OHRM5X-2407: Override OpenIDConnectClient

ManulMax · Dec 15, 2023 · 51f639e · 51f639e
1 parent 9441f4a
commit 51f639e
Show file tree

Hide file tree

Showing 5 changed files with 50 additions and 73 deletions.
diff --git a/src/plugins/orangehrmOpenidAuthenticationPlugin/Controller/OpenIdConnectLoginController.php b/src/plugins/orangehrmOpenidAuthenticationPlugin/Controller/OpenIdConnectLoginController.php
@@ -19,17 +19,12 @@
 
 namespace OrangeHRM\OpenidAuthentication\Controller;
 
-use Jumbojett\OpenIDConnectClientException;
 use OrangeHRM\Core\Authorization\Service\HomePageService;
 use OrangeHRM\Core\Controller\AbstractVueController;
 use OrangeHRM\Core\Controller\PublicControllerInterface;
 use OrangeHRM\Core\Traits\Auth\AuthUserTrait;
 use OrangeHRM\Framework\Http\RedirectResponse;
 use OrangeHRM\Framework\Http\Request;
-use OrangeHRM\Framework\Http\Session\MemorySessionStorage;
-use OrangeHRM\Framework\Http\Session\Session;
-use OrangeHRM\Framework\ServiceContainer;
-use OrangeHRM\Framework\Services;
 use OrangeHRM\OpenidAuthentication\OpenID\OpenIDConnectClient;
 use OrangeHRM\OpenidAuthentication\Traits\Service\SocialMediaAuthenticationServiceTrait;
 
@@ -38,10 +33,6 @@ class OpenIdConnectLoginController extends AbstractVueController implements Publ
     use AuthUserTrait;
     use SocialMediaAuthenticationServiceTrait;
 
-    public const SCOPE = 'email';
-    public const REDIRECT_URL = 'https://734d-2402-d000-a500-40f9-f1e8-1109-5f81-bcf4.ngrok-free.app/orangehrm5/web/index.php/openidauth/openIdCredentials';
-    private bool $isAuthenticated = false;
-
     /**
      * @var HomePageService|null
      */
@@ -59,47 +50,24 @@ public function getHomePageService(): HomePageService
     }
 
     /**
-     * @throws OpenIDConnectClientException
+     * @param Request $request
+     * @return RedirectResponse
      */
     public function handle(Request $request): RedirectResponse
     {
         $response = $this->getResponse();
         $providerId = $request->attributes->get('providerId');
         $oidcClient = new OpenIDConnectClient();
 
-        if ($providerId > 0) {
-            $this->setSession($providerId);
-            $provider = $this->getSocialMediaAuthenticationService()->getAuthProviderDao()
-                ->getAuthProviderDetailsByProviderId($providerId);
-
-            $oidcClient = $this->getSocialMediaAuthenticationService()->initiateAuthentication(
-                $provider,
-                self::SCOPE,
-                self::REDIRECT_URL
-            );
-
-            $this->isAuthenticated = $oidcClient->authenticate();
-        }
-
-        if ($this->isAuthenticated) {
-            $provider = $this->getSocialMediaAuthenticationService()->getAuthProviderDao()
-                ->getAuthProviderDetailsByProviderId(1);
+        $provider = $this->getSocialMediaAuthenticationService()->getAuthProviderDao()
+            ->getAuthProviderDetailsByProviderId($providerId);
 
-            $oidcClient->setProviderURL($provider->getOpenIdProvider()->getProviderUrl());
-
-            $email = $oidcClient->requestUserInfo('email');
-        }
+        $oidcClient = $this->getSocialMediaAuthenticationService()->initiateAuthentication(
+            $provider,
+            $this->getSocialMediaAuthenticationService()->getScope(),
+            $this->getSocialMediaAuthenticationService()->getRedirectURL()
+        );
 
         return new RedirectResponse($oidcClient->getGeneratedAuthUrl());
     }
-
-    private function setSession($providerId)
-    {
-        $sessionStorage = new MemorySessionStorage();
-        ServiceContainer::getContainer()->set(Services::SESSION_STORAGE, $sessionStorage);
-        $session = new Session($sessionStorage);
-        $session->start();
-        ServiceContainer::getContainer()->set(Services::SESSION, $session);
-        $session->set('providerId', $providerId);
-    }
 }
diff --git a/...lugins/orangehrmOpenidAuthenticationPlugin/Controller/OpenIdConnectRedirectController.php b/...lugins/orangehrmOpenidAuthenticationPlugin/Controller/OpenIdConnectRedirectController.php
@@ -24,16 +24,15 @@
 use OrangeHRM\Core\Authorization\Service\HomePageService;
 use OrangeHRM\Core\Controller\AbstractVueController;
 use OrangeHRM\Core\Controller\PublicControllerInterface;
+use OrangeHRM\Core\Traits\Auth\AuthUserTrait;
 use OrangeHRM\Framework\Http\RedirectResponse;
 use OrangeHRM\Framework\Http\Request;
-use OrangeHRM\OpenidAuthentication\OpenID\OpenIDConnectClient;
 use OrangeHRM\OpenidAuthentication\Traits\Service\SocialMediaAuthenticationServiceTrait;
 
 class OpenIdConnectRedirectController extends AbstractVueController implements PublicControllerInterface
 {
+    use AuthUserTrait;
     use SocialMediaAuthenticationServiceTrait;
-    public const SCOPE = 'email';
-    public const REDIRECT_URL = 'https://734d-2402-d000-a500-40f9-f1e8-1109-5f81-bcf4.ngrok-free.app/orangehrm5/web/index.php/openidauth/openIdCredentials';
 
