mirror of
https://github.com/Frooodle/Stirling-PDF.git
synced 2026-02-17 13:52:14 +01:00
5df466266a
# Description of Changes Change the SAML support for SSO to understand when a request is coming from the desktop app, and use the alternate auth flow that the desktop app requires.
180 lines
6.1 KiB
Bash
Executable File
180 lines
6.1 KiB
Bash
Executable File
#!/bin/bash
|
|
set -e
|
|
|
|
RED='\033[0;31m'
|
|
GREEN='\033[0;32m'
|
|
YELLOW='\033[1;33m'
|
|
BLUE='\033[0;34m'
|
|
NC='\033[0m'
|
|
|
|
echo -e "${BLUE}╔════════════════════════════════════════════════════╗${NC}"
|
|
echo -e "${BLUE}║ Stirling PDF + Keycloak SAML Test Environment ║${NC}"
|
|
echo -e "${BLUE}╚════════════════════════════════════════════════════╝${NC}"
|
|
echo ""
|
|
|
|
AUTO_LOGIN=false
|
|
COMPOSE_UP_ARGS=(-d --build)
|
|
for arg in "$@"; do
|
|
case "$arg" in
|
|
--auto)
|
|
AUTO_LOGIN=true
|
|
;;
|
|
--nobuild)
|
|
COMPOSE_UP_ARGS=(-d)
|
|
;;
|
|
-h|--help)
|
|
echo "Usage: $0 [--auto] [--nobuild]"
|
|
echo ""
|
|
echo " --auto Enable SSO auto-login and force SAML-only login method"
|
|
echo " --nobuild Skip building images (use existing images)"
|
|
exit 0
|
|
;;
|
|
*)
|
|
echo -e "${RED}Unknown option: $arg${NC}"
|
|
exit 1
|
|
;;
|
|
esac
|
|
done
|
|
|
|
if ! docker info > /dev/null 2>&1; then
|
|
echo -e "${RED}✗ Docker is not running${NC}"
|
|
exit 1
|
|
fi
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
cd "$SCRIPT_DIR"
|
|
|
|
# Prompt for license key (optional)
|
|
if [ -z "$PREMIUM_KEY" ]; then
|
|
echo -e "${YELLOW}Enter Enterprise license key (press Enter to use default test key):${NC}"
|
|
read -r LICENSE_INPUT
|
|
if [ -n "$LICENSE_INPUT" ]; then
|
|
export PREMIUM_KEY="$LICENSE_INPUT"
|
|
echo -e "${GREEN}✓ Using provided license key${NC}"
|
|
else
|
|
echo -e "${BLUE}Using default test license key${NC}"
|
|
fi
|
|
echo ""
|
|
fi
|
|
|
|
if [ "$AUTO_LOGIN" = true ]; then
|
|
export PREMIUM_PROFEATURES_SSOAUTOLOGIN=true
|
|
export SECURITY_LOGINMETHOD=saml2
|
|
COMPOSE_UP_ARGS+=(--force-recreate)
|
|
echo -e "${GREEN}✓ SSO auto-login enabled (SAML-only)${NC}"
|
|
echo ""
|
|
fi
|
|
|
|
echo -e "${YELLOW}▶ Starting Keycloak (SAML) containers...${NC}"
|
|
docker-compose -f docker-compose-keycloak-saml.yml up "${COMPOSE_UP_ARGS[@]}" keycloak-saml-db keycloak-saml
|
|
|
|
echo ""
|
|
echo -e "${YELLOW}▶ Waiting for Keycloak (SAML)...${NC}"
|
|
MAX_WAIT=180
|
|
WAITED=0
|
|
while [ $WAITED -lt $MAX_WAIT ]; do
|
|
if curl -sf http://localhost:9080/realms/stirling-saml/protocol/saml/descriptor 2>/dev/null | grep -q "EntityDescriptor"; then
|
|
echo -e "${GREEN}✓ Keycloak is ready${NC}"
|
|
break
|
|
fi
|
|
echo -n "."
