diff --git a/config/kanidm/basic-setup.sh b/config/kanidm/basic-setup.sh index dce6655..be01d46 100755 --- a/config/kanidm/basic-setup.sh +++ b/config/kanidm/basic-setup.sh @@ -38,18 +38,17 @@ echo "$idm_password" | krun kanidm login -D idm_admin function create_user { username="$1"; shift echo "Creating person (user) '${username}'..." - # krun kanidm person delete "$username" --name idm_admin krun kanidm person create "$username" "$username user" --name idm_admin krun kanidm person update "$username" --legalname "$username Lastname" --mail "${username}@example.com" --name idm_admin ( sleep 0.1 echo "pass" - sleep 0.1 + sleep 0.2 echo "$FAKE_PASSWORD" - sleep 0.1 + sleep 0.2 echo "$FAKE_PASSWORD" - sleep 0.1 + sleep 0.2 # echo "totp" # sleep 0.1 # echo "totpname" @@ -62,9 +61,9 @@ function create_user { echo "commit" sleep 0.1 echo "y" - sleep 0.1 - echo "end" - ) | krun kanidm person credential update "$username" --name idm_admin | tee /tmp/create-user-log.txt + # sleep 0.1 + # echo "end" + ) | krun kanidm person credential update "$username" --name idm_admin } # setup loose policies for testing @@ -77,16 +76,16 @@ krun kanidm group create "$adm_group" --name idm_admin # create our OAuth 2 application krun kanidm system oauth2 create "$app" "Yourcloud" "http://localhost:3000" --name idm_admin -krun kanidm system oauth2 update-scope-map "$app" "$adm_group" admin openid email read --name idm_admin +krun kanidm system oauth2 update-scope-map "$app" "$adm_group" admin openid email read write --name idm_admin # TODO: expired/disabled users? -# for u in alice bob user1 user2 user3; do -# create_user "$u" -# done +for u in alice bob user1 user2 user3; do + create_user "$u" +done for u in gilfoyle dinesh; do create_user "$u" done # add users to groups -# krun kanidm group add-members "$adm_group" gilfoyle --name idm_admin -# krun kanidm group add-members "$adm_group" dinesh --name idm_admin +krun kanidm group add-members "$adm_group" gilfoyle --name idm_admin +krun kanidm group add-members "$adm_group" dinesh --name idm_admin