diff --git a/admin/app/routes/authentication/login-oidc.js b/admin/app/routes/authentication/login-oidc.js index 34e711427d8..860ba8ebf38 100644 --- a/admin/app/routes/authentication/login-oidc.js +++ b/admin/app/routes/authentication/login-oidc.js @@ -76,9 +76,9 @@ export default class LoginOidcRoute extends Route { const error = new JSONApiError(apiError.detail, apiError); const shouldUserCreateAnAccount = error.code === 'SHOULD_VALIDATE_CGU'; - const { authenticationKey, email } = error.meta ?? {}; + const { authenticationKey, userClaims } = error.meta ?? {}; if (shouldUserCreateAnAccount && authenticationKey) { - return { shouldUserCreateAnAccount, authenticationKey, email, identityProviderSlug }; + return { shouldUserCreateAnAccount, authenticationKey, email: userClaims.email, identityProviderSlug }; } if (error.status === '403' && error.code === 'PIX_ADMIN_ACCESS_NOT_ALLOWED') { diff --git a/admin/tests/unit/routes/authentication/login-oidc-test.js b/admin/tests/unit/routes/authentication/login-oidc-test.js index 58f8f215ed8..c3e95f270cb 100644 --- a/admin/tests/unit/routes/authentication/login-oidc-test.js +++ b/admin/tests/unit/routes/authentication/login-oidc-test.js @@ -164,7 +164,9 @@ module('Unit | Route | login-oidc', function (hooks) { authenticationKey: 'key', givenName: 'Mélusine', familyName: 'TITEGOUTTE', - email: 'melu@example.net', + userClaims: { + email: 'melu@example.net', + }, }, }, ], diff --git a/api/src/identity-access-management/application/oidc-provider/oidc-provider.controller.js b/api/src/identity-access-management/application/oidc-provider/oidc-provider.controller.js index 10f56be75b5..e83c8e18da6 100644 --- a/api/src/identity-access-management/application/oidc-provider/oidc-provider.controller.js +++ b/api/src/identity-access-management/application/oidc-provider/oidc-provider.controller.js @@ -42,14 +42,8 @@ async function authenticateOidcUser(request, h) { // TODO utiliser un message en anglais au lieu du français const message = "L'utilisateur n'a pas de compte Pix"; const responseCode = 'SHOULD_VALIDATE_CGU'; - const { authenticationKey, givenName, familyName, email } = result; - const meta = { authenticationKey, givenName, familyName }; - if (email) { - Object.assign(meta, { email }); - } - - throw new UnauthorizedError(message, responseCode, meta); + throw new UnauthorizedError(message, responseCode, result); } /** diff --git a/api/src/identity-access-management/domain/usecases/authenticate-oidc-user.usecase.js b/api/src/identity-access-management/domain/usecases/authenticate-oidc-user.usecase.js index de15e00f51f..8643bb56e55 100644 --- a/api/src/identity-access-management/domain/usecases/authenticate-oidc-user.usecase.js +++ b/api/src/identity-access-management/domain/usecases/authenticate-oidc-user.usecase.js @@ -1,5 +1,9 @@ +import lodash from 'lodash'; + import { ForbiddenAccess } from '../../../shared/domain/errors.js'; +const { omit } = lodash; + /** * @typedef {function} authenticateOidcUser * @param {Object} params @@ -63,8 +67,17 @@ async function authenticateOidcUser({ if (!user) { const authenticationKey = await authenticationSessionService.save({ userInfo, sessionContent }); - const { firstName: givenName, lastName: familyName, email } = userInfo; - return { authenticationKey, givenName, familyName, email, isAuthenticationComplete: false }; + + const userClaims = omit(userInfo, ['externalIdentityId']); + + return { + authenticationKey, + userClaims, + isAuthenticationComplete: false, + // TODO: The properties givenName and familyName are kept for backward compatibility with the Front. They will be removed soon. + givenName: userClaims.firstName, + familyName: userClaims.lastName, + }; } await _assertUserHasAccessToApplication({ requestedApplication, user, adminMemberRepository }); diff --git a/api/tests/identity-access-management/unit/application/oidc-provider.controller.test.js b/api/tests/identity-access-management/unit/application/oidc-provider.controller.test.js