feat: login entree-carto première tentative

IGNF · Dec 10, 2024 · 81daec0 · 81daec0
1 parent fb07d63
commit 81daec0
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 0 deletions.
diff --git a/src/Controller/SecurityController.php b/src/Controller/SecurityController.php
@@ -3,9 +3,11 @@
 namespace App\Controller;
 
 use App\Exception\AppException;
+use App\Security\KeycloakToken;
 use App\Security\User;
 use KnpU\OAuth2ClientBundle\Client\ClientRegistry;
 use KnpU\OAuth2ClientBundle\Client\Provider\KeycloakClient;
+use League\OAuth2\Client\Token\AccessToken;
 use Stevenmaguire\OAuth2\Client\Provider\Keycloak;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
@@ -87,6 +89,28 @@ public function userInfoEdit(ClientRegistry $clientRegistry): RedirectResponse
         return $this->redirect($accountUrl);
     }
 
+    #[Route('/login/entree-carto/', name: 'login_entree_carto', methods: ['GET'])]
+    public function loginEntreeCarto(Request $request): RedirectResponse
+    {
+        /** @var ?AccessToken */
+        $token = $request->getSession()->get(KeycloakToken::SESSION_KEY);
+
+        // un token null signifie qu'on n'est pas connecté, donc on fait la connexion sur cartes d'abord. Après la connexion on revient ici et envoie le token à entree-carto par une redirection
+        if (null === $token) {
+            $request->getSession()->set('login_entree_carto', 1);
+
+            return new RedirectResponse($this->generateUrl('cartesgouvfr_security_login'));
+        }
+        $tokenArray = $token->jsonSerialize();
+
+        // $entreeCartoLoginCallbackUrl = $this->generateUrl('cartesgouvfr_app', [], UrlGeneratorInterface::ABSOLUTE_URL).'cartes';
+        $entreeCartoLoginCallbackUrl = 'http://localhost:5173/cartes.gouv.fr-entree-carto/login';
+
+        return new RedirectResponse($entreeCartoLoginCallbackUrl.'?'.http_build_query([
+            'token' => json_encode($tokenArray),
+        ]));
+    }
+
     private function testLogin(
         TokenStorageInterface $tokenStorage,
         Request $request,

diff --git a/src/Security/KeycloakAuthenticator.php b/src/Security/KeycloakAuthenticator.php
@@ -27,6 +27,7 @@ class KeycloakAuthenticator extends OAuth2Authenticator implements Authenticatio
 
     public const LOGIN_ROUTE = 'cartesgouvfr_security_login';
     public const LOGIN_CHECK_ROUTE = 'cartesgouvfr_security_login_check';
+    public const LOGIN_ENTREE_CARTO = 'cartesgouvfr_security_login_entree_carto';
     public const SUCCESS_ROUTE = 'cartesgouvfr_app';
     public const HOME_ROUTE = 'cartesgouvfr_app';
 
@@ -92,11 +93,16 @@ public function onAuthenticationSuccess(Request $request, TokenInterface $token,
         $targetPath = $this->getTargetPath($request->getSession(), $firewallName);
 
         $sessionExpired = $request->getSession()->get('session_expired');
+        $loginEntreeCarto = $request->getSession()->get('login_entree_carto');
 
         if (!is_null($sessionExpired) && 1 === intval($sessionExpired)) {
             $redirectUrl = $this->router->generate(self::HOME_ROUTE, ['session_expired_login_success' => 1], RouterInterface::ABSOLUTE_URL);
 
             $request->getSession()->remove('session_expired');
+        } if (!is_null($loginEntreeCarto) && 1 === intval($loginEntreeCarto)) {
+            $redirectUrl = $this->router->generate(self::LOGIN_ENTREE_CARTO, [], RouterInterface::ABSOLUTE_URL);
+
+            $request->getSession()->remove('login_entree_carto');
         } else {
             $redirectUrl = $referer ?? $targetPath ?? $this->router->generate(self::SUCCESS_ROUTE, [], RouterInterface::ABSOLUTE_URL);
             $redirectUrl = str_replace('authentication_failed=1', '', $redirectUrl);