From ae1df93a8898795ae295b785b437e6dbd46fa4b9 Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Tue, 21 Nov 2023 15:24:29 +0100 Subject: [PATCH] Clean up clientflow code --- lib/AppInfo/Application.php | 63 ++++++++++++++++++------------------- 1 file changed, 31 insertions(+), 32 deletions(-) diff --git a/lib/AppInfo/Application.php b/lib/AppInfo/Application.php index bdec72ae..83a6bb69 100644 --- a/lib/AppInfo/Application.php +++ b/lib/AppInfo/Application.php @@ -104,13 +104,12 @@ public function boot(IBootContext $context): void { * This is the automatic redirect exclusively for Nextcloud/Magentacloud clients * completely skipping consent layer */ - private function registerNmcClientFlow(IRequest $request, - IURLGenerator $urlGenerator, - ProviderMapper $providerMapper, - ISession $session, - ISecureRandom $random): void { - - $providers = $this->getCachedProviders($providerMapper); + private function registerNmcClientFlow(IRequest $request, + IURLGenerator $urlGenerator, + ProviderMapper $providerMapper, + ISession $session, + ISecureRandom $random): void { + $providers = $this->getCachedProviders($providerMapper); // Handle immediate redirect on client first-time login $isClientLoginFlow = false; @@ -125,33 +124,33 @@ private function registerNmcClientFlow(IRequest $request, return strtolower($p->getIdentifier()) === "telekom"; })); if (count($tproviders) == 0) { - // always show normal login flow as error fallback - return; - } - - $stateToken = $random->generate( - 64, - ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS - ); - $session->set('client.flow.state.token', $stateToken); + // always show normal login flow as error fallback + return; + } + + $stateToken = $random->generate( + 64, + ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS + ); + $session->set('client.flow.state.token', $stateToken); - // call the service to get the params, but suppress the template - // compute grant redirect Url to go directly to Telekom login - $redirectUrl = $urlGenerator->linkToRoute('core.ClientFlowLogin.grantPage', [ - 'stateToken' => $stateToken, - // grantPage service operation is deriving oauth2 client name (again), - // so we simply pass on clientIdentifier or empty string - 'clientIdentifier' => $request->getParam('clientIdentifier', ''), - 'direct' => $request->getParam('direct', '0') - ]); - if ($redirectUrl === null) { - // always show normal login flow as error fallback - return; - } - - // direct login, consent layer later + // call the service to get the params, but suppress the template + // compute grant redirect Url to go directly to Telekom login + $redirectUrl = $urlGenerator->linkToRoute('core.ClientFlowLogin.grantPage', [ + 'stateToken' => $stateToken, + // grantPage service operation is deriving oauth2 client name (again), + // so we simply pass on clientIdentifier or empty string + 'clientIdentifier' => $request->getParam('clientIdentifier', ''), + 'direct' => $request->getParam('direct', '0') + ]); + if ($redirectUrl === null) { + // always show normal login flow as error fallback + return; + } + + // direct login, consent layer later $targetUrl = $urlGenerator->linkToRoute(self::APP_ID . '.login.login', [ - 'providerId' => $tproviders[0]->getId(), + 'providerId' => $tproviders[0]->getId(), 'redirectUrl' => $redirectUrl ]); header('Location: ' . $targetUrl);