fix: OpenRemote token Basic Auth + corrected URLs (Keycloak container name)

- Use Basic Auth for client_secret_basic - OR_TOKEN_URL points to openremote-keycloak-1 container - Assets copied to smartcity realm DB
2026-05-03 03:08:24 -04:00
parent 29af64e90e
commit 8bb0381fff
1 changed files with 16 additions and 12 deletions
--- a/simulator.py
+++ b/simulator.py
@@ -550,18 +550,22 @@ def _get_or_token() -> str:
    if _or_token_cache["token"] and _or_token_cache["expires"] > time.time() + 60:
        return _or_token_cache["token"]
    try:
-        # Utiliser le client openremote avec client secret (service account)
+        # Utiliser HTTP Basic Auth (client_secret_basic)
-        data = urllib.parse.urlencode({
+        import base64
-            "grant_type": "client_credentials",
+        creds = base64.b64encode(f"{os.environ.get('OR_CLIENT_ID')}:{os.environ.get('OR_CLIENT_SECRET')}".encode()).decode()
-            "client_id": os.environ.get('OR_CLIENT_ID', 'openremote'),
+        req = urllib.request.Request(
-            "client_secret": os.environ.get('OR_CLIENT_SECRET', ''),
+            OR_TOKEN_URL,
-        }).encode()
+            data=urllib.parse.urlencode({"grant_type": "client_credentials"}).encode(),
-        req = urllib.request.Request(OR_TOKEN_URL, data=data)
+            headers={
-        with urllib.request.urlopen(req, timeout=5) as resp:
+                "Content-Type": "application/x-www-form-urlencoded",
-            result = json.loads(resp.read())
+                "Authorization": f"Basic {creds}"
-            _or_token_cache["token"] = result["access_token"]
+            }
-            _or_token_cache["expires"] = time.time() + result.get("expires_in", 300)
+        )
-            return result["access_token"]
+        with urllib.request.urlopen(req, timeout=5) as r:
            token_data = json.loads(r.read().decode())
            _or_token_cache["token"] = token_data["access_token"]
            _or_token_cache["expires"] = time.time() + token_data.get("expires_in", 300) - 60
            return _or_token_cache["token"]
    except Exception as e:
        print(f"  ⚠️  OpenRemote token → {e}")
        return ""