|
|
sleep 2
|
|
WAITED=$((WAITED + 2))
|
|
done
|
|
|
|
if [ $WAITED -ge $MAX_WAIT ]; then
|
|
echo -e "${RED}✗ Keycloak failed to start${NC}"
|
|
exit 1
|
|
fi
|
|
|
|
echo ""
|
|
echo -e "${YELLOW}▶ Generating SAML SP certificates if needed...${NC}"
|
|
PRIVATE_KEY="${SCRIPT_DIR}/saml-private-key.key"
|
|
PUBLIC_CERT="${SCRIPT_DIR}/saml-public-cert.crt"
|
|
|
|
# Remove any directories that Docker might have created
|
|
[ -d "$PRIVATE_KEY" ] && rm -rf "$PRIVATE_KEY"
|
|
[ -d "$PUBLIC_CERT" ] && rm -rf "$PUBLIC_CERT"
|
|
|
|
if [ ! -f "$PRIVATE_KEY" ] || [ ! -f "$PUBLIC_CERT" ]; then
|
|
openssl req -x509 -newkey rsa:2048 -keyout "$PRIVATE_KEY" -out "$PUBLIC_CERT" \
|
|
-days 3650 -nodes -subj "/CN=stirling-pdf-saml-sp" >/dev/null 2>&1
|
|
echo -e "${GREEN}✓ Generated SAML SP certificates${NC}"
|
|
else
|
|
echo -e "${BLUE}Using existing SAML SP certificates${NC}"
|
|
fi
|
|
|
|
echo ""
|
|
echo -e "${YELLOW}▶ Fetching Keycloak SAML signing certificate...${NC}"
|
|
CERT_PATH="${SCRIPT_DIR}/keycloak-saml-cert.pem"
|
|
CERT_BODY="$(curl -sf http://localhost:9080/realms/stirling-saml/protocol/saml/descriptor \
|
|
| awk 'BEGIN{RS="<[^>]*X509Certificate>|</[^>]*X509Certificate>"} NR==2{gsub(/[[:space:]]+/,""); print; exit}')"
|
|
if [ -n "$CERT_BODY" ]; then
|
|
{
|
|
echo "-----BEGIN CERTIFICATE-----"
|
|
echo "$CERT_BODY"
|
|
echo "-----END CERTIFICATE-----"
|
|
} > "$CERT_PATH"
|
|
fi
|
|
if [ ! -s "$CERT_PATH" ]; then
|
|
echo -e "${RED}✗ Failed to fetch Keycloak SAML certificate${NC}"
|
|
exit 1
|
|
fi
|
|
echo -e "${GREEN}✓ Keycloak SAML certificate updated${NC}"
|
|
|
|
echo ""
|
|
echo -e "${YELLOW}▶ Starting Stirling PDF...${NC}"
|
|
docker-compose -f docker-compose-keycloak-saml.yml up "${COMPOSE_UP_ARGS[@]}" stirling-pdf-saml
|
|
|
|
echo ""
|
|
echo -e "${YELLOW}▶ Waiting for Stirling PDF...${NC}"
|
|
WAITED=0
|
|
while [ $WAITED -lt $MAX_WAIT ]; do
|
|
if curl -sf http://localhost:8080/api/v1/info/status 2>/dev/null | grep -q "UP"; then
|
|
echo -e "${GREEN}✓ Stirling PDF is ready${NC}"
|
|
break
|
|
fi
|
|
echo -n "."
|
|
sleep 2
|
|
WAITED=$((WAITED + 2))
|
|
done
|
|
|
|
if [ $WAITED -ge $MAX_WAIT ]; then
|
|
echo -e "${RED}✗ Stirling PDF failed to start${NC}"
|
|
exit 1
|
|
fi
|
|
|
|
echo ""
|
|
echo -e "${GREEN}╔════════════════════════════════════════════════════╗${NC}"
|
|
echo -e "${GREEN}║ SAML Test Environment Ready! ✓ ║${NC}"
|
|
echo -e "${GREEN}╚════════════════════════════════════════════════════╝${NC}"
|
|
echo ""
|
|
echo -e "${BLUE}📍 Services:${NC}"
|
|
echo -e " Stirling PDF: ${GREEN}http://localhost:8080${NC}"
|
|
echo -e " Keycloak Admin: ${GREEN}http://localhost:9080/admin${NC}"
|
|
echo ""
|
|
echo -e "${BLUE}🔑 Keycloak Admin:${NC}"
|
|
echo -e " Username: ${GREEN}admin${NC}"
|
|
echo -e " Password: ${GREEN}admin${NC}"
|
|
echo ""
|
|
echo -e "${BLUE}👥 Test Users (SAML):${NC}"
|
|
echo -e " ${YELLOW}Regular User:${NC}"
|
|
echo -e " Email: ${GREEN}samluser@example.com${NC}"
|
|
echo -e " Password: ${GREEN}samlpassword${NC}"
|
|
echo ""
|
|
echo -e " ${YELLOW}Admin User:${NC}"
|
|
echo -e " Email: ${GREEN}samladmin@example.com${NC}"
|
|
echo -e " Password: ${GREEN}samladminpass${NC}"
|
|
echo ""
|
|
echo -e "${BLUE}🧪 Test SAML:${NC}"
|
|
echo -e " 1. Go to ${GREEN}http://localhost:8080${NC}"
|
|
echo -e " 2. Click 'Login' and select SAML"
|
|
echo -e " 3. Login with test credentials"
|
|
echo ""
|
|
echo -e "${BLUE}📊 View logs:${NC}"
|
|
echo -e " docker-compose -f docker-compose-keycloak-saml.yml logs -f"
|
|
echo ""
|
|
echo -e "${BLUE}⏹ Stop:${NC}"
|
|
echo -e " docker-compose -f docker-compose-keycloak-saml.yml down -v"
|
|
echo ""
|