5124: Added some logging

rimi-itk · rimi-itk · commit 9010a2d058cd · 2025-09-08T14:44:58.000+02:00
diff --git a/web/profiles/custom/os2loop/modules/os2loop_cura_login/README.md b/web/profiles/custom/os2loop/modules/os2loop_cura_login/README.md
@@ -38,7 +38,7 @@ drush os2loop-cura-login:get-login-url --help
 ```
 
 ``` shell name=drush-get-login-url
-drush os2loop-cura-login:get-login-url test@example.com --get=jwt --destination=/user \
+drush os2loop-cura-login:get-login-url az000000 --get=jwt --destination=/user \
   --algorithm="$(drush config:get --format string os2loop_cura_login.settings cura.signing_algorithm --include-overridden)" \
   --secret="$(drush config:get --format string os2loop_cura_login.settings cura.signing_secret --include-overridden)"
 ```
diff --git a/web/profiles/custom/os2loop/modules/os2loop_cura_login/os2loop_cura_login.info.yml b/web/profiles/custom/os2loop/modules/os2loop_cura_login/os2loop_cura_login.info.yml
@@ -5,5 +5,6 @@ package: "OS2Loop"
 core_version_requirement: ^10 || ^11
 dependencies:
   - drupal:user
+  - openid_connect:openid_connect
 
 configure: os2loop_cura_login.settings
diff --git a/web/profiles/custom/os2loop/modules/os2loop_cura_login/src/Controller/Os2loopCuraLoginController.php b/web/profiles/custom/os2loop/modules/os2loop_cura_login/src/Controller/Os2loopCuraLoginController.php
@@ -44,6 +44,9 @@ public function __construct(
     #[Autowire(service: 'logger.channel.os2loop_cura_login')]
     private readonly LoggerInterface $logger,
   ) {
+    $this->curaHelper->setController($this);
+    $this->idPHelper->setController($this);
+    $this->userHelper->setController($this);
   }
 
   /**
@@ -107,7 +110,7 @@ public function start(Request $request, ?string $jwt): Response {
 
       $this->debug('@debug', [
         '@debug' => json_encode([
-          'user' => $user,
+          'user' => $user->toArray(),
         ]),
       ]);
 
@@ -227,7 +230,7 @@ public function log($level, \Stringable|string $message, array $context = []): v
       LogLevel::DEBUG => RfcLogLevel::DEBUG,
     ];
     $rfcLogLevel = $levels[$level] ?? RfcLogLevel::ERROR;
-    if ((int) $this->settings->getLogLevel() >= $rfcLogLevel) {
+    if ($this->settings->getLogLevel() >= $rfcLogLevel) {
       $this->logger->log($level, $message, $context);
     }
   }
diff --git a/web/profiles/custom/os2loop/modules/os2loop_cura_login/src/CuraHelper.php b/web/profiles/custom/os2loop/modules/os2loop_cura_login/src/CuraHelper.php
@@ -3,13 +3,16 @@
 namespace Drupal\os2loop_cura_login;
 
 use Drupal\os2loop_cura_login\Settings\Cura;
+use Drupal\os2loop_cura_login\Trait\ControllerAwareTrait;
 use Firebase\JWT\JWT;
 use Firebase\JWT\Key;
 
 /**
  * Cura helper.
  */
 final class CuraHelper {
+  use ControllerAwareTrait;
+
   /**
    * The settings.
    */
diff --git a/web/profiles/custom/os2loop/modules/os2loop_cura_login/src/IdPHelper.php b/web/profiles/custom/os2loop/modules/os2loop_cura_login/src/IdPHelper.php
@@ -3,11 +3,14 @@
 namespace Drupal\os2loop_cura_login;
 
 use Drupal\os2loop_cura_login\Settings\IdP;
+use Drupal\os2loop_cura_login\Trait\ControllerAwareTrait;
 
 /**
  * IdP helper.
  */
 final class IdPHelper {
+  use ControllerAwareTrait;
+
   /**
    * The settings.
