#!/bin/bash

# Wait for Keycloak to be ready
echo "Waiting for Keycloak to be ready..."
until curl -s http://localhost:8080/health/ready; do
    echo "Waiting for Keycloak..."
    sleep 5
done

# Get admin token
echo "Getting admin token..."
TOKEN=$(curl -s -X POST http://localhost:8080/realms/master/protocol/openid-connect/token \
    -H "Content-Type: application/x-www-form-urlencoded" \
    -d "username=admin" \
    -d "password=admin" \
    -d "grant_type=password" \
    -d "client_id=admin-cli" | grep -o '"access_token":"[^"]*' | sed 's/"access_token":"//')

# Create realm if it doesn't exist
echo "Creating realm..."
curl -s -X POST http://localhost:8080/admin/realms \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d '{
        "realm": "soa",
        "enabled": true
    }'

# Create client
echo "Creating client..."
curl -s -X POST http://localhost:8080/admin/realms/soa/clients \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d '{
        "clientId": "soa",
        "secret": "NuLgdHzPldRauqIln0I0TN5216PgX3Ty",
        "redirectUris": ["https://api.local/*"],
        "webOrigins": ["https://api.local"],
        "publicClient": false,
        "directAccessGrantsEnabled": true,
        "serviceAccountsEnabled": true
    }'

echo "Setup completed!"