Use decorator pattern for the User Provider.

spec/EcPhp/EuLoginBundle/Security/Core/User/EuLoginUserProviderSpec.php

@@ -4,6 +4,11 @@
 
 namespace spec\EcPhp\EuLoginBundle\Security\Core\User;
 
+use EcPhp\CasBundle\Security\Core\User\CasUser;
+use EcPhp\CasBundle\Security\Core\User\CasUserProvider;
+use EcPhp\CasBundle\Security\Core\User\CasUserProviderInterface;
+use EcPhp\CasLib\Introspection\Introspector;
+use EcPhp\Ecas\Introspection\EcasIntrospector;
 use EcPhp\EuLoginBundle\Security\Core\User\EuLoginUser;
 use EcPhp\EuLoginBundle\Security\Core\User\EuLoginUserInterface;
 use EcPhp\EuLoginBundle\Security\Core\User\EuLoginUserProvider;
@@ -113,4 +118,10 @@ public function it_is_initializable()
     {
         $this->shouldHaveType(EuLoginUserProvider::class);
     }
+
+    public function let()
+    {
+        $this
+            ->beConstructedWith(new CasUserProvider(new EcasIntrospector(new Introspector())));
+    }
 }

spec/EcPhp/EuLoginBundle/Security/Core/User/EuLoginUserSpec.php

@@ -280,6 +280,66 @@ private function getAttributesData(): array
             'sso' => 'sso',
             'ticketType' => 'ticketType',
             'proxyGrantingProtocol' => 'proxyGrantingProtocol',
+            'extendedAttributes' => [
+                'extendedAttribute' => [
+                    0 => [
+                        'attributeValue' => 'CCM',
+                    ],
+                    1 => [
+                        'attributeValue' => 'User001',
+                    ],
+                    2 => [
+                        'attributeValue' => 'NP',
+                    ],
+                    3 => [
+                        'attributeValue' => 'http://TAXUD_CAS',
+                    ],
+                    4 => [
+                        'attributeValue' => 'CD',
+                    ],
+                    5 => [
+                        'attributeValue' => 'EC',
+                    ],
+                    6 => [
+                        'attributeValue' => '0',
+                    ],
+                    7 => [
+                        'attributeValue' => '1',
+                    ],
+                    8 => [
+                        'attributeValue' => 'nuser001',
+                    ],
+                    9 => [
+                        'attributeValue' => [
+                            0 => 'view_grant_progress',
+                            1 => 'delete_project',
+                            2 => 'view_project',
+                            3 => 'delete_configuration',
+                            4 => 'edit_project',
+                            5 => 'view_configuration',
+                            6 => 'edit_configuration',
+                            7 => 'validate_project',
+                            8 => 'create_project',
+                            9 => 'add_agency',
+                            10 => 'create_configuration',
+                            11 => 'validate_assessment',
+                            12 => 'delete_agency',
+                        ],
+                    ],
+                    10 => [
+                        'attributeValue' => 'Test',
+                    ],
+                    11 => [
+                        'attributeValue' => 'EC_OFF',
+                    ],
+                    12 => [
+                        'attributeValue' => 'ECAS',
+                    ],
+                    13 => [
+                        'attributeValue' => 'CD',
+                    ],
+                ],
+            ],
         ];
     }
 }

src/DependencyInjection/EuLoginExtension.php

@@ -16,7 +16,6 @@ class EuLoginExtension extends Extension
 {
     /**
      * @param array<string> $configs
-     * @param ContainerBuilder $container
      */
     public function load(array $configs, ContainerBuilder $container): void
     {

src/Resources/config/services.php

@@ -6,12 +6,24 @@
 
 use EcPhp\Ecas\Ecas;
 use EcPhp\Ecas\EcasProperties;
+use EcPhp\Ecas\Introspection\EcasIntrospector;
 use EcPhp\EuLoginBundle\Security\Core\User\EuLoginUserProvider;
 
 return static function (ContainerConfigurator $container) {
     $container
         ->services()
-        ->set('eulogin.userprovider', EuLoginUserProvider::class);
+        ->set('ecas.introspector', EcasIntrospector::class)
+        ->decorate('cas.introspector')
+        ->args([
+            service('ecas.introspector.inner'),
+        ]);
+
+    $container
+        ->services()
+        ->set('eulogin.userprovider', EuLoginUserProvider::class)
+        ->args([
+            service('cas.userprovider'),
+        ]);
 
     $container
         ->services()

src/Security/Core/User/EuLoginUser.php

@@ -21,8 +21,6 @@ final class EuLoginUser implements EuLoginUserInterface
 
     /**
      * EuLoginUser constructor.
-     *
-     * @param \EcPhp\CasBundle\Security\Core\User\CasUserInterface $user
      */
     public function __construct(CasUserInterface $user)
     {

src/Security/Core/User/EuLoginUserInterface.php

@@ -11,103 +11,52 @@
  */
 interface EuLoginUserInterface extends CasUserInterface
 {
-    /**
-     * @return string|null
-     */
     public function getAssuranceLevel(): ?string;
 