    */
@@ -23,31 +26,44 @@ public function __construct(
    * Get user info from userinfo endpoint.
    */
   public function fetchUserinfo(string $username): array {
-    $query = [
-      $this->settings->getUsernameClaim() => $username,
-    ];
+    // @todo Call some API here …
+    // $query = [
+    // $this->settings->getUsernameClaim() => $username,
+    // ];
     // $result = fetch($query)
-    return [
+    // Mock up some user data matching claims from OIDC login.
+    $result = [
       // Drupal user fields.
+      'upn' => $username,
       'name' => $username,
-      'mail' => $username . '@cura.example.com',
-
-      // OS2Lloop fields
-      // 'os2loop_user_address' => '',
-      // 'os2loop_user_areas_of_expertise' => '',
-      // 'os2loop_user_biography' => '',
-      // 'os2loop_user_city' => '',
-      // 'os2loop_user_external_list' => '',.
-      'os2loop_user_family_name' => 'Cura',
-      'os2loop_user_given_name' => 'User',
-      // 'os2loop_user_image' => '',
-      // 'os2loop_user_internal_list' => '',
-      // 'os2loop_user_job_title' => '',
-      // 'os2loop_user_phone_number' => '',
-      // 'os2loop_user_place' => '',
-      // 'os2loop_user_postal_code' => '',
-      // 'os2loop_user_professions' => '',
+      'email' => filter_var($username, FILTER_VALIDATE_EMAIL) ? $username : $username . '@cura.example.com',
+      'samaccountname' => $username,
+      'given_name' => 'Cura',
+      'family_name' => 'User',
+      'groups' => [
+        'GG-Rolle-B2C-Loop-AuthenticatedUser-Prod',
+        // 'GG-Rolle-B2C-Loop-Administrator-Prod',
+        // 'GG-Rolle-B2C-Loop-Administrator-Test',
+        // 'GG-Rolle-B2C-Loop-DocumentAuthor-Prod',
+        // 'GG-Rolle-B2C-Loop-DocumentAuthor-Test',
+        // 'GG-Rolle-B2C-Loop-DocumentCollectionEditor-Prod',
+        // 'GG-Rolle-B2C-Loop-DocumentCollectionEditor-Test',
+        // 'GG-Rolle-B2C-Loop-DocumentationCoordinator-Prod',
+        // 'GG-Rolle-B2C-Loop-DocumentationCoordinator-Test',
+        // 'GG-Rolle-B2C-Loop-ExternalSourcesEditor-Prod',
+        // 'GG-Rolle-B2C-Loop-ExternalSourcesEditor-Test',
+        // 'GG-Rolle-B2C-Loop-Manager-Prod',
+        // 'GG-Rolle-B2C-Loop-Manager-Test',
+        // 'GG-Rolle-B2C-Loop-PostAuthor-Prod',
+        // 'GG-Rolle-B2C-Loop-PostAuthor-Test',
+        // 'GG-Rolle-B2C-Loop-ReadOnly-Prod',
+        // 'GG-Rolle-B2C-Loop-ReadOnly-Test',
+        // 'GG-Rolle-B2C-Loop-UserAdministrator-Prod',
+        // 'GG-Rolle-B2C-Loop-UserAdministrator-Test',
+      ],
     ];
+
+    return $result;
   }
 
 }
diff --git a/web/profiles/custom/os2loop/modules/os2loop_cura_login/src/Settings.php b/web/profiles/custom/os2loop/modules/os2loop_cura_login/src/Settings.php
@@ -68,7 +68,7 @@ public function getIdpSettings() {
    * Get log level.
