Merge branch '2.4-develop' into 2.4-develop

Author: Dhaval410

.github/ISSUE_TEMPLATE/developer-experience-issue.md

@@ -0,0 +1,45 @@
+name: Developer experience issue
+description: Issues related to customization, extensibility, modularity
+labels: ['Triage: Dev.Experience']
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Please read [our guidelines](https://developer.adobe.com/commerce/contributor/guides/code-contributions/#report-an-issue) before submitting the issue.
+  - type: textarea
+    attributes:
+      label: Summary
+      description: |
+        Describe the issue you are experiencing.
+        Include general information, error messages, environments, and so on.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Examples
+      description: |
+        Provide code examples or a patch with a test (recommended) to clearly indicate the problem.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Proposed solution
+      description: |
+        Suggest your potential solutions for this issue.
+  - type: textarea
+    attributes:
+      label: Release note
+      description: |
+        Help us to provide meaningful release notes to the community.
+  - type: checkboxes
+    attributes:
+      label: Triage and priority
+      description: |
+        Provide [Severity](https://developer.adobe.com/commerce/contributor/guides/code-contributions/#community-backlog-priority) assessment for the Issue as a Reporter.
+        This information helps us during the Confirmation and Issue triage processes.
+      options:
+        - label: 'Severity: **S0** _- Affects critical data or functionality and leaves users without workaround._'
+        - label: 'Severity: **S1** _- Affects critical data or functionality and forces users to employ a workaround._'
+        - label: 'Severity: **S2** _- Affects non-critical data or functionality and forces users to employ a workaround._'
+        - label: 'Severity: **S3** _- Affects non-critical data or functionality and does not force users to employ a workaround._'
+        - label: 'Severity: **S4** _- Affects aesthetics, professional look and feel, “quality” or “usability”._'

.github/ISSUE_TEMPLATE/developer_experience_issue.yaml

@@ -0,0 +1,41 @@
+name: Feature request
+description: Report to https://github.com/magento/community-features
+labels: ['feature request']
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Important: This repository is intended only for Magento 2 Technical Issues.
+        Enter Feature Requests at https://github.com/magento/community-features.
+        Project stakeholders monitor and manage requests.
+        Feature requests entered using this form may be moved to the forum.
+  - type: textarea
+    attributes:
+      label: Description
+      description: |
+        Describe the feature you would like to add.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Expected behavior
+      description: |
+        What is the expected behavior of this feature?
+        How is it going to work?
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Benefits
+      description: |
+        How do you think this feature would improve Magento?
+  - type: textarea
+    attributes:
+      label: Additional information
+      description: |
+        What other information can you provide about the desired feature?
+  - type: textarea
+    attributes:
+      label: Release note
+      description: |
+        Help us to provide meaningful release notes to the community.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -3,22 +3,24 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
-
 declare(strict_types=1);
 
 namespace Magento\AdminAdobeIms\Model\Authorization;
 
+use Magento\AdminAdobeIms\Api\SaveImsUserInterface;
 use Magento\AdminAdobeIms\Exception\AdobeImsAuthorizationException;
 use Magento\AdminAdobeIms\Service\AdminLoginProcessService;
 use Magento\AdminAdobeIms\Service\AdminReauthProcessService;
 use Magento\AdminAdobeIms\Service\ImsConfig;
 use Magento\AdobeIms\Exception\AdobeImsOrganizationAuthorizationException;
+use Magento\AdobeImsApi\Api\Data\TokenResponseInterface;
+use Magento\AdobeImsApi\Api\Data\TokenResponseInterfaceFactory;
 use Magento\AdobeImsApi\Api\GetProfileInterface;
 use Magento\AdobeImsApi\Api\GetTokenInterface;
 use Magento\AdobeImsApi\Api\OrganizationMembershipInterface;
 use Magento\Framework\App\RequestInterface;
 use Magento\Framework\Exception\AuthenticationException;
-use Magento\AdminAdobeIms\Api\SaveImsUserInterface;
+use Magento\Framework\Exception\AuthorizationException;
 
