#!/bin/bash
# Get OAuth token from auth server. Set AUTH_URL and form data for your environment.
# Usage: ./auth/token.sh   (prints token to stdout)
# Example with token: TOKEN=$(./scripts/auth/token.sh) && curl -H "Authorization: Bearer $TOKEN" "$BASE_URL/reslevis/getTrackers"
AUTH_URL="${AUTH_URL:-https://10.251.0.30:10002/realms/API.Server.local/protocol/openid-connect/token}"

TOKEN=$(curl -k -s -X POST "$AUTH_URL" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=password" \
  -d "client_id=${CLIENT_ID:-Fastapi}" \
  -d "client_secret=${CLIENT_SECRET}" \
  -d "username=${USERNAME}" \
  -d "password=${PASSWORD}" \
  -d "audience=${AUDIENCE:-Fastapi}" \
  | jq -r '.access_token')

if [ -z "$TOKEN" ] || [ "$TOKEN" = "null" ]; then
  echo "Failed to get token. Set CLIENT_SECRET, USERNAME, PASSWORD (and optionally AUTH_URL, CLIENT_ID, AUDIENCE)." >&2
  exit 1
fi
echo "$TOKEN"