    */
   public function getLogLevel() {
-    return (int) $this->config->get(self::SETTING_LOG_LEVEL) ?? RfcLogLevel::ERROR;
+    return (int) ($this->config->get(self::NAME)[self::SETTING_LOG_LEVEL] ?? RfcLogLevel::ERROR);
   }
 
   /**
diff --git a/web/profiles/custom/os2loop/modules/os2loop_cura_login/src/Trait/ControllerAwareTrait.php b/web/profiles/custom/os2loop/modules/os2loop_cura_login/src/Trait/ControllerAwareTrait.php
@@ -0,0 +1,35 @@
+<?php
+
+namespace Drupal\os2loop_cura_login\Trait;
+
+use Drupal\os2loop_cura_login\Controller\Os2loopCuraLoginController;
+use Psr\Log\LoggerTrait;
+
+/**
+ * Controller aware trait to let services use the logger.
+ */
+trait ControllerAwareTrait {
+  use LoggerTrait;
+
+  /**
+   * The controller.
+   */
+  private Os2loopCuraLoginController $controller;
+
+  /**
+   * Set controller.
+   */
+  public function setController(Os2loopCuraLoginController $controller) {
+    $this->controller = $controller;
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  public function log($level, \Stringable|string $message, array $context = []): void {
+    if ($this->controller) {
+      $this->controller->log($level, $message, $context);
+    }
+  }
+
+}
diff --git a/web/profiles/custom/os2loop/modules/os2loop_cura_login/src/UserHelper.php b/web/profiles/custom/os2loop/modules/os2loop_cura_login/src/UserHelper.php
@@ -3,19 +3,26 @@
 namespace Drupal\os2loop_cura_login;
 
 use Drupal\Core\Entity\EntityTypeManagerInterface;
+use Drupal\openid_connect\OpenIDConnect;
+use Drupal\os2loop_cura_login\Trait\ControllerAwareTrait;
 use Drupal\user\UserInterface;
 use Drupal\user\UserStorageInterface;
+use Symfony\Component\DependencyInjection\Attribute\Autowire;
 
 /**
  * User helper.
  */
 final class UserHelper {
+  use ControllerAwareTrait;
+
   /**
    * The user storage.
    */
   private readonly UserStorageInterface $userStorage;
 
   public function __construct(
+    #[Autowire(service: 'openid_connect.openid_connect')]
+    private readonly OpenIDConnect $openidConnect,
     EntityTypeManagerInterface $entityTypeManager,
   ) {
     $this->userStorage = $entityTypeManager->getStorage('user');
@@ -39,17 +46,21 @@ public function ensureUser(string $username, array $userinfo): UserInterface {
       $user = $this->userStorage->create();
     }
 
-    foreach ($userinfo as $field => $value) {
-      $currentValue = $user->get($field);
-      if ($currentValue !== $value) {
-        $user->set($field, $value);
-      }
+    // Make sure that the user is active.
+    $user->activate();
+    // saveUserinfo below needs a user id (uid).
+    if ($user->isNew()) {
+      $user->setUsername($username);
+      $user->save();
     }
 
-    // Make sure that the user is active.
-    $user
-      ->activate()
-      ->save();
+    // We piggyback on the OpenId Connect module to set user fields and roles.
+    if ($this->openidConnect->saveUserinfo($user, ['userinfo' => $userinfo])) {
+      $this->info('Userinfo saved on user @user (@username)', ['@user' => $user->label(), '@username' => $username]);
+    }
+    else {
+      $this->error('Error saving info on user @user (@username)', ['@user' => $user->label(), '@username' => $username]);
+    }
 
     return $user;
   }

Original file line number	Diff line number	Diff line change
`@@ -68,7 +68,7 @@ public function getIdpSettings() {`
`68`	`68`	`* Get log level.`
`69`	`69`	`*/`
`70`	`70`	`public function getLogLevel() {`
`71`		`- return (int) $this->config->get(self::SETTING_LOG_LEVEL) ?? RfcLogLevel::ERROR;`
	`71`	`+ return (int) ($this->config->get(self::NAME)[self::SETTING_LOG_LEVEL] ?? RfcLogLevel::ERROR);`
`72`	`72`	`}`
`73`	`73`
`74`	`74`	`/**`