Initial commit: git-hangman-lab and keycloak-hangman-lab skills

keycloak-hangman-lab/scripts/keycloak/create-keycloak-account

@@ -0,0 +1,49 @@
+#!/bin/bash
+
+# Get the directory where this script is located
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+
+# Parse arguments
+while [[ $# -gt 0 ]]; do
+  case $1 in
+    --username)
+      username="$2"
+      shift 2
+      ;;
+    --email)
+      email="$2"
+      shift 2
+      ;;
+    *)
+      echo "Unknown option: $1"
+      exit 1
+      ;;
+  esac
+done
+
+# Check if username and email are provided
+if [[ -z "$username" || -z "$email" ]]; then
+  echo "Usage: $0 --username <username> --email <email>"
+  exit 1
+fi
+
+# Generate keycloak credentials (do not print secret)
+pass_mgr generate --username "$username" --key keycloak >/dev/null
+
+# Get the generated username and password
+user=$(pass_mgr get-username --key keycloak)
+pass=$(pass_mgr get-secret --key keycloak)
+
+realm="Hangman-Lab"
+
+# Create keycloak user
+"$SCRIPT_DIR/kcadm" create users -r "$realm" -s "username=$user" -s "enabled=true" -s "email=$email" || true
+
+# Set password for the user
+"$SCRIPT_DIR/kcadm" set-password -r "$realm" --username "$user" --new-password "$pass"
+
+# Verify email and set profile fields to avoid VERIFY_PROFILE during first OIDC login
+"$SCRIPT_DIR/verify-email" --username "$user"
+"$SCRIPT_DIR/set-name" --username "$user" >/dev/null 2>&1 || "$SCRIPT_DIR/set-name"
+
+echo "Keycloak account created for: $user (realm: $realm)"

keycloak-hangman-lab/scripts/keycloak/kc-ctrl

@@ -0,0 +1,41 @@
+#!/bin/bash
+
+# Get the directory where this script is located
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+
+# Check if subcommand is provided
+if [[ $# -eq 0 ]]; then
+  echo "Usage: $0 <command> [options]"
+  echo ""
+  echo "Commands:"
+  echo "  create-keycloak-account     Create a new Keycloak account"
+  echo "  set-name                   Set user firstName and lastName"
+  echo "  verify-email               Verify user email"
+  echo "  reset-password             Reset user password"
+  exit 1
+fi
+
+# Get subcommand
+subcommand="$1"
+shift
+
+# Route to appropriate script
+case "$subcommand" in
+  create-keycloak-account)
+    "$SCRIPT_DIR/create-keycloak-account" "$@"
+    ;;
+  set-name)
+    "$SCRIPT_DIR/set-name" "$@"
+    ;;
+  verify-email)
+    "$SCRIPT_DIR/verify-email" "$@"
+    ;;
+  reset-password)
+    "$SCRIPT_DIR/reset-password" "$@"
+    ;;
+  *)
+    echo "Unknown command: $subcommand"
+    echo "Run '$0' for usage information"
+    exit 1
+    ;;
+esac

keycloak-hangman-lab/scripts/keycloak/kcadm

@@ -0,0 +1,47 @@
+#!/bin/bash
+set -euo pipefail
+# pcguard || exit 1
+
+REMOTE_HOST="vps.git"
+REMOTE_USER="root"
+CONTAINER_NAME="git-kc-keycloak"
+HOST_CONFIG="/root/.keycloak/kcadm.config"
+CONTAINER_CONFIG="/tmp/kcadm.config"
+ENV_FILE="/root/git-kc/.env"
+
+if [[ $# -eq 0 ]]; then
+  ssh "$REMOTE_USER@$REMOTE_HOST" \
+    "docker exec -i $CONTAINER_NAME /opt/keycloak/bin/kcadm.sh --help" <&0
+  exit $?
+fi
+
+SUBCOMMAND="$1"
+shift
+
+ssh "$REMOTE_USER@$REMOTE_HOST" "
+  set -euo pipefail
+  mkdir -p /root/.keycloak
+  if [ -f $HOST_CONFIG ]; then
+    docker cp $HOST_CONFIG $CONTAINER_NAME:$CONTAINER_CONFIG >/dev/null 2>&1 || true
+    docker exec --user 0:0 $CONTAINER_NAME /bin/chmod 666 $CONTAINER_CONFIG >/dev/null 2>&1 || true
+  fi
+
+  if [ $(printf '%q' "$SUBCOMMAND") != config ] && [ -f $ENV_FILE ]; then
+    set -a
+    . $ENV_FILE
+    set +a
+    docker exec -i $CONTAINER_NAME /opt/keycloak/bin/kcadm.sh config credentials \
+      --config $CONTAINER_CONFIG \
+      --server http://127.0.0.1:8080 \
+      --realm master \
+      --user \"\$KC_BOOTSTRAP_ADMIN_USERNAME\" \
+      --password \"\$KC_BOOTSTRAP_ADMIN_PASSWORD\" >/dev/null
+  fi
+
+  set +e
+  docker exec -i $CONTAINER_NAME /opt/keycloak/bin/kcadm.sh $(printf '%q ' "$SUBCOMMAND") --config $CONTAINER_CONFIG $(printf '%q ' "$@")
+  status=\$?
+  set -e
+  docker cp $CONTAINER_NAME:$CONTAINER_CONFIG $HOST_CONFIG >/dev/null 2>&1 || true
+  exit \$status
+" <&0

