Merge branch '3516926-in-enablespaapp-function' into '8.x'

Add support for setting up a Scope since SimpleOauth does not setup an...

See merge request !2334

modules/cloud_dashboard/cloud_dashboard.routing.yml

@@ -113,6 +113,16 @@ cloud_dashboard.jsonapi_server_uri:
   requirements:
     _permission: 'access dashboard'
 
+# OAuth2 Scope
+cloud_dashboard.scope:
+  path: '/clouds/cloud_dashboard/config/scope'
+  defaults:
+    _controller: '\Drupal\cloud_dashboard\Controller\CloudDashboardConfigController::getScope'
+  methods: [GET]
+  requirements:
+    # Public access.
+    _access: 'TRUE'
+
 # URL of the image to be displayed as the default marker icon in Leaflet.js.
 cloud_dashboard.marker_icon_uri:
   path: '/clouds/cloud_dashboard/config/marker_icon_uri'

modules/cloud_dashboard/config/install/cloud_dashboard.settings.yml

 cloud_dashboard_oauth2_callback_uri: ''
 cloud_dashboard_oauth2_client_id: ''
+cloud_dashboard_oauth2_scope: ''
 cloud_dashboard_json_api_server_uri: ''
 cloud_dashboard_marker_icon_uri: ''
 cloud_dashboard_map_geojson_uri: ''

modules/cloud_dashboard/config/schema/cloud_dashboard.settings.schema.yml

@@ -5,6 +5,8 @@ cloud_dashboard.settings:
       type: string
     cloud_dashboard_oauth2_client_id:
       type: string
+    cloud_dashboard_oauth2_scope:
+      type: string
     cloud_dashboard_json_api_server_uri:
       type: string
     cloud_dashboard_marker_icon_uri:

modules/cloud_dashboard/src/Controller/CloudDashboardConfigController.php

@@ -76,7 +76,7 @@ class CloudDashboardConfigController extends ControllerBase {
   /**
    * Get callback URI for OAuth2.
    *
-   * @return Symfony\Component\HttpFoundation\JsonResponse
+   * @return \Symfony\Component\HttpFoundation\JsonResponse
    *   A JSON response of callback URI.
    */
   public function getCallbackUri(): JsonResponse {
@@ -109,7 +109,7 @@ class CloudDashboardConfigController extends ControllerBase {
   /**
    * Get client ID for OAuth2.
    *
-   * @return Symfony\Component\HttpFoundation\JsonResponse
+   * @return \Symfony\Component\HttpFoundation\JsonResponse
    *   A JSON response of callback URI.
    */
   public function getClientId(): JsonResponse {
@@ -139,10 +139,40 @@ class CloudDashboardConfigController extends ControllerBase {
     ], 404);
   }
 
+  /**
+   * Get Oauth scope ID.
+   *
+   * @return \Symfony\Component\HttpFoundation\JsonResponse
+   *   A JSON response of callback URI.
+   */
+  public function getScope(): JsonResponse {
+    $config = $this->configFactory->get('cloud_dashboard.settings');
+    $scope_id = $config->get('cloud_dashboard_oauth2_scope');
+    // Return the user configured scope id.
+    if (!empty($scope_id)) {
+      return new JsonResponse(['scope' => $scope_id]);
+    }
+
+    /** @var \Drupal\simple_oauth\Entity\Oauth2Scope[] $entities */
+    $entities = $this->entityTypeManager
+      ->getStorage('oauth2_scope')
+      ->loadByProperties([
+        'name' => 'cloud_dashboard',
+      ]);
+    if (empty($entities)) {
+      // Return an error if not found.
+      return new JsonResponse([
+        'result' => 'NG',
+        'reason' => 'The scope ID can not load.',
+      ], 404);
+    }
+    return new JsonResponse(['scope' => current($entities)->id()]);
+  }
+
   /**
    * Get Server URI for JSON:API.
    *
-   * @return Symfony\Component\HttpFoundation\JsonResponse
+   * @return \Symfony\Component\HttpFoundation\JsonResponse
    *   A JSON response of callback URI.
    */
   public function getJsonApiServerUri(): JsonResponse {
@@ -159,7 +189,7 @@ class CloudDashboardConfigController extends ControllerBase {
   /**
    * Get URL of default marker icon for Leaflet.js.
    *
-   * @return Symfony\Component\HttpFoundation\JsonResponse
+   * @return \Symfony\Component\HttpFoundation\JsonResponse
    *   A JSON response of callback URI.
    */
   public function getMakerIconUri(): JsonResponse {
@@ -176,7 +206,7 @@ class CloudDashboardConfigController extends ControllerBase {
   /**
    * Get URL of coordinate data for drawing world map (GeoJson format).
    *
-   * @return Symfony\Component\HttpFoundation\JsonResponse
+   * @return \Symfony\Component\HttpFoundation\JsonResponse
    *   A JSON response of callback URI.
    */
   public function getMapGeoJsonUri(): JsonResponse {
@@ -193,7 +223,7 @@ class CloudDashboardConfigController extends ControllerBase {
   /**
    * Returns configuration information about the location map.
    *
-   * @return Symfony\Component\HttpFoundation\JsonResponse
+   * @return \Symfony\Component\HttpFoundation\JsonResponse
    *   A JSON response of config.
    */
   public function getLocationMapConfig(): JsonResponse {
@@ -212,7 +242,7 @@ class CloudDashboardConfigController extends ControllerBase {
   /**
    * Returns configuration information about the bypass animation.
    *
-   * @return Symfony\Component\HttpFoundation\JsonResponse
+   * @return \Symfony\Component\HttpFoundation\JsonResponse
    *   A JSON response of config.
    */
   public function getBypassAnimation(): JsonResponse {

