SYLIUS-250: microsoft connexion

synolia · Sep 8, 2023 · 87279fa · 87279fa
1 parent e45d199
commit 87279fa
Show file tree

Hide file tree

Showing 9 changed files with 60 additions and 255 deletions.
diff --git a/composer.json b/composer.json
@@ -11,7 +11,8 @@
  "php": "^8.0",
  "knpuniversity/oauth2-client-bundle": "^2.15",
  "league/oauth2-google": "^4.0",
- "sylius/sylius": "^1.10"
+ "sylius/sylius": "^1.10",
+ "thenetworg/oauth2-azure": "^2.2"
  },
  "require-dev": {
  "friendsofphp/php-cs-fixer": "3.16.0",

diff --git a/config/app.yaml b/config/app.yaml
@@ -7,21 +7,21 @@ sylius_ui:
 
 twig:
  globals:
- google_client_id: '%env(OAUTH_GOOGLE_CLIENT_ID)%'
- microsoft_client_id: '%env(OAUTH_MICROSOFT_CLIENT_ID)%'
+ google_client_id: '%env(default::OAUTH_GOOGLE_CLIENT_ID)%'
+ microsoft_client_id: '%env(default::OAUTH_MICROSOFT_CLIENT_ID)%'
 
 knpu_oauth2_client:
  clients:
  google_main:
  type: google
- client_id: '%env(OAUTH_GOOGLE_CLIENT_ID)%'
- client_secret: '%env(OAUTH_GOOGLE_CLIENT_SECRET)%'
+ client_id: '%env(default::OAUTH_GOOGLE_CLIENT_ID)%'
+ client_secret: '%env(default::OAUTH_GOOGLE_CLIENT_SECRET)%'
  redirect_route: 'connect_google_check'
  redirect_params: {}
  azure_main:
  type: azure
- client_id: '%env(OAUTH_MICROSOFT_CLIENT_ID)%'
- client_secret: '%env(OAUTH_MICROSOFT_CLIENT_SECRET)%'
+ client_id: '%env(default::OAUTH_MICROSOFT_CLIENT_ID)%'
+ client_secret: '%env(default::OAUTH_MICROSOFT_CLIENT_SECRET)%'
  redirect_route: 'connect_microsoft_check'
  redirect_params: {}
 

diff --git a/src/Factory/AdminUserFactory.php b/src/Factory/AdminUserFactory.php
@@ -4,15 +4,15 @@
 
 namespace Synolia\SyliusAdminOauthPlugin\Factory;
 
-use App\Entity\User\AdminUser;
+use App\Entity\User\AdminUser as customAdminUser;
 use League\OAuth2\Client\Provider\GoogleUser;
-use Synolia\SyliusAdminOauthPlugin\Model\MicrosoftUser;
+use TheNetworg\OAuth2\Client\Provider\AzureResourceOwner;
 
 final class AdminUserFactory
 {
- public static function createByGoogleAccount(GoogleUser $googleUser): AdminUser
+ public static function createByGoogleAccount(GoogleUser $googleUser): customAdminUser
  {
- $user = new AdminUser();
+ $user = new customAdminUser();
  $user->setEmail($googleUser->getEmail());
  $user->setEmailCanonical($googleUser->getEmail());
  $user->setUsername($googleUser->getName());
@@ -29,19 +29,18 @@ public static function createByGoogleAccount(GoogleUser $googleUser): AdminUser
  return $user;
  }
 
- public static function createByMicrosoftAccount(MicrosoftUser $microsoftUser): AdminUser
+ public static function createByMicrosoftAccount(AzureResourceOwner $microsoftUser, string $locale): customAdminUser
  {
- $user = new AdminUser();
- $user->setEmail($microsoftUser->getEmail());
- $user->setEmailCanonical($microsoftUser->getEmailCanonical());
- $user->setUsername($microsoftUser->getUsername());
+ $user = new customAdminUser();
+ $user->setEmail($microsoftUser->getUpn());
+ $user->setEmailCanonical($microsoftUser->getUpn());
+ $user->setUsername($microsoftUser->getFirstName() . '_' . $microsoftUser->getLastName() . '_' . random_int(1, 100));
  $user->setFirstName($microsoftUser->getFirstname());
  $user->setLastName($microsoftUser->getLastname());
- // TODO: get user's locale code
- $user->setLocaleCode('fr_FR');
+ $user->setLocaleCode($locale);
  $user->setEnabled(true);
  $user->setCreatedAt(new \DateTimeImmutable('now'));
- /** @var string|null $googleId */
+ /** @var string|null $microsoftId */
  $microsoftId = $microsoftUser->getId();
  $user->setMicrosoftId($microsoftId);
 

