Skip to content

Commit

Permalink
successfully connect when keycloak user is logged in
Browse files Browse the repository at this point in the history 
Signed-off-by: Sagar <sagargurung1001@gmail.com>
  • Loading branch information
@SagarGi
SagarGi committed Nov 25, 2024
1 parent 10c298a commit 0be9b87
Show file tree
Hide file tree
Showing 5 changed files with 101 additions and 88 deletions.
61 changes: 20 additions & 41 deletions lib/Controller/OpenProjectAPIController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,11 +126,9 @@ public function getOpenProjectAvatar(string $userId = '', string $userName = '')
* @return DataResponse
*/
public function getNotifications(): DataResponse {
$user_value = $this->config->getUserValue($this->userId, Application::APP_ID, 'token_active_for_user');
if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oauth2' && $this->accessToken === '') {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' &&
$user_value === '0'
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' && $this->openprojectAPIService->getOIDCBasedTokenForTheTargetedAudienceClient('openproject' !== null)
) {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} elseif (!OpenProjectAPIService::validateURL($this->openprojectUrl)) {
Expand Down Expand Up @@ -165,11 +163,9 @@ public function getSearchedWorkPackages(
?int $fileId = null,
bool $isSmartPicker = false
): DataResponse {
$user_value = $this->config->getUserValue($this->userId, Application::APP_ID, 'token_active_for_user');
if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oauth2' && $this->accessToken === '') {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' &&
$user_value === '0'
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' && $this->openprojectAPIService->getOIDCBasedTokenForTheTargetedAudienceClient('openproject' !== null)
) {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} elseif (!OpenProjectAPIService::validateURL($this->openprojectUrl)) {
Expand Down Expand Up @@ -208,11 +204,9 @@ public function getSearchedWorkPackages(
* @return DataResponse
*/
public function linkWorkPackageToFile(array $values): DataResponse {
$user_value = $this->config->getUserValue($this->userId, Application::APP_ID, 'token_active_for_user');
if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oauth2' && $this->accessToken === '') {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' &&
$user_value === '0'
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' && $this->openprojectAPIService->getOIDCBasedTokenForTheTargetedAudienceClient('openproject' !== null)
) {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} elseif (!OpenProjectAPIService::validateURL($this->openprojectUrl)) {
Expand Down Expand Up @@ -242,11 +236,9 @@ public function linkWorkPackageToFile(array $values): DataResponse {
* @return DataResponse
*/
public function markNotificationAsRead(int $workpackageId) {
$user_value = $this->config->getUserValue($this->userId, Application::APP_ID, 'token_active_for_user');
if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oauth2' && $this->accessToken === '') {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' &&
$user_value === '0'
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' && $this->openprojectAPIService->getOIDCBasedTokenForTheTargetedAudienceClient('openproject' !== null)
) {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} elseif (!OpenProjectAPIService::validateURL($this->openprojectUrl)) {
Expand Down Expand Up @@ -277,11 +269,9 @@ public function markNotificationAsRead(int $workpackageId) {
* @return DataResponse
*/
public function getWorkPackageFileLinks(int $id): DataResponse {
$user_value = $this->config->getUserValue($this->userId, Application::APP_ID, 'token_active_for_user');
if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oauth2' && $this->accessToken === '') {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' &&
$user_value === '0'
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' && $this->openprojectAPIService->getOIDCBasedTokenForTheTargetedAudienceClient('openproject' !== null)
) {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} elseif (!OpenProjectAPIService::validateURL($this->openprojectUrl)) {
Expand Down Expand Up @@ -309,11 +299,9 @@ public function getWorkPackageFileLinks(int $id): DataResponse {
* @return DataResponse
*/
public function deleteFileLink(int $id): DataResponse {
$user_value = $this->config->getUserValue($this->userId, Application::APP_ID, 'token_active_for_user');
if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oauth2' && $this->accessToken === '') {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' &&
$user_value === '0'
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' && $this->openprojectAPIService->getOIDCBasedTokenForTheTargetedAudienceClient('openproject' !== null)
) {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} elseif (!OpenProjectAPIService::validateURL($this->openprojectUrl)) {
Expand Down Expand Up @@ -344,11 +332,9 @@ public function deleteFileLink(int $id): DataResponse {
* @return DataResponse
*/
public function getOpenProjectWorkPackageStatus(string $id): DataResponse {
$user_value = $this->config->getUserValue($this->userId, Application::APP_ID, 'token_active_for_user');
if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oauth2' && $this->accessToken === '') {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' &&
$user_value === '0'
