eric/smart-city-digital-twin-martinique
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix: OpenRemote token with admin-cli password grant, add OR_TOKEN_REALM, fix FROST_URL

Browse Source
This commit is contained in:
Eric FELIXINE
2026-05-03 08:47:47 -04:00
parent 4325d5735d
commit e8270b7d73
1 changed files with 16 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
simulator.py
View File

@@ -41,7 +41,9 @@ ENABLE_FROST = os.environ.get("ENABLE_FROST", "1") == "1"
ENABLE_OPENREMOTE = os.environ.get("ENABLE_OPENREMOTE", "1") == "1"
OR_ADMIN_USER = os.environ.get("OR_ADMIN_USER", "admin")
OR_ADMIN_PASS = os.environ.get("OR_ADMIN_PASS", "Digitribe972")
OR_REALM = os.environ.get("OR_REALM", "master")
OR_REALM = os.environ.get("OR_REALM", "smartcity")
OR_TOKEN_REALM = os.environ.get("OR_TOKEN_REALM", "master") # Realm pour obtention token
FROST_URL = os.environ.get("FROST_URL", "http://frost_allinone-web-1:8080/FROST-Server/v1.1")
SENSOR_COUNTS = {
"traffic": int(os.environ.get("SENSOR_COUNT_traffic", "3")),
@@ -363,8 +365,8 @@ STELLIO_URL = "http://stellio-api-gateway:8080"
# Configuration OpenRemote (URLs dynamiques)
OR_URL = os.environ.get("OR_URL", "http://192.168.192.10:8080") # IP directe (évite DNS)
OR_REALM = os.environ.get("OR_REALM", "smartcity") # Default: smartcity
OR_TOKEN_URL = f"{OR_URL}/auth/realms/{OR_REALM}/protocol/openid-connect/token"
OR_TOKEN_TTL = 3600 # Refresh token every hour
OR_TOKEN_URL = os.environ.get("OR_TOKEN_URL", f"http://openremote-keycloak-1:8080/auth/realms/{OR_TOKEN_REALM}/protocol/openid-connect/token")
OR_TOKEN_TTL = int(os.environ.get("OR_TOKEN_TTL", "3600")) # Refresh token every hour
def publish_stellio(sid: str, sensor: dict) -> bool:
"""Publie sur Stellio (gère le 409)."""
entity = _ngsi_payload(sid, sensor)
@@ -545,21 +547,22 @@ def publish_frost(sid: str, sensor: dict, field: str, value: float) -> bool:
_or_token_cache = {"token": "", "expires": 0}
def _get_or_token() -> str:
"""Obtient un token OpenRemote via client credentials (service account)."""
import time
"""Obtain an OpenRemote token via password grant (admin-cli, directAccessGrants enabled)."""
import time, urllib.parse
if _or_token_cache["token"] and _or_token_cache["expires"] > time.time() + 60:
return _or_token_cache["token"]
try:
# Utiliser HTTP Basic Auth (client_secret_basic)
import base64
creds = base64.b64encode(f"{os.environ.get('OR_CLIENT_ID')}:{os.environ.get('OR_CLIENT_SECRET')}".encode()).decode()
# Use password grant with admin-cli client (directAccessGrants enabled)
data = urllib.parse.urlencode({
"grant_type": "password",
"username": os.environ.get("OR_ADMIN_USER", "admin"),
"password": os.environ.get("OR_ADMIN_PASS", "Digitribe972"),
"client_id": "admin-cli"
}).encode()
req = urllib.request.Request(
OR_TOKEN_URL,
data=urllib.parse.urlencode({"grant_type": "client_credentials"}).encode(),
headers={
"Content-Type": "application/x-www-form-urlencoded",
"Authorization": f"Basic {creds}"
}
data=data,
headers={"Content-Type": "application/x-www-form-urlencoded"}
)
with urllib.request.urlopen(req, timeout=5) as r:
token_data = json.loads(r.read().decode())