forked from Flowpack/Flowpack.OAuth2.Client
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathAbstractFlow.php
157 lines (141 loc) · 5.12 KB
/
AbstractFlow.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
<?php
namespace Flowpack\OAuth2\Client\Flow;
/* *
* This script belongs to the TYPO3 Flow package "Flowpack.OAuth2.Client".*
* *
* It is free software; you can redistribute it and/or modify it under *
* the terms of the GNU General Public License, either version 3 of the *
* License, or (at your option) any later version. *
* *
* The TYPO3 project - inspiring people to share! *
* */
use Flowpack\OAuth2\Client\Token\AbstractClientToken;
use Neos\Flow\Annotations as Flow;
use Neos\Flow\Security\Authentication\TokenInterface;
use Neos\Flow\Security\Account;
use Neos\Flow\Security\Policy\PolicyService;
use Neos\Flow\Validation\ValidatorResolver;
use Neos\Party\Domain\Repository\PartyRepository;
/**
*/
abstract class AbstractFlow implements FlowInterface
{
/**
* @Flow\Inject
* @var \Neos\Flow\Security\Context
*/
protected $securityContext;
/**
* @Flow\Inject
* @var \Neos\Flow\Persistence\PersistenceManagerInterface
*/
protected $persistenceManager;
/**
* @Flow\Inject
* @var \Neos\Flow\Security\AccountRepository
*/
protected $accountRepository;
/**
* @Flow\Inject
* @var PartyRepository
*/
protected $partyRepository;
/**
* @Flow\Inject
* @var PolicyService
*/
protected $policyService;
/**
* @Flow\Inject
* @var ValidatorResolver
*/
protected $validatorResolver;
/**
* Will contain the user data given by the remote authentication service.
* So far, this would be, for example,
* 'id' (2) => '100006517130975' (15)
* 'name' (4) => 'Rainer Wein' (11)
* 'first_name' (10) => 'Rainer' (6)
* 'last_name' (9) => 'Wein' (4)
* 'link' (4) => 'https://www.facebook.com/profile.php?id=100006517130975' (55)
* 'birthday' (8) => '08/28/1980' (10)
* 'gender' (6) => 'female' (6)
* 'email' (5) => 'rainer_izygemu_wein@tfbnw.net' (29)
* 'timezone' (8) => integer 1
* 'locale' (6) => 'de_DE' (5)
* 'updated_time' (12) => '2013-11-12T09:12:35+0000' (24)
*
* @var array
*/
protected $authenticationServicesUserData = array();
/**
* 0 => 'email',
* 1 => 'first_name',
* 2 => 'last_name'
*
* @var array
*/
protected $authenticationServicesFields = array();
/**
* @var array
*/
protected $tokenForeignAccounts = array();
/**
* @param AbstractClientToken $token
* @return TokenInterface
*/
public function getTokenOfForeignAccountOf(AbstractClientToken $token)
{
$foreignAccount = $this->getForeignAccountFor($token);
/** @var $token TokenInterface */
foreach ($this->securityContext->getAuthenticationTokens() as $token) {
if ($token->getAccount() === $foreignAccount) {
return $token;
}
}
return null;
}
/**
* @param AbstractClientToken $token
* @return Account
*/
public function getForeignAccountFor(AbstractClientToken $token)
{
if (!array_key_exists((string)$token, $this->tokenForeignAccounts)) {
if (!isset($this->authenticationServicesUserData[(string)$token])) {
$this->initializeUserData($token);
}
$this->tokenForeignAccounts[(string)$token] = $this->accountRepository->findOneByAccountIdentifier($this->authenticationServicesUserData[(string)$token]['email']);
}
return $this->tokenForeignAccounts[(string)$token];
}
/**
* @param TokenInterface $foreignAccountToken
* @param AbstractClientToken $possibleOAuthTokenAuthenticatedWithoutParty
*/
public function setPartyOfAuthenticatedTokenAndAttachToAccountFor(TokenInterface $foreignAccountToken, AbstractClientToken $possibleOAuthTokenAuthenticatedWithoutParty)
{
$oauthAccount = $possibleOAuthTokenAuthenticatedWithoutParty->getAccount();
// TODO: this must be properly specifiable (the Roles to add)
//$oauthAccount->setRoles();
$oauthAccount->setParty($foreignAccountToken->getAccount()->getParty());
$this->accountRepository->update($oauthAccount);
}
/**
* This returns the (first) *authenticated* OAuth token which doesn't have a party attached.
*
*@return AbstractClientToken
*/
public function getChargedAuthenticatedTokenHavingNoPartyAttached()
{
/** @var $token AbstractClientToken */
foreach ((array)$this->securityContext->getAuthenticationTokensOfType($this->getTokenClassName()) as $token) {
if ($token->getAuthenticationStatus() === TokenInterface::AUTHENTICATION_SUCCESSFUL
&& ($token->getAccount() === null || $token->getAccount()->getParty() === null)
) {
return $token;
}
}
return null;
}
}