     /**
      * @var HomePageService|null
@@ -59,14 +58,17 @@ public function getHomePageService(): HomePageService
      */
     public function handle(Request $request): RedirectResponse
     {
+        //TODO
         $provider = $this->getSocialMediaAuthenticationService()->getAuthProviderDao()
             ->getAuthProviderDetailsByProviderId(1);
 
-        $oidcClient = new OpenIDConnectClient();
-        $oidcClient->setProviderURL($provider->getOpenIdProvider()->getProviderUrl());
+        $oidcClient = $this->getSocialMediaAuthenticationService()->initiateAuthentication(
+            $provider,
+            $this->getSocialMediaAuthenticationService()->getScope(),
+            $this->getSocialMediaAuthenticationService()->getRedirectURL()
+        );
 
-        $email = $oidcClient->requestUserInfo('email');
-        var_dump($email);
+        $oidcClient->authenticate();
 
         $homePagePath = $this->getHomePageService()->getHomePagePath();
         return $this->redirect($homePagePath);

diff --git a/src/plugins/orangehrmOpenidAuthenticationPlugin/OpenID/OpenIDConnectClient.php b/src/plugins/orangehrmOpenidAuthenticationPlugin/OpenID/OpenIDConnectClient.php
@@ -19,8 +19,12 @@
 
 namespace OrangeHRM\OpenidAuthentication\OpenID;
 
+use OrangeHRM\Core\Traits\Auth\AuthUserTrait;
+
 class OpenIDConnectClient extends \Jumbojett\OpenIDConnectClient
 {
+    use AuthUserTrait;
+
     protected ?string $generatedAuthUrl = null;
 
     public function redirect($url)
@@ -32,4 +36,23 @@ public function getGeneratedAuthUrl(): string
     {
         return $this->generatedAuthUrl;
     }
+
+    public function commitSession()
+    {
+    }
+
+    protected function setSessionKey($key, $value)
+    {
+        $this->getAuthUser()->setAttribute($key, $value);
+    }
+
+    protected function getSessionKey($key)
+    {
+        $this->getAuthUser()->getAttribute($key);
+    }
+
+    protected function unsetSessionKey($key)
+    {
+        $this->getAuthUser()->removeAttribute($key);
+    }
 }
diff --git a/src/plugins/orangehrmOpenidAuthenticationPlugin/Service/SocialMediaAuthenticationService.php b/src/plugins/orangehrmOpenidAuthenticationPlugin/Service/SocialMediaAuthenticationService.php
@@ -19,8 +19,6 @@
 
 namespace OrangeHRM\OpenidAuthentication\Service;
 
-use Jumbojett\OpenIDConnectClientException;
-use OrangeHRM\Authentication\Dto\UserCredential;
 use OrangeHRM\Entity\AuthProviderExtraDetails;
 use OrangeHRM\OpenidAuthentication\Dao\AuthProviderDao;
 use OrangeHRM\OpenidAuthentication\OpenID\OpenIDConnectClient;
@@ -63,33 +61,19 @@ public function initiateAuthentication(AuthProviderExtraDetails $provider, strin
         return $oidcClient;
     }
 
-//    TODO - remove if not need
     /**
-     * @param OpenIDConnectClient $oidcClient
-     * @throws OpenIDConnectClientException
+     * @return string
      */
-    public function handleCallback(OpenIDConnectClient $oidcClient): string
+    public function getRedirectURL(): string
     {
-//        ob_start();
-//
-//        $oidcClient->authenticate();
-//        $output = ob_get_contents();
-//        dump($output);
-//        dump('here1');
-//        ob_end_flush();
-//        try {
-//            $isAuthenticated = $oidcClient->authenticate();
-//            if ($isAuthenticated) {
-//                $credentials = new UserCredential($oidcClient->requestUserInfo('email'));
-//                $this->authenticateUser($credentials);
-//            }
-//        } catch (OpenIDConnectClientException $e) {
-//            throw $e;
-//        }
+        return self::REDIRECT_URL;
     }
 
-    private function authenticateUser(UserCredential $userCredential): void
+    /**
+     * @return string
+     */
+    public function getScope(): string
     {
-//        $username = $userCredential->getUsername();
+        return self::SCOPE;
     }
 }
diff --git a/src/plugins/orangehrmOpenidAuthenticationPlugin/config/routes.yaml b/src/plugins/orangehrmOpenidAuthenticationPlugin/config/routes.yaml
@@ -28,7 +28,7 @@ admin_edit_auth_provider:
 #add this url to maintain 4X backward compatibility
 auth_oidc_login_redirect:
   path: /openidauth/openIdCredentials
-  controller: OrangeHRM\OpenidAuthentication\Controller\OpenIdConnectLoginController::handle
+  controller: OrangeHRM\OpenidAuthentication\Controller\OpenIdConnectRedirectController::handle
   methods: [ GET ]
 
 auth_oidc_login: