v1.0 - Version stable: multi-PC, détection UI-DETR-1, 3 modes exécution

- Frontend v4 accessible sur réseau local (192.168.1.40)
- Ports ouverts: 3002 (frontend), 5001 (backend), 5004 (dashboard)
- Ollama GPU fonctionnel
- Self-healing interactif
- Dashboard confiance

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

demo_security_validation.py

@@ -0,0 +1,167 @@
+#!/usr/bin/env python3
+"""
+Démonstration de la validation de sécurité
+
+Montre comment le système refuse de démarrer avec une configuration insécurisée en production.
+"""
+
+import os
+import sys
+from pathlib import Path
+
+# Add current directory to path for imports
+sys.path.insert(0, str(Path(__file__).parent))
+
+from core.security import (
+    validate_production_security,
+    get_security_config,
+    generate_secure_key,
+    check_security_requirements,
+    ProductionSecurityError
+)
+
+def demo_insecure_production():
+    """Démontre le refus de configuration insécurisée en production."""
+    print("🚨 Demo: Insecure Production Configuration")
+    print("=" * 50)
+    
+    # Simuler l'environnement de production
+    os.environ["ENVIRONMENT"] = "production"
+    os.environ["ENCRYPTION_PASSWORD"] = "rpa_vision_v3_default_key"  # Clé par défaut
+    os.environ["SECRET_KEY"] = "dev-key-change-in-production"  # Clé par défaut
+    
+    print("Environment: PRODUCTION")
+    print("Encryption Password: rpa_vision_v3_default_key (DEFAULT)")
+    print("Secret Key: dev-key-change-in-production (DEFAULT)")
+    print()
+    
+    try:
+        config = get_security_config()
+        validate_production_security(config)
+        print("❌ This should not happen - insecure config was accepted!")
+    except ProductionSecurityError as e:
+        print("✅ Security validation correctly REJECTED the insecure configuration:")
+        print(f"   {e}")
+    
+    print()
+
+def demo_secure_production():
+    """Démontre l'acceptation de configuration sécurisée en production."""
+    print("✅ Demo: Secure Production Configuration")
+    print("=" * 50)
+    
+    # Générer des clés sécurisées
+    secure_encryption_key = generate_secure_key(32)
+    secure_secret_key = generate_secure_key(32)
+    
+    os.environ["ENVIRONMENT"] = "production"
+    os.environ["ENCRYPTION_PASSWORD"] = secure_encryption_key
+    os.environ["SECRET_KEY"] = secure_secret_key
+    os.environ["LOG_SENSITIVE_DATA"] = "false"
+    os.environ["STRICT_INPUT_VALIDATION"] = "true"
+    
+    print("Environment: PRODUCTION")
+    print(f"Encryption Password: {secure_encryption_key[:8]}... (SECURE)")
+    print(f"Secret Key: {secure_secret_key[:8]}... (SECURE)")
+    print("Log Sensitive Data: false")
+    print("Strict Input Validation: true")
+    print()
+    
+    try:
+        config = get_security_config()
+        validate_production_security(config)
+        print("✅ Security validation ACCEPTED the secure configuration")
+    except ProductionSecurityError as e:
+        print(f"❌ Secure configuration was rejected: {e}")
+    
+    print()
+
+def demo_development_flexibility():
+    """Démontre la flexibilité en environnement de développement."""
+    print("🔧 Demo: Development Environment Flexibility")
+    print("=" * 50)
+    
+    # Environnement de développement avec clés par défaut
+    os.environ["ENVIRONMENT"] = "development"
+    os.environ["ENCRYPTION_PASSWORD"] = "rpa_vision_v3_default_key"
+    os.environ["SECRET_KEY"] = "dev-key-change-in-production"
+    
+    print("Environment: DEVELOPMENT")
+    print("Encryption Password: rpa_vision_v3_default_key (DEFAULT)")
+    print("Secret Key: dev-key-change-in-production (DEFAULT)")
+    print()
+    
+    try:
+        config = get_security_config()
+        validate_production_security(config)
+        print("✅ Development environment allows default keys for convenience")
+    except ProductionSecurityError as e:
+        print(f"❌ Development should be flexible: {e}")
+    
+    print()
+
+def demo_security_requirements():
+    """Démontre la vérification des exigences de sécurité."""
+    print("📋 Demo: Security Requirements Check")
+    print("=" * 50)
+    
+    # Vérifier les exigences en production
+    os.environ["ENVIRONMENT"] = "production"
+    secure_key = generate_secure_key(32)
+    os.environ["ENCRYPTION_PASSWORD"] = secure_key
+    os.environ["SECRET_KEY"] = secure_key
+    
+    requirements = check_security_requirements()
+    
+    print("Security Requirements Status:")
+    for requirement, status in requirements.items():
+        status_icon = "✅" if status else "❌"
+        print(f"  {status_icon} {requirement}: {status}")
+    
+    print()
+
+def cleanup_environment():
+    """Nettoie les variables d'environnement."""
+    test_vars = [
+        "ENVIRONMENT",
+        "ENCRYPTION_PASSWORD", 
+        "SECRET_KEY",
+        "LOG_SENSITIVE_DATA",
+        "STRICT_INPUT_VALIDATION"
+    ]
+    
+    for var in test_vars:
+        os.environ.pop(var, None)
+
+def main():
+    """Fonction principale de démonstration."""
+    print("🎯 RPA Vision V3 - Security Validation Demo")
+    print("=" * 60)
+    print()
+    
+    try:
+        # Demo 1: Configuration insécurisée en production
+        demo_insecure_production()
+        
+        # Demo 2: Configuration sécurisée en production
+        demo_secure_production()
+        
+        # Demo 3: Flexibilité en développement
+        demo_development_flexibility()
+        
+        # Demo 4: Vérification des exigences
+        demo_security_requirements()
+        
+        print("🎉 Security validation demo completed!")
+        print()
+        print("Key takeaways:")
+        print("  • Production environments require secure configuration")
+        print("  • Default keys are rejected in production")
+        print("  • Development environments are more flexible")
+        print("  • Security requirements can be checked programmatically")
+        
+    finally:
+        cleanup_environment()
+
+if __name__ == "__main__":
+    main()