Problem: OAuth login failed because the authenticator was checking for
old Keycloak group names (super_admin_asso, gp_member) that no longer
exist in the master realm.
Changes:
- src/Security/KeycloakAuthenticator.php:106: resolveRoles() now checks
for 'siteconseil_admin' instead of 'super_admin_asso' to grant ROLE_ROOT
- src/Controller/Admin/MembresController.php:140: member creation role
resolution updated from 'super_admin_asso' to 'siteconseil_admin'
- templates/admin/membres.html.twig: checkbox values updated from
'gp_member' to 'siteconseil_member' and 'super_admin_asso' to
'siteconseil_admin' in the member management form
- assets/app.js:5-6: JS mutual exclusion logic updated to use new
group values 'siteconseil_member' and 'siteconseil_admin'
- tests/Security/KeycloakAuthenticatorTest.php:79: test data updated
from 'super_admin_asso' to 'siteconseil_admin'
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
f8155c9454