edificeio · juniorode · Sep 4, 2023 · Sep 27, 2023 · Oct 10, 2023 · Nov 9, 2023
diff --git a/auth/src/main/java/org/entcore/auth/controllers/AuthController.java b/auth/src/main/java/org/entcore/auth/controllers/AuthController.java
@@ -24,6 +24,7 @@
 import fr.wseduc.rs.Get;
 import fr.wseduc.rs.Post;
 import fr.wseduc.rs.Put;
+import fr.wseduc.rs.ApiDoc;
 import fr.wseduc.security.ActionType;
 import fr.wseduc.security.SecuredAction;
 import fr.wseduc.webutils.Either;
@@ -101,6 +102,8 @@
 import java.util.regex.Pattern;
 
 import static fr.wseduc.webutils.Utils.*;
+import static fr.wseduc.webutils.request.RequestUtils.getTokenHeader;
+
 import static org.entcore.auth.oauth.OAuthAuthorizationResponse.*;
 import static org.entcore.common.aggregation.MongoConstants.TRACE_TYPE_CONNECTOR;
 import static org.entcore.common.http.response.DefaultResponseHandler.defaultResponseHandler;
@@ -462,6 +465,33 @@ private void activateUser(final String activationCode, final String login, Strin
 		});
 	}
 
+	@Post("/oauth2/token-as-cookie")
+	@SecuredAction(value = "", type = ActionType.AUTHENTICATED)
+	@ApiDoc("Gives back a cookie to the user corresponding to its jwtToken")
+	public void tokenAsCookie(final HttpServerRequest request) {
+		UserUtils.getAuthenticatedUserInfos(eb, request).onSuccess(user -> {
+			final Optional<String> jwtToken = getTokenHeader(request);
+			if(jwtToken.isPresent()) {
+				final String oneSessionId = UUID.randomUUID().toString();
+				UserUtils.createSessionWithId(eb, user.getUserId(), oneSessionId, false)
+					.onSuccess(e -> {
+						log.debug("[AuthController@tokenAsCookie] Session created for user");
+						final long timeout = config.getLong("cookie_timeout", Long.MIN_VALUE);
+						CookieHelper.getInstance().setSigned("oneSessionId", oneSessionId, timeout, request);
+						CookieHelper.set("authenticated", "true", timeout, request);
+						Renders.render(request, new JsonObject().put("succces", true));
+					})
+					.onFailure(th -> {
+						log.warn("[AuthController@tokenAsCookie] Error while creating session", th);
+						Renders.renderError(request);
+					});
+			} else {
+				log.warn("[AuthController@tokenAsCookie] Called without a jwt token");
+				Renders.badRequest(request);
+			}
+		});
+	}
+
 	private void loginResult(final HttpServerRequest request, String error, String callBack) {
 		final JsonObject context = new JsonObject();
 		if (callBack != null && !callBack.trim().isEmpty()) {

diff --git a/auth/src/main/resources/view-src/wayf.html b/auth/src/main/resources/view-src/wayf.html
@@ -124,12 +124,12 @@ <h2 class="row vertical-spacing">
 				{{/providers}}
 			</section>
 			<div style="float:right">
-				<div id="insert" style="margin-bottom:45px;font-size: 1.5vh;display:none" >
+				<div id="insert" style="margin-bottom:45px;font-size: 14px;display:none" >
 					<i18n>wayf.insert.title</i18n><br>
 					<a href="{{#i18n}}wayf.insert.link{{/i18n}}" target="_blank" translate content="wayf.insert.link.content"></a>
 				</div>
 
-				<a href="{{#i18n}}auth.charter{{/i18n}}" target="_blank" translate content="wayf.label.cgu" style="font-size: 1.5vh;"></a>
+				<a href="{{#i18n}}auth.charter{{/i18n}}" target="_blank" translate content="wayf.label.cgu" style="font-size: 14px;"></a>
 			</div>
 			<img id="partner" src="{{#i18n}}wayf.logo.partner{{/i18n}}" style="margin-left:15px;width:{{#i18n}}wayf.logo.partner.width{{/i18n}};display:none" alt="Logo partenaire">
 		</section>

diff --git a/directory/src/main/java/org/entcore/directory/services/impl/DefaultSchoolService.java b/directory/src/main/java/org/entcore/directory/services/impl/DefaultSchoolService.java
@@ -518,16 +518,19 @@ public void massDistributionEducationMobileApp(JsonArray data, Integer transacti
 			List<Long> education_levels = StringUtils.isEmpty(education) ? Collections.EMPTY_LIST :
 					Arrays.stream(education.split(",")).mapToLong(Long::parseLong).boxed().collect(Collectors.toList());
 			Boolean hasApp = jo.getBoolean("hasApp");
+			Boolean ignoreMFA = jo.getBoolean("ignoreMFA");
 
 			if (structureId != null) {
 				String query = "MATCH (s:Structure {id: {structureId}}) " +
 						"SET s.levelsOfEducation = {levelsOfEducation} " +
 						"SET s.distributions = {distributions} " +
+						"SET s.ignoreMFA = {ignoreMFA} " +
 						"SET s.hasApp = {hasApp}";
 
 				JsonObject params = new JsonObject().put("structureId", structureId)
 						.put("levelsOfEducation", education_levels)
 						.put("distributions", distributions)
+						.put("ignoreMFA", ignoreMFA)
 						.put("hasApp", hasApp);
 
 				s.add(query, params);

diff --git a/feeder/src/main/java/org/entcore/feeder/dictionary/structures/Importer.java b/feeder/src/main/java/org/entcore/feeder/dictionary/structures/Importer.java
@@ -1177,9 +1177,10 @@ public void addStructureNameInGroups(String structureExternalId, String prefix)
 	}
 
 	public void removeOldCommunicationRules(String prefix) {
+		// On utilise la joinKey car il arrive que l'externalId d'une structure soit arbitraire et ne reflète pas l'id dans l'AAF...
 		final String query =
 				"MATCH (s:Structure)<-[:DEPENDS*1..2]-(g:Group)-[c:COMMUNIQUE]-(u:User) " +
-				"WHERE s.externalId STARTS WITH {prefix} AND u.source = {currentSource} " +
+				"WHERE ANY(joinKey IN s.joinKey WHERE joinKey STARTS WITH {prefix}) AND u.source = {currentSource} " +
 				"AND (c.source IS NULL OR c.source <> 'MANUAL') AND NOT (u)-[:IN]->(g) " +
 				"DELETE c";
 		transactionHelper.add(query, new JsonObject().put("prefix", prefix).put("currentSource", currentSource));
@@ -1242,4 +1243,4 @@ public void setPrefixToImportList(JsonArray importSubDirectories) {
 	public JsonArray getPrefixToImportList() {
 		return this.importsPrefixList;
 	}
-}
+}
diff --git a/feeder/src/main/java/org/entcore/feeder/dictionary/structures/Structure.java b/feeder/src/main/java/org/entcore/feeder/dictionary/structures/Structure.java
@@ -236,7 +236,7 @@ public void createFunctionGroupIfAbsent(String groupExternalId, String name, Str
 		if (isNotEmpty(label)) {
 			String query =
 					"MATCH (s:Structure { externalId : {structureExternalId}}) " +
-					(source == null ? "WHERE (NOT(HAS(s.timetable)) OR s.timetable = '' OR s.timetable = 'NOP') " : "WHERE s.timetable = s.source ") +
+					//(source == null ? "WHERE (NOT(HAS(s.timetable)) OR s.timetable = '' OR s.timetable = 'NOP') " : "WHERE s.timetable = s.source ") +
 					"CREATE s<-[:DEPENDS]-(c:Group:FunctionGroup:" + label + "Group {props}) " +
 					"SET c.source = coalesce({source}, s.source)";
 			JsonObject params = new JsonObject()
@@ -595,4 +595,4 @@ public JsonObject getStruct() {
 		return struct;
 	}
 
-}
+}
diff --git a/feeder/src/main/java/org/entcore/feeder/timetable/AbstractTimetableImporter.java b/feeder/src/main/java/org/entcore/feeder/timetable/AbstractTimetableImporter.java
@@ -423,6 +423,9 @@ public void handle(Message<JsonObject> event) {
 
 	protected void addSubject(String id, JsonObject currentEntity) {
 		final String code = currentEntity.getString("Code");
+		if(code == null)
+			return;
+
 		String subjectId = subjectsMapping.get(code);
 		if (isEmpty(subjectId)) {
 			final String externalId = structureExternalId + "$" + currentEntity.getString("Code");

diff --git a/gradle.properties b/gradle.properties
@@ -4,7 +4,7 @@ modowner=org.entcore
 modname=ent-core
 
 # Your module version
-version=4.11.17
+version=4.11.18
 
 # The test timeout in seconds
 testtimeout=300