$(generate_expiry_date)
echo "🛠️ Création du realm $REALM..." echo "🛠️ Création du realm $REALM..."
curl -s -X POST "$KC_HOST/admin/realms" \ curl -s -X POST "$KC_HOST/admin/realms" \
@ -48,18 +38,6 @@ setup_keycloak() {
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
-d "{\"realm\":\"$REALM\",\"enabled\":true}" > /dev/null -d "{\"realm\":\"$REALM\",\"enabled\":true}" > /dev/null
echo "🛠️ Configuration des durées de vie des tokens..."
curl -s -X PUT "$KC_HOST/admin/realms/$REALM" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d "{
\"accessTokenLifespan\": 3600,
\"refreshTokenMaxReuse\": 0,
\"ssoSessionIdleTimeout\": 7200,
\"ssoSessionMaxLifespan\": 36000,
\"offlineSessionIdleTimeout\": 2592000
}" > /dev/null
echo "🛠️ Création du client $CLIENT_ID..." echo "🛠️ Création du client $CLIENT_ID..."
curl -s -X POST "$KC_HOST/admin/realms/$REALM/clients" \ curl -s -X POST "$KC_HOST/admin/realms/$REALM/clients" \
-H "Authorization: Bearer $TOKEN" \ -H "Authorization: Bearer $TOKEN" \
@ -70,97 +48,28 @@ setup_keycloak() {
\"publicClient\": false, \"publicClient\": false,
\"secret\": \"$CLIENT_SECRET\", \"secret\": \"$CLIENT_SECRET\",
\"redirectUris\": [\"*\"], \"redirectUris\": [\"*\"],
\"standardFlowEnabled\": true, \"standardFlowEnabled\": true
\"directAccessGrantsEnabled\": true, }" > /dev/null
\"serviceAccountsEnabled\": true,
\"authorizationServicesEnabled\": false
}"
echo "👤 Création de l'utilisateur $USERNAME avec token personnel..." echo "👤 Création de l'utilisateur $USERNAME..."
curl -s -X POST "$KC_HOST/admin/realms/$REALM/users" \ curl -s -X POST "$KC_HOST/admin/realms/$REALM/users" \
-H "Authorization: Bearer $TOKEN" \ -H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
-d "{ -d "{
\"username\": \"$USERNAME\", \"username\": \"$USERNAME\",
\"enabled\": true, \"enabled\": true,
\"emailVerified\": true,
\"attributes\": {
\"api_token\": [\"$PERSONAL_TOKEN\"],
\"token_created\": [\"$CURRENT_DATE\"],
\"token_expires\": [\"$EXPIRY_DATE\"],
\"created_by\": [\"setup_script\"],
\"department\": [\"IT\"],
\"access_level\": [\"developer\"]
},
\"credentials\": [{ \"credentials\": [{
\"type\": \"password\", \"type\": \"password\",
\"value\": \"$PASSWORD\", \"value\": \"$PASSWORD\",
\"temporary\": false \"temporary\": false
}] }]
}" }" > /dev/null
echo "👤 Création du deuxième utilisateur $USERNAME2..."
curl -s -X POST "$KC_HOST/admin/realms/$REALM/users" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d "{
\"username\": \"$USERNAME2\",
\"enabled\": true,
\"emailVerified\": true,
\"email\": \"fabio@example.com\",
\"firstName\": \"Fabio\",
\"lastName\": \"Artist\",
\"attributes\": {
\"api_token\": [\"$PERSONAL_TOKEN2\"],
\"token_created\": [\"$CURRENT_DATE\"],
\"token_expires\": [\"$EXPIRY_DATE\"],
\"created_by\": [\"setup_script\"],
\"department\": [\"Artist\"],
\"access_level\": [\"user\"]
},
\"credentials\": [{
\"type\": \"password\",
\"value\": \"$PASSWORD2\",
\"temporary\": false
}]
}"
echo "✅ Configuration terminée !" echo "✅ Configuration terminée !"
echo "" echo "🔐 Utilisateur: $USERNAME / $PASSWORD"
echo "👥 Utilisateurs créés:"
echo "🔐 Utilisateur 1: $USERNAME / $PASSWORD"
echo "🔐 Utilisateur 2: $USERNAME2 / $PASSWORD2"
echo ""
echo "🪪 Client secret: $CLIENT_SECRET" echo "🪪 Client secret: $CLIENT_SECRET"
echo "🎫 Personal Access Token 1: $PERSONAL_TOKEN"
echo "🎫 Personal Access Token 2: $PERSONAL_TOKEN2"
echo "📅 Tokens créés le: $CURRENT_DATE"
echo "⏰ Tokens expirent le: $EXPIRY_DATE"
echo ""
echo "⏱️ Token Settings:"
echo " • Access Token Lifespan: 3600 seconds (1 hour)"
echo " • Direct Access Grants: ENABLED"
echo " • SSO Session Timeout: 7200 seconds (2 hours)"
}
# Fonction pour tester les tokens
test_personal_token() {
echo ""
echo "🧪 Test des tokens:"
echo ""
echo "Token pour Alexis:"
echo "curl -k -X POST http://auth.local:8080/realms/master/protocol/openid-connect/token \\"
echo " -H \"Content-Type: application/x-www-form-urlencoded\" \\"
echo " -d \"grant_type=password&client_id=soa&client_secret=mysecret&username=$USERNAME&password=$PASSWORD\""
echo ""
echo "Token pour Fabio:"
echo "curl -k -X POST http://auth.local:8080/realms/master/protocol/openid-connect/token \\"
echo " -H \"Content-Type: application/x-www-form-urlencoded\" \\"
echo " -d \"grant_type=password&client_id=soa&client_secret=mysecret&username=$USERNAME2&password=$PASSWORD2\""
echo ""
} }
# Lancer le setup # Lancer le setup
wait_for_keycloak wait_for_keycloak
setup_keycloak setup_keycloak
test_personal_token