index a2093a69a23..e41edf41246 100644 --- a/api/tests/identity-access-management/unit/application/oidc-provider.controller.test.js +++ b/api/tests/identity-access-management/unit/application/oidc-provider.controller.test.js @@ -83,10 +83,20 @@ describe('Unit | Identity Access Management | Application | Controller | oidc-pr it('returns UnauthorizedError', async function () { // given const authenticationKey = 'aaa-bbb-ccc'; - const givenName = 'Mélusine'; - const familyName = 'TITEGOUTTE'; + const firstName = 'Mélusine'; + const lastName = 'TITEGOUTTE'; const email = 'melu@example.net'; - usecases.authenticateOidcUser.resolves({ authenticationKey, givenName, familyName, email }); + const userClaims = { + firstName, + lastName, + email, + }; + usecases.authenticateOidcUser.resolves({ + authenticationKey, + userClaims, + givenName: firstName, + familyName: lastName, + }); // when const error = await catchErr(oidcProviderController.authenticateOidcUser)(request, hFake); @@ -95,7 +105,12 @@ describe('Unit | Identity Access Management | Application | Controller | oidc-pr expect(error).to.be.an.instanceOf(UnauthorizedError); expect(error.message).to.equal("L'utilisateur n'a pas de compte Pix"); expect(error.code).to.equal('SHOULD_VALIDATE_CGU'); - expect(error.meta).to.deep.equal({ authenticationKey, givenName, familyName, email }); + expect(error.meta).to.deep.equal({ + authenticationKey, + userClaims, + givenName: firstName, + familyName: lastName, + }); }); }); }); diff --git a/api/tests/identity-access-management/unit/domain/usecases/authenticate-oidc-user.usecase.test.js b/api/tests/identity-access-management/unit/domain/usecases/authenticate-oidc-user.usecase.test.js index ddc27b549cf..ad9c4875458 100644 --- a/api/tests/identity-access-management/unit/domain/usecases/authenticate-oidc-user.usecase.test.js +++ b/api/tests/identity-access-management/unit/domain/usecases/authenticate-oidc-user.usecase.test.js @@ -231,9 +231,13 @@ describe('Unit | Identity Access Management | Domain | UseCase | authenticate-oi expect(authenticationSessionService.save).to.have.been.calledWithExactly({ userInfo, sessionContent }); expect(result).to.deep.equal({ authenticationKey, + userClaims: { + firstName: 'Mélusine', + lastName: 'TITEGOUTTE', + email: 'melu@example.net', + }, givenName: 'Mélusine', familyName: 'TITEGOUTTE', - email: 'melu@example.net', isAuthenticationComplete: false, }); }); diff --git a/mon-pix/app/components/authentication/login-or-register-oidc.hbs b/mon-pix/app/components/authentication/login-or-register-oidc.hbs index ddb0e117bdc..cf46e57d559 100644 --- a/mon-pix/app/components/authentication/login-or-register-oidc.hbs +++ b/mon-pix/app/components/authentication/login-or-register-oidc.hbs @@ -2,39 +2,46 @@
-
- - - - {{#if this.registerErrorMessage}} + {{#if this.registerErrorMessage}} + + {{/if}} + + + {{t "pages.login-or-register-oidc.register-form.button"}} + + {{else}} {{/if}} - - - {{t "pages.login-or-register-oidc.register-form.button"}} -
diff --git a/mon-pix/app/components/authentication/login-or-register-oidc.js b/mon-pix/app/components/authentication/login-or-register-oidc.js index 876f8071191..75f6f2cd6a2 100644 --- a/mon-pix/app/components/authentication/login-or-register-oidc.js +++ b/mon-pix/app/components/authentication/login-or-register-oidc.js @@ -35,14 +35,6 @@ export default class LoginOrRegisterOidcComponent extends Component { return this.oidcIdentityProviders[this.args.identityProviderSlug]?.organizationName; } - get givenName() { - return this.args.givenName; - } - - get familyName() { - return this.args.familyName; - } - get currentLanguage() { return this.intl.primaryLocale; } @@ -55,6 +47,41 @@ export default class LoginOrRegisterOidcComponent extends Component { return this.url.dataProtectionPolicyUrl; } + get userClaimsErrorMessage() { + const { userClaims } = this.args; + + if (!userClaims) { + return this.intl.t(`pages.login-or-register-oidc.register-form.information.error`); + } else { + return null; + } + } + + get userClaimsToDisplay() { + const { userClaims } = this.args; + + const result = []; + + if (userClaims) { + const { firstName, lastName, ...rest } = userClaims; + result.push(`${this.intl.t(`pages.login-or-register-oidc.register-form.information.firstName`)} ${firstName}`); + result.push(`${this.intl.t(`pages.login-or-register-oidc.register-form.information.lastName`)} ${lastName}`); + + Object.entries(rest).map(([key, value]) => { + let label = `${this.intl.t(`pages.login-or-register-oidc.register-form.information.