cd /opt/keycloak/bin

# Waits until the text "Running the server shows up in the child process, before continuing"
echo "Keyloak Initializing"
(./kc.sh start-dev &) | grep -q "Running the server"

echo "Configuring Keycloak"
./kcadm.sh config credentials --server http://localhost:8080 --realm master --user keycloak --password test

./kcadm.sh create realms -s realm=directory -s enabled=true
./kcadm.sh update realms/directory -s sslRequired=NONE

./kcadm.sh create roles -r directory -s name=user
./kcadm.sh create roles -r directory -s name=admin

./kcadm.sh create users -r directory -s username=lloyd -s enabled=true
./kcadm.sh set-password -r directory --username lloyd --new-password Osafop@ssw0rd
./kcadm.sh add-roles -r directory --uusername lloyd --rolename user

./kcadm.sh create users -r directory -s username=demoUser -s enabled=true
./kcadm.sh set-password -r directory --username demoUser --new-password d3m0p@ssw0rd
./kcadm.sh add-roles -r directory --uusername lloyd --rolename user

./kcadm.sh create users -r directory -s username=sfan1234 -s enabled=true
./kcadm.sh set-password -r directory --username sfan1234 --new-password test
./kcadm.sh add-roles -r directory --uusername sfan1234 --rolename admin

./kcadm.sh create clients -r directory  -f - << EOF
  {
  "clientId": "React-auth",
  "name": "",
  "description": "",
  "rootUrl": "http://localhost:21287/",
  "adminUrl": "http://localhost:21287/",
  "baseUrl": "",
  "surrogateAuthRequired": false,
  "enabled": true,
  "alwaysDisplayInConsole": false,
  "clientAuthenticatorType": "client-secret",
  "redirectUris": [
    "http://localhost:21287/*",
    "https://directory.dojo1.e3labs.net/*",
    "https://stage-directory.ecloud.e3labs.net/*",
    "https://directory.ecloud.e3labs.net/*"
  ],
  "webOrigins": [
    "http://localhost:21287",
    "https://directory.dojo1.e3labs.net",
    "https://stage-directory.ecloud.e3labs.net",
    "https://directory.ecloud.e3labs.net"
  ],
  "notBefore": 0,
  "bearerOnly": false,
  "consentRequired": false,
  "standardFlowEnabled": true,
  "implicitFlowEnabled": false,
  "directAccessGrantsEnabled": true,
  "serviceAccountsEnabled": false,
  "publicClient": true,
  "frontchannelLogout": true,
  "protocol": "openid-connect",
  "attributes": {
    "oidc.ciba.grant.enabled": "false",
    "oauth2.device.authorization.grant.enabled": "false",
    "backchannel.logout.session.required": "true",
    "backchannel.logout.revoke.offline.tokens": "false"
  },
  "authenticationFlowBindingOverrides": {},
  "fullScopeAllowed": true,
  "nodeReRegistrationTimeout": -1,
  "defaultClientScopes": [
    "web-origins",
    "acr",
    "roles",
    "profile",
    "email"
  ],
  "optionalClientScopes": [
    "address",
    "phone",
    "offline_access",
    "microprofile-jwt"
  ],
  "access": {
    "view": true,
    "configure": true,
    "manage": true
  }
}
EOF

while true; do sleep 10000; done