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' && $this->openprojectAPIService->getOIDCBasedTokenForTheTargetedAudienceClient('openproject' !== null)
) {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} elseif (!OpenProjectAPIService::validateURL($this->openprojectUrl)) {
Expand Down Expand Up @@ -376,11 +362,9 @@ public function getOpenProjectWorkPackageStatus(string $id): DataResponse {
* @return DataResponse
*/
public function getOpenProjectWorkPackageType(string $id): DataResponse {
$user_value = $this->config->getUserValue($this->userId, Application::APP_ID, 'token_active_for_user');
if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oauth2' && $this->accessToken === '') {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' &&
$user_value === '0'
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' && $this->openprojectAPIService->getOIDCBasedTokenForTheTargetedAudienceClient('openproject' !== null)
) {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} elseif (!OpenProjectAPIService::validateURL($this->openprojectUrl)) {
Expand All @@ -404,11 +388,9 @@ public function getOpenProjectWorkPackageType(string $id): DataResponse {
* @return DataResponse
*/
public function getAvailableOpenProjectProjects(?string $searchQuery = null): DataResponse {
$user_value = $this->config->getUserValue($this->userId, Application::APP_ID, 'token_active_for_user');
if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oauth2' && $this->accessToken === '') {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' &&
$user_value === '0'
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' && $this->openprojectAPIService->getOIDCBasedTokenForTheTargetedAudienceClient('openproject' !== null)
) {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} elseif (!OpenProjectAPIService::validateURL($this->openprojectUrl)) {
Expand Down Expand Up @@ -461,11 +443,9 @@ public function getAvailableOpenProjectProjects(?string $searchQuery = null): Da
* @return DataResponse
*/
public function getOpenProjectWorkPackageForm(string $projectId, array $body): DataResponse {
$user_value = $this->config->getUserValue($this->userId, Application::APP_ID, 'token_active_for_user');
if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oauth2' && $this->accessToken === '') {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' &&
$user_value === '0'
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' && $this->openprojectAPIService->getOIDCBasedTokenForTheTargetedAudienceClient('openproject' !== null)
) {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} elseif (!OpenProjectAPIService::validateURL($this->openprojectUrl)) {
Expand All @@ -488,11 +468,9 @@ public function getOpenProjectWorkPackageForm(string $projectId, array $body): D
* @return DataResponse
*/
public function getAvailableAssigneesOfAProject(string $projectId): DataResponse {
$user_value = $this->config->getUserValue($this->userId, Application::APP_ID, 'token_active_for_user');
if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oauth2' && $this->accessToken === '') {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' &&
$user_value === '0'
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' && $this->openprojectAPIService->getOIDCBasedTokenForTheTargetedAudienceClient('openproject' !== null)
) {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} elseif (!OpenProjectAPIService::validateURL($this->openprojectUrl)) {
Expand Down Expand Up @@ -542,11 +520,9 @@ public function getAvailableAssigneesOfAProject(string $projectId): DataResponse
* @return DataResponse
*/
public function createWorkPackage(array $body): DataResponse {
$user_value = $this->config->getUserValue($this->userId, Application::APP_ID, 'token_active_for_user');
if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oauth2' && $this->accessToken === '') {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' &&
$user_value === '0'
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' && $this->openprojectAPIService->getOIDCBasedTokenForTheTargetedAudienceClient('openproject' !== null)
) {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} elseif (!OpenProjectAPIService::validateURL($this->openprojectUrl)) {
Expand Down Expand Up @@ -576,11 +552,14 @@ public function createWorkPackage(array $body): DataResponse {
* @return DataResponse
*/
public function getOpenProjectConfiguration(): DataResponse {
if ($this->accessToken === '') {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} elseif (!OpenProjectAPIService::validateURL($this->openprojectUrl)) {
return new DataResponse('', Http::STATUS_BAD_REQUEST);
}
if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oauth2' && $this->accessToken === '') {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} else if ($this->config->getAppValue(Application::APP_ID, 'authentication_method', '') === 'oidc' && $this->openprojectAPIService->getOIDCBasedTokenForTheTargetedAudienceClient('openproject' !== null)
) {
return new DataResponse('', Http::STATUS_UNAUTHORIZED);
} elseif (!OpenProjectAPIService::validateURL($this->openprojectUrl)) {
return new DataResponse('', Http::STATUS_BAD_REQUEST);
}
try {
$result = $this->openprojectAPIService->getOpenProjectConfiguration($this->userId);
} catch (OpenprojectErrorException $e) {
Expand Down
40 changes: 38 additions & 2 deletions lib/Listener/LoadSidebarScript.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,16 +66,30 @@ class LoadSidebarScript implements IEventListener {
*/
protected $appManager;