${key}`)}`; + const translation = `${this.intl.t(`pages.login-or-register-oidc.register-form.information.${key}`)}`; + + if (translation.includes('Missing translation')) { + label = `${key} :`; + } + + return result.push(`${label} ${value}`); + }); + } + + return result; + } + @action async login(event) { event.preventDefault(); diff --git a/mon-pix/app/controllers/authentication/login-or-register-oidc.js b/mon-pix/app/controllers/authentication/login-or-register-oidc.js index 80cb5645c6c..3dca5ebc8de 100644 --- a/mon-pix/app/controllers/authentication/login-or-register-oidc.js +++ b/mon-pix/app/controllers/authentication/login-or-register-oidc.js @@ -3,8 +3,12 @@ import { action } from '@ember/object'; import { service } from '@ember/service'; import { tracked } from '@glimmer/tracking'; +import { SessionStorageEntry } from '../../utils/session-storage-entry'; + +const oidcUserAuthenticationStorage = new SessionStorageEntry('oidcUserAuthentication'); + export default class LoginOrRegisterOidcController extends Controller { - queryParams = ['authenticationKey', 'identityProviderSlug', 'givenName', 'familyName']; + queryParams = ['identityProviderSlug']; @service url; @service oidcIdentityProviders; @@ -15,7 +19,6 @@ export default class LoginOrRegisterOidcController extends Controller { @service currentDomain; @tracked showOidcReconciliation = false; - @tracked authenticationKey = null; @tracked identityProviderSlug = null; @tracked email = ''; @tracked fullNameFromPix = ''; @@ -27,6 +30,14 @@ export default class LoginOrRegisterOidcController extends Controller { return this.url.showcase; } + get oidcUserAuthenticationStorage() { + return oidcUserAuthenticationStorage.get(); + } + + get userClaims() { + return this.oidcUserAuthenticationStorage?.userClaims; + } + get isInternationalDomain() { return !this.currentDomain.isFranceDomain; } @@ -35,6 +46,10 @@ export default class LoginOrRegisterOidcController extends Controller { return this.intl.primaryLocale; } + get authenticationKey() { + return this.oidcUserAuthenticationStorage?.authenticationKey; + } + @action onLanguageChange(language) { this.locale.setLocale(language); diff --git a/mon-pix/app/routes/authentication/login-oidc.js b/mon-pix/app/routes/authentication/login-oidc.js index 297a8e149dc..60bff5aae9c 100644 --- a/mon-pix/app/routes/authentication/login-oidc.js +++ b/mon-pix/app/routes/authentication/login-oidc.js @@ -6,6 +6,10 @@ import ENV from 'mon-pix/config/environment'; import { createTranslatedApplicationError } from 'mon-pix/errors/factories/create-application-error'; import JSONApiError from 'mon-pix/errors/json-api-error'; +import { SessionStorageEntry } from '../../utils/session-storage-entry'; + +const oidcUserAuthenticationStorage = new SessionStorageEntry('oidcUserAuthentication'); + export default class LoginOidcRoute extends Route { @service intl; @service location; @@ -37,23 +41,21 @@ export default class LoginOidcRoute extends Route { async model(params, transition) { const queryParams = transition.to.queryParams; + const identityProviderSlug = params.identity_provider_slug; if (queryParams.code) { return this._handleCallbackRequest(queryParams.code, queryParams.state, queryParams.iss, identityProviderSlug); } } - afterModel({ shouldValidateCgu, authenticationKey, identityProviderSlug, givenName, familyName } = {}) { - const shouldCreateAnAccountForUser = shouldValidateCgu && authenticationKey; + afterModel({ shouldValidateCgu, identityProviderSlug } = {}) { + const shouldCreateAnAccountForUser = shouldValidateCgu && oidcUserAuthenticationStorage.get().authenticationKey; if (!shouldCreateAnAccountForUser) return; return this.router.replaceWith('authentication.login-or-register-oidc', { queryParams: { - authenticationKey, identityProviderSlug, - givenName, - familyName, }, }); } @@ -76,9 +78,10 @@ export default class LoginOidcRoute extends Route { const error = new JSONApiError(apiError.detail, apiError); const shouldValidateCgu = error.code === 'SHOULD_VALIDATE_CGU'; - const { authenticationKey, givenName, familyName } = error.meta ?? {}; - if (shouldValidateCgu && authenticationKey) { - return { shouldValidateCgu, authenticationKey, identityProviderSlug, givenName, familyName }; + + if (shouldValidateCgu && error.meta.authenticationKey) { + oidcUserAuthenticationStorage.set(error.meta); + return { shouldValidateCgu, identityProviderSlug }; } throw error; diff --git a/mon-pix/app/templates/authentication/login-or-register-oidc.hbs b/mon-pix/app/templates/authentication/login-or-register-oidc.hbs index d12a84893f2..f31a24c92d2 100644 --- a/mon-pix/app/templates/authentication/login-or-register-oidc.hbs +++ b/mon-pix/app/templates/authentication/login-or-register-oidc.hbs @@ -21,8 +21,7 @@ {{/if}} diff --git a/mon-pix/mirage/routes/authentication/oidc/index.js b/mon-pix/mirage/routes/authentication/oidc/index.js index bbc45b4ca79..33ceea356a0 100644 --- a/mon-pix/mirage/routes/authentication/oidc/index.js +++ b/mon-pix/mirage/routes/authentication/oidc/index.js @@ -8,7 +8,10 @@ export default function (config) { {}, { errors: [ - { code: 'SHOULD_VALIDATE_CGU', meta: { authenticationKey: 'key', familyName: 'PIX', givenName: 'test' } }, + { + code: 'SHOULD_VALIDATE_CGU', + meta: { authenticationKey: 'key', userClaims: { lastName: 'PIX', firstName: 'test' } }, + }, ], }, ); diff --git a/mon-pix/tests/acceptance/authentication/login-or-register-oidc-test.js b/mon-pix/tests/acceptance/authentication/login-or-register-oidc-test.js index 62e5afef167..64c66623325 100644 --- a/mon-pix/tests/acceptance/authentication/login-or-register-oidc-test.js +++ b/mon-pix/tests/acceptance/authentication/login-or-register-oidc-test.js @@ -19,10 +19,7 @@ module('Acceptance | Login or register oidc', function (hooks) { const screen = await visit('/connexion/oidc-partner?code=oidc_example_code&state=auth_session_state'); // then - assert.strictEqual( - currentURL(), - '/connexion/oidc?authenticationKey=key&familyName=PIX&givenName=test&identityProviderSlug=oidc-partner', - ); + assert.strictEqual(currentURL(), '/connexion/oidc?identityProviderSlug=oidc-partner'); assert.dom(screen.getByRole('button', { name: 'Sélectionnez une langue' })).exists(); }); }); diff --git a/mon-pix/tests/acceptance/oidc/start-campaigns-workflow-for-oidc-partner-test.js b/mon-pix/tests/acceptance/oidc/start-campaigns-workflow-for-oidc-partner-test.js index c063eb51f9a..eba90347470 100644 --- a/mon-pix/tests/acceptance/oidc/start-campaigns-workflow-for-oidc-partner-test.js +++ b/mon-pix/tests/acceptance/oidc/start-campaigns-workflow-for-oidc-partner-test.js @@ -7,7 +7,6 @@ import { setupMirage } from 'ember-cli-mirage/test-support'; import { t } from 'ember-intl/test-support'; import { setupApplicationTest } from 'ember-qunit'; import { currentSession } from 'ember-simple-auth/test-support'; -import { Response } from 'miragejs'; import { module, test } from 'qunit'; import sinon from 'sinon'; @@ -70,28 +69,12 @@ module('Acceptance | Campaigns | Start Campaigns workflow | OIDC', function (hoo const state = 'state'; const session = currentSession(); session.set('data.state', state); - this.server.post('oidc/token', () => { - return new Response( - 401, - {}, - { - errors: [ - { - code: 'SHOULD_VALIDATE_CGU', - meta: { - authenticationKey: 'key', - }, - }, - ], - }, - ); - }); // when const screen = await visit(`/connexion/oidc-partner?code=test&state=${state}`); // then - assert.strictEqual(currentURL(), `/connexion/oidc?authenticationKey=key&identityProviderSlug=oidc-partner`); + assert.strictEqual(currentURL(), `/connexion/oidc?identityProviderSlug=oidc-partner`); assert.ok(screen.getByRole('heading', { name: t('pages.login-or-register-oidc.title') })); }); @@ -106,7 +89,8 @@ module('Acceptance | Campaigns | Start Campaigns workflow | OIDC', function (hoo sessionStorage.setItem('campaigns', JSON.stringify(data)); // when - const screen = await visit(`/connexion/oidc?authenticationKey=key&identityProviderSlug=oidc-partner`); + const screen = await visit(`/connexion/oidc?identityProviderSlug=oidc-partner`); + await click(screen.getByRole('checkbox', { name: t('common.cgu.label') })); await click(screen.getByRole('button', { name: 'Je crée mon compte' })); diff --git a/mon-pix/tests/integration/components/authentication/login-or-register-oidc-test.js b/mon-pix/tests/integration/components/authentication/login-or-register-oidc-test.js index 150586316df..abde8ac4661 100644 --- a/mon-pix/tests/integration/components/authentication/login-or-register-oidc-test.js +++ b/mon-pix/tests/integration/components/authentication/login-or-register-oidc-test.js @@ -26,17 +26,22 @@ module('Integration | Component | authentication | login-or-register-oidc', func } this.owner.register('service:oidcIdentityProviders', OidcIdentityProvidersStub); - this.set('givenName', 'Mélusine'); - this.set('familyName', 'TITEGOUTTE'); + const userClaims = { + firstName: 'Mélusine', + lastName: 'TITEGOUTTE', + }; + + this.set('userClaims', userClaims); }); test('should display heading', async function (assert) { // given & when const screen = await render( - hbs``, - ); - - // then + hbs``, + ); // then assert.ok( screen.getByRole('heading', { name: t('pages.login-or-register-oidc.title'), @@ -46,42 +51,64 @@ module('Integration | Component | authentication | login-or-register-oidc', func }); module('on register form', function () { - test('should display elements for OIDC identity provider', async function (assert) { - // given & when - const screen = await render( - hbs``, - ); + ); - // then - assert.ok( - screen.getByRole('heading', { - name: t('pages.login-or-register-oidc.register-form.title'), - level: 2, - }), - ); - assert.ok(screen.getByRole('button', { name: t('pages.login-or-register-oidc.register-form.button') })); - assert.ok(screen.getByText('Partenaire OIDC')); - assert.ok( - screen.getByText( - t('pages.login-or-register-oidc.register-form.information.given-name', { - givenName: 'Mélusine', + // then + assert.ok( + screen.getByRole('heading', { + name: t('pages.login-or-register-oidc.register-form.title'), + level: 2, }), - ), - ); - assert.ok( - screen.getByText( - t('pages.login-or-register-oidc.register-form.information.family-name', { - familyName: 'TITEGOUTTE', + ); + assert.ok(screen.getByRole('button', { name: t('pages.login-or-register-oidc.register-form.button') })); + assert.ok(screen.getByText('Partenaire OIDC')); + assert.ok( + screen.getByText(`${t('pages.login-or-register-oidc.register-form.information.firstName')} Mélusine`), + ); + assert.ok( + screen.getByText(`${t('pages.login-or-register-oidc.register-form.information.lastName')} TITEGOUTTE`), + ); + assert.ok(screen.getByRole('checkbox', { name: t('common.cgu.label') })); + assert.ok(screen.getByRole('link', { name: t('common.cgu.cgu') })); + assert.ok(screen.getByRole('link', { name: t('common.cgu.data-protection-policy') })); + }); + }); + + module('when userClaims are not found', function () { + test('diplays an error and no register form', async function (assert) { + // given & when + const screen = await render( + hbs``, + ); + + // then + assert.ok( + screen.getByRole('heading', { + name: t('pages.login-or-register-oidc.register-form.title'), + level: 2, }), - ), - ); - assert.ok(screen.getByRole('checkbox', { name: t('common.cgu.label') })); - assert.ok(screen.getByRole('link', { name: