Commit eac0366d authored by Mateu Aguiló Bosch's avatar Mateu Aguiló Bosch Committed by Marlon
Browse files

Issue #2999521 by e0ipso, matt_paz, solomonrothman, bradjones1, sebkamil,... 

Issue #2999521 by e0ipso, matt_paz, solomonrothman, bradjones1, sebkamil, Berdir, thtas, esolitos: Init module based on code provided in this issue.
parent 518a7e7e

composer.json

0 → 100644
+13 −0
Original line number Diff line number Diff line 
{

    "name": "drupal/simple_openid_connect",

    "type": "drupal-module",

    "authors": [

        {

            "name": "Marlon Saglia",

            "email": "marlon@ramsalt.com"

        }

    ],

    "require": {

        "steverhoades/oauth2-openid-connect-server": "^1.2"

    }

}

simple_openid_connect.info.yml

0 → 100644
+8 −0
Original line number Diff line number Diff line 
name: Simple OpenID Connect

description: Implements the OpenID Connect protocol.

type: module

core: 8.x

package: Authentication

dependencies:

  - simple_oauth:simple_oauth

  - serialization:serialization

simple_openid_connect.routing.yml

0 → 100644
+10 −0
Original line number Diff line number Diff line 
simple_openid_connect.userinfo:

  path: '/userinfo'

  defaults:

    _controller: Drupal\simple_openid_connect\Controller\UserInfo::handle

    _title: 'OpenID Connect User Info'

  methods: [GET]

  requirements:

    _role: 'authenticated'

  options:

    _auth: ['oauth2']

simple_openid_connect.services.yml

0 → 100644
+25 −0
Original line number Diff line number Diff line 
parameters:

  simple_openid_connect.scope: 'openid'

  simple_openid_connect.claims:

    - name

    - preferred_username

    - email

    - email_verified

    - locale

    - updated_at

services:

  Drupal\simple_openid_connect\OpenIdConnect\UserIdentityProvider:

    arguments: ['@entity_type.manager']

  OpenIDConnectServer\Entities\ClaimSetEntity:

    arguments: ['%simple_openid_connect.scope%', '%simple_openid_connect.claims%']

    private: true

  OpenIDConnectServer\ClaimExtractor:

    arguments: [['@OpenIDConnectServer\Entities\ClaimSetEntity']]

  Drupal\simple_openid_connect\OpenIdConnect\OpenIdConnectScopeRepository:

    public: false

    decorates: simple_oauth.repositories.scope

    arguments: ['@Drupal\simple_openid_connect\OpenIdConnect\OpenIdConnectScopeRepository.inner']

  Drupal\simple_openid_connect\Normalizer\UserClaimsNormalizer:

    arguments: ['@entity_type.manager', '%simple_openid_connect.claims%']

    tags:

      - { name: normalizer, priority: 21 }

src/Controller/UserInfo.php

0 → 100644
+80 −0
Original line number Diff line number Diff line 
<?php



namespace Drupal\simple_openid_connect\Controller;



use Drupal\Core\Cache\CacheableJsonResponse;

use Drupal\Core\DependencyInjection\ContainerInjectionInterface;

use Drupal\Core\Session\AccountProxyInterface;

use Drupal\simple_oauth\Authentication\TokenAuthUser;

use Drupal\simple_openid_connect\Entities\UserEntityWithClaims;

use Symfony\Component\DependencyInjection\ContainerInterface;

use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;

use Symfony\Component\Serializer\Normalizer\NormalizerInterface;

use Symfony\Component\Serializer\SerializerInterface;



/**

 * Controller for the User Info endpoint.

 */

final class UserInfo implements ContainerInjectionInterface {



  /**

   * The authenticated user.

   *

   * @var \Drupal\Core\Session\AccountInterface

   */

  private $user;



  /**

   * The serializer.

   *

   * @var \Symfony\Component\Serializer\SerializerInterface

   */

  private $serializer;



  /**

   * UserInfo constructor.

   *

   * @param \Drupal\Core\Session\AccountProxyInterface $user

   *   The user.

   * @param \Symfony\Component\Serializer\SerializerInterface $serializer

   *   The serializer service.

   */

  private function __construct(AccountProxyInterface $user, SerializerInterface $serializer) {

    $this->user = $user->getAccount();

    $this->serializer = $serializer;

  }



  /**

   * {@inheritdoc}

   */

  public static function create(ContainerInterface $container) {

    return new static(

      $container->get('current_user'),

      $container->get('serializer')

    );

  }



  /**

   * The controller.

   *

   * @return \Symfony\Component\HttpFoundation\Response

   *   The response.

   */

  public function handle() {

    assert($this->serializer instanceof NormalizerInterface);

    if (!$this->user instanceof TokenAuthUser) {

      throw new AccessDeniedHttpException('This route is only available for authenticated requests using OAuth2.');

    }

    $token = $this->user->getToken();

    $identifier = $this->user->id();

    $user_entity = new UserEntityWithClaims();

    $user_entity->setIdentifier($identifier);

    $response = CacheableJsonResponse::create(

      $this->serializer->normalize($user_entity, 'json', [$identifier => $this->user])

    );

    return $response

      ->addCacheableDependency($token)

      ->addCacheableDependency($this->user);

  }



}