public function __construct(
/**
* @var OpenProjectAPIService
*/
private $openProjectAPIService;
private IUserSession $userSession;
/**
* @var string|null
*/
private $userId;

public function __construct(
IInitialState $initialStateService,
IConfig $config,
IUserSession $userSession,
IAppManager $appManager
IAppManager $appManager,
OpenProjectAPIService $openProjectAPIService,
?string $userId
) {
$this->initialStateService = $initialStateService;
$this->config = $config;
$this->appManager = $appManager;
$this->userId = $userId;
$user = $userSession->getUser();
$this->openProjectAPIService = $openProjectAPIService;
if (strpos(\OC::$server->get(IRequest::class)->getRequestUri(), 'files') !== false) {
$this->oauthConnectionResult = $this->config->getUserValue(
$user->getUID(), Application::APP_ID, 'oauth_connection_result', ''
Expand Down Expand Up @@ -109,6 +123,28 @@ public function handle(Event $event): void {
Util::addStyle(Application::APP_ID, 'tab');

$this->initialStateService->provideInitialState('admin-config-status', OpenProjectAPIService::isAdminConfigOk($this->config));
$token = $this->openProjectAPIService->getOIDCBasedTokenForTheTargetedAudienceClient('openproject');
if($token !== null) {
$info = $this->openProjectAPIService->request($this->userId, 'users/me');
if (isset($info['lastName'], $info['firstName'], $info['id'])) {
$fullName = $info['firstName'] . ' ' . $info['lastName'];
$this->config->setUserValue($this->userId, Application::APP_ID, 'user_id', $info['id']);
$this->config->setUserValue($this->userId, Application::APP_ID, 'user_name', $fullName);
$this->config->setUserValue(
$this->userId, Application::APP_ID, 'oauth_connection_result', 'success'
);
} else {
$this->config->deleteUserValue($this->userId, Application::APP_ID, 'user_id');
$this->config->deleteUserValue($this->userId, Application::APP_ID, 'user_name');
$this->config->setUserValue(
$this->userId, Application::APP_ID, 'oauth_connection_result', 'error'
);
$this->config->setUserValue(
$this->userId, Application::APP_ID, 'oauth_connection_error_message', 'token is not valid'
);
}

}
// for oidc
$adminConfigStatusOIDC = OpenProjectAPIService::isAdminConfigOkForOIDCAuth($this->config);
$this->initialStateService->provideInitialState('admin-config-status-oidc', $adminConfigStatusOIDC);
Expand Down
28 changes: 22 additions & 6 deletions lib/Settings/Personal.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,12 +50,28 @@ public function getForm(): TemplateResponse {
// refactor this token selection
$authenticationMethodActive = $this->config->getAppValue(Application::APP_ID, 'authentication_method', '');
if($authenticationMethodActive === "oidc") {
$targetedAudienceClient = $this->config->getAppValue(Application::APP_ID, 'targeted_audience_client_id', '');
if ($this->config->getUserValue($this->userId, Application::APP_ID, 'token_active_for_user') === '1') {
$token = $this->openProjectAPIService->getOIDCBasedTokenForTheTargetedAudienceClient($targetedAudienceClient);
} else {
$token = '';
}
// TODO Remove
// There is no button to connect and disconnect for oidc based authorization, so if we get a token and we can request it
// with openproject then we show that there is a oidc based connection in the personal section or else we do not even show the personal section
$token = $this->openProjectAPIService->getOIDCBasedTokenForTheTargetedAudienceClient('openproject');
if($token !== null) {
$info = $this->openProjectAPIService->request($this->userId, 'users/me');
if (isset($info['lastName'], $info['firstName'], $info['id'])) {
$fullName = $info['firstName'] . ' ' . $info['lastName'];
$this->config->setUserValue($this->userId, Application::APP_ID, 'user_id', $info['id']);
$this->config->setUserValue($this->userId, Application::APP_ID, 'user_name', $fullName);
} else {
$this->config->deleteUserValue($this->userId, Application::APP_ID, 'user_id');
$this->config->deleteUserValue($this->userId, Application::APP_ID, 'user_name');
$this->config->setUserValue(
$this->userId, Application::APP_ID, 'oauth_connection_result', 'error'
);
$this->config->setUserValue(
$this->userId, Application::APP_ID, 'oauth_connection_error_message', 'token is not valid'
);
}

}
} else {
$token = $this->config->getUserValue($this->userId, Application::APP_ID, 'token');
}
Expand Down
Loading

0 comments on commit 0be9b87

Please sign in to comment.