#!/bin/bash

echo "If something fails, remember to enable 'Direct access grants' for the client"

USER="..."
PASSWORD="..."
CLIENT_ID="..."

ISSUER=https://auth2.hottis.de/realms/hottis
TOKEN=`curl $ISSUER/protocol/openid-connect/token \
    -d "scope=openid profile email" \
    -d "client_id=$CLIENT_ID" \
    -d "grant_type=password" \
    -d "username=$USER" \
    -d "password=$PASSWORD"`
echo $TOKEN
ACCESS_TOKEN=`echo $TOKEN | jq -r .access_token`
echo $ACCESS_TOKEN

echo "userinfo:"
curl -v $ISSUER/protocol/openid-connect/userinfo \
    -H "Authorization: Bearer $ACCESS_TOKEN"
echo