t('common.cgu.cgu') })); - assert.ok(screen.getByRole('link', { name: t('common.cgu.data-protection-policy') })); + ); + assert.ok(screen.getByText(t('pages.login-or-register-oidc.register-form.information.error'))); + assert.notOk(screen.queryByRole('button', { name: t('pages.login-or-register-oidc.register-form.button') })); + assert.notOk(screen.queryByText('Partenaire OIDC')); + assert.notOk( + screen.queryByText(`${t('pages.login-or-register-oidc.register-form.information.firstName')} Mélusine`), + ); + assert.notOk( + screen.queryByText(`${t('pages.login-or-register-oidc.register-form.information.lastName')} TITEGOUTTE`), + ); + assert.notOk(screen.queryByRole('checkbox', { name: t('common.cgu.label') })); + assert.notOk(screen.queryByRole('link', { name: t('common.cgu.cgu') })); + assert.notOk(screen.queryByRole('link', { name: t('common.cgu.data-protection-policy') })); + }); }); }); @@ -91,12 +118,9 @@ module('Integration | Component | authentication | login-or-register-oidc', func const screen = await render( hbs``, - ); - - // then + ); // then assert.ok( screen.getByRole('heading', { name: t('pages.login-or-register-oidc.login-form.title'), @@ -106,20 +130,8 @@ module('Integration | Component | authentication | login-or-register-oidc', func assert.ok(screen.getByRole('textbox', { name: t('pages.login-or-register-oidc.login-form.email') })); assert.ok(screen.getByRole('link', { name: t('pages.sign-in.forgotten-password') })); assert.ok(screen.getByRole('button', { name: t('pages.login-or-register-oidc.login-form.button') })); - assert.ok( - screen.getByText( - t('pages.login-or-register-oidc.register-form.information.given-name', { - givenName: 'Mélusine', - }), - ), - ); - assert.ok( - screen.getByText( - t('pages.login-or-register-oidc.register-form.information.family-name', { - familyName: 'TITEGOUTTE', - }), - ), - ); + assert.ok(screen.getByText(`${t('pages.login-or-register-oidc.register-form.information.firstName')} Mélusine`)); + assert.ok(screen.getByText(`${t('pages.login-or-register-oidc.register-form.information.lastName')} TITEGOUTTE`)); }); }); }); diff --git a/mon-pix/tests/unit/controllers/authentication/login-or-register-oidc-test.js b/mon-pix/tests/unit/controllers/authentication/login-or-register-oidc-test.js index ac415b5d47e..6f5f28cb8e7 100644 --- a/mon-pix/tests/unit/controllers/authentication/login-or-register-oidc-test.js +++ b/mon-pix/tests/unit/controllers/authentication/login-or-register-oidc-test.js @@ -36,7 +36,10 @@ module('Unit | Controller | authentication | login-or-register-oidc', function ( fullNameFromPix: 'Glace Alo', authenticationMethods: [{ identityProvider: 'OIDC_PARTNER' }], }); - controller.authenticationKey = authenticationKey; + + sinon.stub(controller, 'authenticationKey').get(function () { + return authenticationKey; + }); controller.identityProviderSlug = 'oidc-partner'; sinon.stub(controller.store, 'createRecord').returns({ login }); @@ -75,6 +78,7 @@ module('Unit | Controller | authentication | login-or-register-oidc', function ( const email = 'glace.alo@example.net'; const password = 'pix123'; + const authenticationKey = '1234567azerty'; const controller = this.owner.lookup('controller:authentication/login-or-register-oidc'); const login = sinon.stub().resolves({ email, @@ -89,6 +93,9 @@ module('Unit | Controller | authentication | login-or-register-oidc', function ( controller.showOidcReconciliation = false; controller.identityProviderSlug = 'oidc-partner'; sinon.spy(controller.store, 'createRecord'); + sinon.stub(controller, 'authenticationKey').get(function () { + return authenticationKey; + }); // when await controller.onLogin({ enteredEmail: email, enteredPassword: password }); diff --git a/mon-pix/tests/unit/routes/authentication/login-oidc-test.js b/mon-pix/tests/unit/routes/authentication/login-oidc-test.js index 6be0bf694d2..936f7a2f410 100644 --- a/mon-pix/tests/unit/routes/authentication/login-oidc-test.js +++ b/mon-pix/tests/unit/routes/authentication/login-oidc-test.js @@ -1,6 +1,7 @@ import Service from '@ember/service'; import { setupTest } from 'ember-qunit'; import * as fetch from 'fetch'; +import { SessionStorageEntry } from 'mon-pix//utils/session-storage-entry'; import { ApplicationError } from 'mon-pix/errors/application-error'; import { module, test } from 'qunit'; import sinon from 'sinon'; @@ -141,17 +142,17 @@ module('Unit | Route | login-oidc', function (hooks) { const route = this.owner.lookup('route:authentication/login-oidc'); route.router = { replaceWith: sinon.stub() }; const identityProviderSlug = 'super-idp-name'; + const oidcUserAuthenticationStorage = new SessionStorageEntry('oidcUserAuthentication'); + const authenticationKey = '123'; + oidcUserAuthenticationStorage.set({ authenticationKey }); // when - await route.afterModel({ authenticationKey: '123', shouldValidateCgu: true, identityProviderSlug }); + await route.afterModel({ shouldValidateCgu: true, identityProviderSlug }); // then sinon.assert.calledWith(route.router.replaceWith, 'authentication.login-or-register-oidc', { queryParams: { - authenticationKey: '123', identityProviderSlug, - givenName: undefined, - familyName: undefined, }, }); assert.ok(true); @@ -164,9 +165,12 @@ module('Unit | Route | login-oidc', function (hooks) { const route = this.owner.lookup('route:authentication/login-oidc'); route.router = { replaceWith: sinon.stub() }; const identityProviderSlug = 'super-idp-name'; + const oidcUserAuthenticationStorage = new SessionStorageEntry('oidcUserAuthentication'); + const authenticationKey = null; + oidcUserAuthenticationStorage.set({ authenticationKey }); // when - await route.afterModel({ authenticationKey: null, shouldValidateCgu: false, identityProviderSlug }); + await route.afterModel({ shouldValidateCgu: false, identityProviderSlug }); // then sinon.assert.notCalled(route.router.replaceWith); @@ -203,7 +207,7 @@ module('Unit | Route | login-oidc', function (hooks) { errors: [ { code: 'SHOULD_VALIDATE_CGU', - meta: { authenticationKey: 'key', givenName: 'Mélusine', familyName: 'TITEGOUTTE' }, + meta: { authenticationKey: 'key', userClaims: { firstName: 'Mélusine', lastName: 'TITEGOUTTE' } }, }, ], }); @@ -225,10 +229,7 @@ module('Unit | Route | login-oidc', function (hooks) { sinon.assert.calledOnce(authenticateStub); assert.deepEqual(response, { shouldValidateCgu: true, - authenticationKey: 'key', identityProviderSlug: 'oidc-partner', - givenName: 'Mélusine', - familyName: 'TITEGOUTTE', }); assert.ok(true); }); diff --git a/mon-pix/translations/en.json b/mon-pix/translations/en.json index aca98a6bd11..b8e45fee582 100644 --- a/mon-pix/translations/en.json +++ b/mon-pix/translations/en.json @@ -1550,8 +1550,11 @@ "button": "Create my account", "description": "An account will be created based on the information sent by the organisation", "information": { - "family-name": "Last name : {familyName}", - "given-name": "First name : {givenName}" + "employeeNumber": "Employee number :", + "error": "We were unable to retrieve your identity information from the service used. We invite you to contact this organisation's IT support.", + "firstName": "First name :", + "lastName": "Last name :", + "population": "Population :" }, "title": "Sign up" }, diff --git a/mon-pix/translations/fr.json b/mon-pix/translations/fr.json index b353b47357d..951d3e4b505 100644 --- a/mon-pix/translations/fr.json +++ b/mon-pix/translations/fr.json @@ -1550,8 +1550,11 @@ "button": "Je crée mon compte", "description": "Un compte va être créé à partir des éléments transmis par l'organisme", "information": { - "family-name": "Nom : {familyName}", - "given-name": "Prénom : {givenName}" + "employeeNumber": "Numéro d'employé :", + "error": "Nous n’avons pas pu récupérer vos informations d’identité auprès du service utilisé. Nous vous invitons à contacter le support informatique de cette organisation.", + "firstName": "Prénom :", + "lastName": "Nom :", + "population": "Population :" }, "title": "Je n’ai pas de compte Pix" },