diff --git a/src/Factory/MicrosoftUserFactory.php b/src/Factory/MicrosoftUserFactory.php
diff --git a/src/Model/MicrosoftUser.php b/src/Model/MicrosoftUser.php
diff --git a/src/Security/MicrosoftAuthenticator.php b/src/Security/MicrosoftAuthenticator.php
@@ -17,9 +17,9 @@
 use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
 use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
 use Symfony\Contracts\Translation\TranslatorInterface;
-use Synolia\SyliusAdminOauthPlugin\Model\MicrosoftUser;
 use Synolia\SyliusAdminOauthPlugin\Repository\AuthorizedDomainRepository;
 use Synolia\SyliusAdminOauthPlugin\Service\UserCreationService;
+use TheNetworg\OAuth2\Client\Provider\AzureResourceOwner;
 
 final class MicrosoftAuthenticator extends OAuth2Authenticator
 {
@@ -39,19 +39,15 @@ public function supports(Request $request): ?bool
  }
 
  /**
- * @param Request $request
- *
- * @return Passport
- *
- * @SuppressWarnings(PHPMD.UnusedFormalParameter)
+ * {@inheritDoc}
  */
  public function authenticate(Request $request): Passport
  {
  $client = $this->clientRegistry->getClient('azure_main');
 
  $accessToken = $this->fetchAccessToken($client);
 
- /** @var MicrosoftUser $microsoftUser */
+ /** @var AzureResourceOwner $microsoftUser */
  $microsoftUser = $client->fetchUserFromToken($accessToken);
 
  return new SelfValidatingPassport(
@@ -64,7 +60,7 @@ public function authenticate(Request $request): Passport
  // Else connect compared to authorized domains
  foreach ($domains as $domain) {
  if (
- null !== $microsoftUser->getEmail() && str_ends_with($microsoftUser->getEmail(), $domain->getName())
+ null !== $microsoftUser->getUpn() && str_ends_with($microsoftUser->getUpn(), $domain->getName())
  ) {
  return $this->userCreationService->create($microsoftUser);
  }

diff --git a/src/Service/UserCreationService.php b/src/Service/UserCreationService.php
@@ -7,46 +7,54 @@
 use Doctrine\ORM\EntityManagerInterface;
 use League\OAuth2\Client\Provider\GoogleUser;
 use Sylius\Component\Core\Model\AdminUser;
+use Sylius\Component\Locale\Context\LocaleContextInterface;
 use Sylius\Component\Resource\Repository\RepositoryInterface;
 use Synolia\SyliusAdminOauthPlugin\Factory\AdminUserFactory;
-use Synolia\SyliusAdminOauthPlugin\Model\MicrosoftUser;
+use TheNetworg\OAuth2\Client\Provider\AzureResourceOwner;
 
 final class UserCreationService
 {
  public function __construct(
  private EntityManagerInterface $entityManager,
- private RepositoryInterface $adminUserRepository
+ private RepositoryInterface $adminUserRepository,
+ private LocaleContextInterface $localeContext
  ) {
  }
 
- public function create(GoogleUser|MicrosoftUser $user): ?AdminUser
+ public function create(GoogleUser|AzureResourceOwner $user): AdminUser
  {
  if ($user instanceof GoogleUser) {
  /** @var AdminUser $existingUser */
  $existingUser = $this->adminUserRepository->findOneBy(['googleId' => $user->getId()]);
  } else {
+ /** @var AdminUser $existingUser */
  $existingUser = $this->adminUserRepository->findOneBy(['microsoftId' => $user->getId()]);
  }
-
  // 1) have they logged in with Google before? Easy!
  if (null !== $existingUser) {
  return $existingUser;
  }
  // 2) do we have a matching user by email?
- /** @var AdminUser $userToReturn */
- $userToReturn = $this->adminUserRepository->findOneBy(['email' => $user->getEmail()]);
+ if ($user instanceof GoogleUser) {
+ /** @var AdminUser $userToReturn */
+ $userToReturn = $this->adminUserRepository->findOneBy(['email' => $user->getEmail()]);
+ } else {
+ /** @var AdminUser $userToReturn */
+ $userToReturn = $this->adminUserRepository->findOneBy(['email' => $user->getUpn()]);
+ }
  // 3) register google user
  if (null === $userToReturn) {
  if ($user instanceof GoogleUser) {
  $userToReturn = AdminUserFactory::createByGoogleAccount($user);
  } else {
- $userToReturn = AdminUserFactory::createByMicrosoftAccount($user);
+ $userToReturn = AdminUserFactory::createByMicrosoftAccount($user, $this->localeContext->getLocaleCode());
  }
 
  $this->entityManager->persist($userToReturn);
  $this->entityManager->flush();
  }
 
+ /** @var AdminUser */
  return $userToReturn;
  }
 }