keycloak-hangman-lab/scripts/keycloak/reset-password

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+# Get the directory where this script is located
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+
+# Get username from pass_mgr
+username=$(pass_mgr get-username --key keycloak)
+if [[ -z "$username" ]]; then
+  echo "Error: No username found in pass_mgr for key 'keycloak'"
+  exit 1
+fi
+
+realm="Hangman-Lab"
+
+# Generate new password
+password=$(pass_mgr generate --key keycloak --username "$username")
+
+# Update password via kcadm
+"$SCRIPT_DIR/kcadm" set-password -r "$realm" --username "$username" --new-password "$password"
+
+echo "Password updated for user: $username (realm: $realm)"

keycloak-hangman-lab/scripts/keycloak/set-name

@@ -0,0 +1,51 @@
+#!/bin/bash
+
+# Get the directory where this script is located
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+
+# Optional explicit username
+username=""
+while [[ $# -gt 0 ]]; do
+  case $1 in
+    --username)
+      username="$2"
+      shift 2
+      ;;
+    *)
+      echo "Unknown option: $1"
+      echo "Usage: $0 [--username <username>]"
+      exit 1
+      ;;
+  esac
+done
+
+# Default to pass_mgr if not provided
+if [[ -z "$username" ]]; then
+  username=$(pass_mgr get-username --key keycloak)
+fi
+
+if [[ -z "$username" ]]; then
+  echo "Error: No keycloak username found in pass_mgr"
+  exit 1
+fi
+
+realm="Hangman-Lab"
+
+# Check if user exists
+result=$("$SCRIPT_DIR/kcadm" get users -r "$realm" -q "username=$username")
+user_count=$(echo "$result" | jq 'length')
+
+if [[ "$user_count" -eq 0 ]]; then
+  echo "Error: User $username not found in Keycloak"
+  exit 1
+fi
+
+# Get user ID
+userid=$(echo "$result" | jq -r '.[0].id')
+
+# Set firstName and lastName
+"$SCRIPT_DIR/kcadm" update users/"$userid" -r "$realm" \
+  --set "firstName=$username" \
+  --set "lastName=$username"
+
+echo "Name set for user: $username (firstName=$username, lastName=$username)"

keycloak-hangman-lab/scripts/keycloak/verify-email

@@ -0,0 +1,31 @@
+#!/bin/bash
+
+# Get the directory where this script is located
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+
+# Get username from pass_mgr
+username=$(pass_mgr get-username --key keycloak)
+
+if [[ -z "$username" ]]; then
+  echo "Error: No keycloak username found in pass_mgr"
+  exit 1
+fi
+
+realm="Hangman-Lab"
+
+# Check if user exists
+result=$("$SCRIPT_DIR/kcadm" get users -r "$realm" -q "username=$username")
+user_count=$(echo "$result" | jq 'length')
+
+if [[ "$user_count" -eq 0 ]]; then
+  echo "Error: User $username not found in Keycloak"
+  exit 1
+fi
+
+# Get user ID
+userid=$(echo "$result" | jq -r '.[0].id')
+
+# Set email verified
+"$SCRIPT_DIR/kcadm" update users/"$userid" -r "$realm" -s "emailVerified=true"
+
+echo "Email verified for user: $username"