modules/cloud_dashboard/src/Form/Config/CloudDashboardAdminSettings.php

@@ -213,6 +213,13 @@ class CloudDashboardAdminSettings extends ConfigFormBase {
       '#description' => $this->t('If you leave this field blank, the client ID will be the same as the consumer plugin at the server of Cloud Dashboard.'),
       '#attributes' => ['placeholder' => 'e.g. e0a08590-4a13-419d-a64d-f859806c21a9'],
     ];
+    $form['custom_urls']['oauth2_scope'] = [
+      '#type' => 'textfield',
+      '#title' => $this->t('Scope ID for OAuth2'),
+      '#default_value' => $config->get('cloud_dashboard_oauth2_scope'),
+      '#description' => $this->t('If you leave this field blank, the default scope ID for Cloud Dashboard is used.'),
+      '#attributes' => ['placeholder' => 'e.g. scope_id'],
+    ];
 
     $form['custom_urls']['json_api_server_uri'] = [
       '#type' => 'url',
@@ -305,6 +312,7 @@ class CloudDashboardAdminSettings extends ConfigFormBase {
 
     $config->set('cloud_dashboard_oauth2_callback_uri', $form_state->getValue('oauth2_callback_uri'));
     $config->set('cloud_dashboard_oauth2_client_id', $form_state->getValue('oauth2_client_id'));
+    $config->set('cloud_dashboard_oauth2_scope', $form_state->getValue('oauth2_scope'));
     $config->set('cloud_dashboard_json_api_server_uri', $form_state->getValue('json_api_server_uri'));
     $config->set('cloud_dashboard_marker_icon_uri', $form_state->getValue('marker_icon_uri'));
     $config->set('cloud_dashboard_map_geojson_uri', $form_state->getValue('map_geojson_uri'));

src/Traits/CloudFormTrait.php

@@ -3,6 +3,8 @@
 namespace Drupal\cloud\Traits;
 
 use Drupal\consumers\Entity\Consumer;
+use Drupal\simple_oauth\Entity\Oauth2Scope;
+use PHPUnit\Framework\Exception;
 
 /**
  * The trait for Cloud Form.
@@ -96,12 +98,18 @@ trait CloudFormTrait {
           'roles' => [
             'cloud_admin',
           ],
+          'grant_types' => [
+            'authorization_code',
+          ],
           'redirect' => $callback_url,
           'pkce' => FALSE,
           'confidential' => FALSE,
         ])->save();
       }
 
+      // Create the scope entity.
+      $this->createOauthScope();
+
       \Drupal::configFactory()
         ->getEditable('system.site')
         ->set('page.front', '/clouds/dashboard/providers')
@@ -120,6 +128,43 @@ trait CloudFormTrait {
     }
   }
 
+  /**
+   * Create the Oauth Scope if it doesn't exist.
+   */
+  private function createOauthScope(): void {
+    if (\Drupal::service('module_handler')->moduleExists('simple_oauth') === FALSE) {
+      throw new Exception('Cannot enable SPA application.  Simple Oauth module not found.');
+    }
+    $results = \Drupal::entityTypeManager()->getStorage('oauth2_scope')
+      ->loadByProperties([
+        'name' => 'cloud_dashboard',
+      ]);
+    if (empty($results)) {
+      // @phpstan-ignore-next-line
+      Oauth2Scope::create([
+        'id' => 'cloud_dashboard',
+        'name' => 'cloud_dashboard',
+        'description' => 'Cloud dashboard',
+        'grant_types' => [
+          'authorization_code' => [
+            'status' => TRUE,
+            'description' => '',
+          ],
+          'client_credentials' => [
+            'status' => TRUE,
+            'description' => '',
+          ],
+        ],
+        'umbrella' => FALSE,
+        'parent' => '_none',
+        'granularity' => 'role',
+        'permission' => '',
+        'role' => 'cloud_admin',
+        'langcode' => 'en',
+      ])->save();
+    }
+  }
+
   /**
    * Turn off SPA application and set homepage to regular dashboard.
    */