wip: adds config options for oidc
This commit is contained in:
@@ -2,29 +2,30 @@
|
||||
|
||||
namespace App\User\Framework\Controller\Web;
|
||||
|
||||
use App\Base\ConfigResolver;
|
||||
use App\User\Framework\Repository\UserRepository;
|
||||
use App\User\Framework\Security\OidcUserProvider;
|
||||
use Doctrine\Common\Collections\ArrayCollection;
|
||||
use Drenso\OidcBundle\Exception\OidcException;
|
||||
use Drenso\OidcBundle\OidcClientInterface;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
use Symfony\Bundle\SecurityBundle\Security;
|
||||
use Symfony\Component\HttpFoundation\RedirectResponse;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\Routing\Attribute\Route;
|
||||
use Symfony\Component\Security\Http\Attribute\IsGranted;
|
||||
|
||||
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
|
||||
|
||||
class LoginController extends AbstractController
|
||||
{
|
||||
#[Route(path: '/login', name: 'app_login')]
|
||||
public function login(AuthenticationUtils $authenticationUtils, UserRepository $userRepository): Response
|
||||
public function login(ConfigResolver $config, AuthenticationUtils $authenticationUtils, UserRepository $userRepository): Response
|
||||
{
|
||||
if ((new ArrayCollection($userRepository->findAll()))->count() === 0) {
|
||||
return $this->redirectToRoute('app_getting_started');
|
||||
}
|
||||
|
||||
if ($config->authIs('oidc') && $config->bypassFormLogin()) {
|
||||
return $this->redirectToRoute('app_login_oidc');
|
||||
}
|
||||
|
||||
// get the login error if there is one
|
||||
$error = $authenticationUtils->getLastAuthenticationError();
|
||||
|
||||
@@ -32,6 +33,7 @@ class LoginController extends AbstractController
|
||||
$lastUsername = $authenticationUtils->getLastUsername();
|
||||
|
||||
return $this->render('user/login.html.twig', [
|
||||
'show_oidc_button' => $config->authIs('oidc'),
|
||||
'last_username' => $lastUsername,
|
||||
'error' => $error,
|
||||
]);
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
|
||||
namespace App\User\Framework\Controller\Web;
|
||||
|
||||
use App\Base\ConfigResolver;
|
||||
use Drenso\OidcBundle\OidcClientInterface;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
use Symfony\Bundle\SecurityBundle\Security;
|
||||
@@ -11,9 +12,18 @@ use Symfony\Component\Routing\Attribute\Route;
|
||||
|
||||
class LoginOidcController extends AbstractController
|
||||
{
|
||||
|
||||
public function __construct(
|
||||
private ConfigResolver $configResolver,
|
||||
) {}
|
||||
|
||||
#[Route('/login/oidc', name: 'app_login_oidc')]
|
||||
public function oidcStart(OidcClientInterface $oidcClient): RedirectResponse
|
||||
{
|
||||
if (false === $this->configResolver->authIs('oidc')) {
|
||||
throw new \Exception('You must configure the OIDC environment variables before logging in at this route.');
|
||||
}
|
||||
|
||||
// Redirect to authorization @ OIDC provider
|
||||
return $oidcClient->generateAuthorizationRedirect();
|
||||
}
|
||||
@@ -21,6 +31,10 @@ class LoginOidcController extends AbstractController
|
||||
#[Route('/login/oidc/auth', name: 'app_login_oidc_auth')]
|
||||
public function oidcAuthenticate(): RedirectResponse
|
||||
{
|
||||
if (false === $this->configResolver->authIs('oidc')) {
|
||||
throw new \Exception('You must configure the OIDC environment variables before logging in at this route.');
|
||||
}
|
||||
|
||||
throw new \LogicException('This method can be blank - it will be intercepted by the "oidc" key on your firewall.');
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user