From f08380c1f845358a7174da2fcee2ff08f9f7bb1a Mon Sep 17 00:00:00 2001
From: Damien <damien.burel@maarch.org>
Date: Tue, 19 Dec 2017 11:51:38 +0100
Subject: [PATCH] FEAT #6207 User Creation if does not exist
---
apps/maarch_entreprise/ozwilloConnect.php | 39 +++++++++++------------
core/Models/UserModelAbstract.php | 4 +--
2 files changed, 20 insertions(+), 23 deletions(-)
diff --git a/apps/maarch_entreprise/ozwilloConnect.php b/apps/maarch_entreprise/ozwilloConnect.php
index 9793b8897f9..e0ed4d47b69 100644
--- a/apps/maarch_entreprise/ozwilloConnect.php
+++ b/apps/maarch_entreprise/ozwilloConnect.php
@@ -13,35 +13,32 @@ if (!empty($_SESSION['ozwillo']['code']) && !empty($_SESSION['ozwillo']['state']
$oidc = new OpenIDConnectClient($ozwilloConfig['uri'], $ozwilloConfig['clientId'], $ozwilloConfig['clientSecret']);
$oidc->addScope('openid');
$oidc->addScope('email');
+$oidc->addScope('profile');
$oidc->authenticate();
-$userId = $oidc->requestUserInfo('email');
-$user = \Core\Models\UserModel::getById(['userId' => $userId]);
+$idToken = $oidc->getIdTokenPayload();
+if (empty($idToken->app_user) && empty($idToken->app_admin)) {
+ echo '<br>Utilisateur non autorisé';
+ exit;
+}
+
+$profile = $oidc->requestUserInfo();
+$user = \Core\Models\UserModel::getByUserId(['userId' => $idToken->sub]);
if (empty($user)) {
- echo '<br>' . _USER_NOT_EXIST;
- exit;
+ $firstname = empty($profile->given_name) ? 'utilisateur' : $profile->given_name;
+ $lastname = empty($profile->family_name) ? 'utilisateur' : $profile->family_name;
+ \Core\Models\UserModel::create(['user' => ['userId' => $idToken->sub, 'firstname' => $firstname, 'lastname' => $lastname, 'changePassword' => 'N']]);
+ $user = \Core\Models\UserModel::getByUserId(['userId' => $idToken->sub]);
+ \Core\Models\UserModel::addGroup(['id' => $user['id'], 'groupId' => 'AGENT']);
+ \Core\Models\UserModel::addEntity(['id' => $user['id'], 'entityId' => 'VILLE', 'primaryEntity' => 'Y']);
}
-$_SESSION['ozwillo']['userId'] = $userId;
+$_SESSION['ozwillo']['userId'] = $idToken->sub;
$_SESSION['ozwillo']['accessToken'] = $oidc->getAccessToken();
unset($_REQUEST['code']);
unset($_REQUEST['state']);
+header("location: log.php");
$trace = new history();
-if ($restMode) {
- $_SESSION['error'] = '';
- $security = new security();
- $pass = $security->getPasswordHash('maarch');
- $res = $security->login($userId, $pass);
-
- $_SESSION['user'] = $res['user'];
- if (!empty($res['error'])) {
- $_SESSION['error'] = $res['error'];
- }
-
- $trace->add('users', $userId, 'LOGIN', 'userlogin', 'Ozwillo Connection', $_SESSION['config']['databasetype'], 'ADMIN', false);
-} else {
- header("location: log.php");
- $trace->add('users', $userId, 'LOGIN', 'userlogin', 'Ozwillo Connection', $_SESSION['config']['databasetype'], 'ADMIN', false);
-}
+$trace->add('users', $idToken->sub, 'LOGIN', 'userlogin', 'Ozwillo Connection', $_SESSION['config']['databasetype'], 'ADMIN', false);
diff --git a/core/Models/UserModelAbstract.php b/core/Models/UserModelAbstract.php
index f97a12c1bcf..45eeb5d9897 100755
--- a/core/Models/UserModelAbstract.php
+++ b/core/Models/UserModelAbstract.php
@@ -57,7 +57,7 @@ class UserModelAbstract
{
ValidatorModel::notEmpty($aArgs, ['user']);
ValidatorModel::notEmpty($aArgs['user'], ['userId', 'firstname', 'lastname']);
- ValidatorModel::stringType($aArgs['user'], ['userId', 'firstname', 'lastname', 'mail', 'initials', 'thumbprint', 'phone']);
+ ValidatorModel::stringType($aArgs['user'], ['userId', 'firstname', 'lastname', 'mail', 'initials', 'thumbprint', 'phone', 'changePassword']);
DatabaseModel::insert([
'table' => 'users',
@@ -71,7 +71,7 @@ class UserModelAbstract
'thumbprint' => $aArgs['user']['thumbprint'],
'enabled' => 'Y',
'status' => 'OK',
- 'change_password' => 'Y',
+ 'change_password' => empty($aArgs['user']['changePassword']) ? 'Y' : $aArgs['user']['changePassword'],
'loginmode' => 'standard',
'password' => SecurityModel::getPasswordHash('maarch')
]
--
GitLab