0
public/.editorconfig → laravel/.editorconfig
View File

0
public/.env.example → laravel/.env.example
View File

0
public/.gitattributes → laravel/.gitattributes vendored
View File

0
public/.gitignore → laravel/.gitignore vendored
View File

0
public/Dockerfile → laravel/Dockerfile
View File

0
public/README.md → laravel/README.md
View File

0
public/app/Http/Controllers/Api/V1/ArtistController.php → laravel/app/Http/Controllers/Api/V1/ArtistController.php
View File

0
public/app/Http/Controllers/Api/V1/GalleryController.php → laravel/app/Http/Controllers/Api/V1/GalleryController.php
View File

0
public/app/Http/Controllers/Controller.php → laravel/app/Http/Controllers/Controller.php
View File

0
public/app/Http/Resources/ArtworkResource.php → laravel/app/Http/Resources/ArtworkResource.php
View File

0
public/app/Http/Resources/GalleryResource.php → laravel/app/Http/Resources/GalleryResource.php
View File

0
public/app/Http/Resources/UserResource.php → laravel/app/Http/Resources/UserResource.php
View File

0
public/app/Models/Artwork.php → laravel/app/Models/Artwork.php
View File

0
public/app/Models/Gallery.php → laravel/app/Models/Gallery.php
View File

0
public/app/Models/User.php → laravel/app/Models/User.php
View File

0
public/app/Providers/AppServiceProvider.php → laravel/app/Providers/AppServiceProvider.php
View File

0
public/artisan → laravel/artisan
View File

0
public/bootstrap/app.php → laravel/bootstrap/app.php
View File

0
public/bootstrap/cache/.gitignore → laravel/bootstrap/cache/.gitignore vendored
View File

0
public/bootstrap/providers.php → laravel/bootstrap/providers.php
View File

0
public/composer.json → laravel/composer.json
View File

0
public/composer.lock → laravel/composer.lock generated
View File

0
public/config/app.php → laravel/config/app.php
View File

0
public/config/auth.php → laravel/config/auth.php
View File

0
public/config/cache.php → laravel/config/cache.php
View File

0
public/config/database.php → laravel/config/database.php
View File

0
public/config/filesystems.php → laravel/config/filesystems.php
View File

0
public/config/logging.php → laravel/config/logging.php
View File

0
public/config/mail.php → laravel/config/mail.php
View File

0
public/config/queue.php → laravel/config/queue.php
View File

0
public/config/services.php → laravel/config/services.php
View File

0
public/config/session.php → laravel/config/session.php
View File

0
public/database/.gitignore → laravel/database/.gitignore vendored
View File

0
public/database/GalleryMember.php → laravel/database/GalleryMember.php
View File

0
public/database/factories/UserFactory.php → laravel/database/factories/UserFactory.php
View File

0
public/database/migrations/0001_01_01_000000_create_users_table.php → laravel/database/migrations/0001_01_01_000000_create_users_table.php
View File

0
public/database/migrations/0001_01_01_000001_create_cache_table.php → laravel/database/migrations/0001_01_01_000001_create_cache_table.php
View File

0
public/database/migrations/0001_01_01_000002_create_jobs_table.php → laravel/database/migrations/0001_01_01_000002_create_jobs_table.php
View File

0
public/database/migrations/2025_06_17_230516_create_artworks_table.php → laravel/database/migrations/2025_06_17_230516_create_artworks_table.php
View File

0
public/database/migrations/2025_06_17_230516_create_galleries_table.php → laravel/database/migrations/2025_06_17_230516_create_galleries_table.php
View File

0
public/database/migrations/2025_06_17_230516_create_gallery_members_table.php → laravel/database/migrations/2025_06_17_230516_create_gallery_members_table.php
View File

0
public/database/seeders/ArtworkSeeder.php → laravel/database/seeders/ArtworkSeeder.php
View File

0
public/database/seeders/DatabaseSeeder.php → laravel/database/seeders/DatabaseSeeder.php
View File

0
public/database/seeders/GalleryMemberSeeder.php → laravel/database/seeders/GalleryMemberSeeder.php
View File

0
public/database/seeders/GallerySeeder.php → laravel/database/seeders/GallerySeeder.php
View File

0
public/database/seeders/UserSeeder.php → laravel/database/seeders/UserSeeder.php
View File

BIN
laravel/mydb Normal file
View File

Binary file not shown.

0
public/nginx.conf → laravel/nginx.conf
View File

0
public/package-lock.json → laravel/package-lock.json generated
View File

0
public/package.json → laravel/package.json
View File

0
public/phpunit.xml → laravel/phpunit.xml
View File

0
public/public/.htaccess → laravel/public/.htaccess
View File

0
public/public/favicon.ico → laravel/public/favicon.ico
View File

0
public/public/index.php → laravel/public/index.php
View File

0
public/public/robots.txt → laravel/public/robots.txt
View File

0
public/resources/css/app.css → laravel/resources/css/app.css
View File

Some files were not shown because too many files have changed in this diff Show More