     /**
      * @return string[]
      */
     public function getAuthenticationFactors(): array;
 
-    /**
-     * @return string|null
-     */
     public function getDepartmentNumber(): ?string;
 
-    /**
-     * @return string|null
-     */
     public function getDomain(): ?string;
 
-    /**
-     * @return string|null
-     */
     public function getDomainUsername(): ?string;
 
-    /**
-     * @return string|null
-     */
     public function getEmail(): ?string;
 
-    /**
-     * @return string|null
-     */
     public function getEmployeeNumber(): ?string;
 
-    /**
-     * @return string|null
-     */
     public function getEmployeeType(): ?string;
 
-    /**
-     * @return string|null
-     */
     public function getFirstName(): ?string;
 
     /**
      * @return mixed[]
      */
     public function getGroups(): array;
 
-    /**
-     * @return string|null
-     */
     public function getLastName(): ?string;
 
-    /**
-     * @return string|null
-     */
     public function getLocale(): ?string;
 
-    /**
-     * @return string|null
-     */
     public function getLoginDate(): ?string;
 
-    /**
-     * @return string|null
-     */
     public function getOrgId(): ?string;
 
-    /**
-     * @return string|null
-     */
     public function getSso(): ?string;
 
     /**
      * @return string[]
      */
     public function getStrengths(): array;
 
-    /**
-     * @return string|null
-     */
     public function getTelephoneNumber(): ?string;
 
-    /**
-     * @return string|null
-     */
     public function getTeleworkingPriority(): ?string;
 
-    /**
-     * @return string|null
-     */
     public function getTicketType(): ?string;
 
-    /**
-     * @return string|null
-     */
     public function getUid(): ?string;
 }

src/Security/Core/User/EuLoginUserProvider.php

@@ -4,35 +4,33 @@
 
 namespace EcPhp\EuLoginBundle\Security\Core\User;
 
-use EcPhp\CasBundle\Security\Core\User\CasUser;
 use EcPhp\CasBundle\Security\Core\User\CasUserInterface;
-use EcPhp\CasLib\Introspection\Contract\ServiceValidate;
-use EcPhp\CasLib\Introspection\Introspector;
+use EcPhp\CasBundle\Security\Core\User\CasUserProvider;
 use Psr\Http\Message\ResponseInterface;
 use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
 use Symfony\Component\Security\Core\User\UserInterface;
 
 use function get_class;
 
-/**
- * Class EuLoginUserProvider.
- */
 class EuLoginUserProvider implements EuLoginUserProviderInterface
 {
+    /**
+     * @var CasUserProvider
+     */
+    private $casUserProvider;
+
+    public function __construct(CasUserProvider $casUserProvider)
+    {
+        $this->casUserProvider = $casUserProvider;
+    }
+
     /**
      * {@inheritdoc}
      */
     public function loadUserByResponse(ResponseInterface $response): CasUserInterface
     {
-        /** @var ServiceValidate $introspect */
-        $introspect = Introspector::detect($response);
-
         return new EuLoginUser(
-            new CasUser(
-                $this->normalizeUserData(
-                    $introspect->getParsedResponse()['serviceResponse']['authenticationSuccess']
-                )
-            )
+            $this->casUserProvider->loadUserByResponse($response)
         );
     }
 
@@ -63,26 +61,4 @@ public function supportsClass(string $class)
     {
         return EuLoginUser::class === $class;
     }
-
-    /**
-     * Normalize user data from EU Login to standard CAS user data.
-     *
-     * @param array<array|string> $data
-     *   The data from EU Login
-     *
-     * @return array<array|string>
-     *   The normalized data.
-     */
-    private function normalizeUserData(array $data): array
-    {
-        $storage = [];
-        $rootAttributes = ['user', 'proxyGrantingTicket', 'proxies'];
-
-        foreach ($rootAttributes as $rootAttribute) {
-            $storage[$rootAttribute] = $data[$rootAttribute] ?? null;
-        }
-        $storage['attributes'] = array_diff_key($data, array_flip($rootAttributes));
-
-        return array_filter($storage) + ['attributes' => []];
-    }
 }

src/Security/Core/User/EuLoginUserProviderInterface.php

@@ -14,8 +14,6 @@
 interface EuLoginUserProviderInterface extends CasUserProviderInterface
 {
     /**
-     * @param ResponseInterface $response
-     *
      * @return CasUserInterface|EuLoginUserInterface
      */
     public function loadUserByResponse(ResponseInterface $response): CasUserInterface;