CABPI-324: Change Org check to use new endpoint

andimov · andimov · commit 12819339ac3b · 2022-05-09T04:49:09.000-05:00
diff --git a/app/code/Magento/AdminAdobeIms/Controller/Adminhtml/OAuth/ImsCallback.php b/app/code/Magento/AdminAdobeIms/Controller/Adminhtml/OAuth/ImsCallback.php
@@ -98,13 +98,18 @@ public function execute(): Redirect
                 throw new AuthenticationException(__('An authentication error occurred. Verify and try again.'));
             }
 
+            //get token from response
             $tokenResponse = $this->adminImsConnection->getTokenResponse($code);
+            $accessToken = $tokenResponse->getAccessToken();
 
-            $profile = $this->adminImsConnection->getProfile($tokenResponse->getAccessToken());
+            //check organization assignment
+            $this->adminOrganizationService->checkOrganizationAllocation($accessToken);
+
+            //get profile info to check email
+            $profile = $this->adminImsConnection->getProfile($accessToken);
             if (empty($profile['email'])) {
                 throw new AuthenticationException(__('An authentication error occurred. Verify and try again.'));
             }
-            $this->adminOrganizationService->checkOrganizationAllocation($profile);
             $this->adminLoginProcessService->execute($tokenResponse, $profile);
         } catch (AdobeImsAuthorizationException $e) {
             $this->logger->error($e->getMessage());
diff --git a/app/code/Magento/AdminAdobeIms/Service/ImsOrganizationService.php b/app/code/Magento/AdminAdobeIms/Service/ImsOrganizationService.php
@@ -33,44 +33,26 @@ public function __construct(
     }
 
     /**
-     * Check if profile is allocated to configured organization
+     * Check if user is assigned to organization
      *
-     * @param array $profile
+     * @param string $token
      * @return bool
      * @throws AdobeImsOrganizationAuthorizationException
      */
-    public function checkOrganizationAllocation(array $profile): bool
+    public function checkOrganizationAllocation(string $token): bool
     {
         $configuredOrganization = $this->adminImsConfig->getOrganizationId();
 
         //@TODO CABPI-324: Change Org check to use new endpoint
-        if (!$configuredOrganization) {
+        if (!$configuredOrganization || !$token) {
             throw new AdobeImsOrganizationAuthorizationException(
-                __('Profile is not assigned to defined organization.')
+                __('User is not assigned to defined organization.')
             );
         }
 
         return true;
     }
 
-    /**
-     * Get list of assigned organizations of admin
-     *
-     * @param array $profileRoles
-     * @return array
-     * @throws AdobeImsOrganizationAuthorizationException
-     */
-    private function getCustomerOrganizationList(array $profileRoles): array
-    {
-        $organizationList = [];
-        foreach ($profileRoles as $role) {
-            $organizationId = $this->validateAndExtractOrganizationId($role['organization']);
-            $organizationList[$role['named_role']] = $organizationId;
-        }
-
-        return $organizationList;
-    }
-
     /**
      * Check if OrganizationID matches pattern
      *