 /**
  * Adobe IMS Auth Model for getting Admin Token
@@ -28,6 +30,7 @@
 class AdobeImsAdminTokenUserService
 {
     private const ADOBE_IMS_MODULE_NAME = 'adobe_ims_auth';
+    private const AUTHORIZATION_METHOD_HEADER_BEARER = 'bearer';
 
     /**
      * @var ImsConfig
@@ -64,6 +67,11 @@ class AdobeImsAdminTokenUserService
      */
     private RequestInterface $request;
 
+    /**
+     * @var TokenResponseInterfaceFactory
+     */
+    private TokenResponseInterfaceFactory $tokenResponseFactory;
+
     /**
      * @var SaveImsUserInterface
      */
@@ -77,6 +85,7 @@ class AdobeImsAdminTokenUserService
      * @param RequestInterface $request
      * @param GetTokenInterface $token
      * @param GetProfileInterface $profile
+     * @param TokenResponseInterfaceFactory $tokenResponseFactory
      * @param SaveImsUserInterface $saveImsUser
      */
     public function __construct(
@@ -87,6 +96,7 @@ public function __construct(
         RequestInterface $request,
         GetTokenInterface $token,
         GetProfileInterface $profile,
+        TokenResponseInterfaceFactory $tokenResponseFactory,
         SaveImsUserInterface $saveImsUser
     ) {
         $this->adminImsConfig = $adminImsConfig;
@@ -96,6 +106,7 @@ public function __construct(
         $this->request = $request;
         $this->token = $token;
         $this->profile = $profile;
+        $this->tokenResponseFactory = $tokenResponseFactory;
         $this->saveImsUser = $saveImsUser;
     }
 
@@ -107,33 +118,23 @@ public function __construct(
      * @throws AdobeImsAuthorizationException
      * @throws AdobeImsOrganizationAuthorizationException
      * @throws AuthenticationException
+     * @throws AuthorizationException
      */
     public function processLoginRequest(bool $isReauthorize = false): void
     {
-        if ($this->adminImsConfig->enabled() && $this->request->getParam('code')
+        if ($this->adminImsConfig->enabled()
             && $this->request->getModuleName() === self::ADOBE_IMS_MODULE_NAME) {
             try {
-                $code = $this->request->getParam('code');
-
-                //get token from response
-                $tokenResponse = $this->token->getTokenResponse($code);
-                $accessToken = $tokenResponse->getAccessToken();
-
-                //get profile info to check email
-                $profile = $this->profile->getProfile($accessToken);
-                if (empty($profile['email'])) {
-                    throw new AuthenticationException(__('An authentication error occurred. Verify and try again.'));
-                }
-
-                //check membership in organization
-                $this->organizationMembership->checkOrganizationMembership($accessToken);
-
-                if ($isReauthorize) {
-                    $this->adminReauthProcessService->execute($tokenResponse);
+                if ($this->request->getHeader('Authorization')) {
+                    $tokenResponse = $this->getRequestedToken();
+                } elseif ($this->request->getParam('code')) {
+                    $code = $this->request->getParam('code');
+                    $tokenResponse = $this->token->getTokenResponse($code);
                 } else {
-                    $this->saveImsUser->save($profile);
-                    $this->adminLoginProcessService->execute($tokenResponse, $profile);
+                    throw new AuthenticationException(__('Unable to get Access Token. Please try again.'));
                 }
+
+                $this->getLoggedIn($isReauthorize, $tokenResponse);
             } catch (AdobeImsAuthorizationException $e) {
                 throw new AdobeImsAuthorizationException(
                     __('You don\'t have access to this Commerce instance')
@@ -147,4 +148,58 @@ public function processLoginRequest(bool $isReauthorize = false): void
             throw new AuthenticationException(__('An authentication error occurred. Verify and try again.'));
         }
     }
+
+    /**
+     * Get requested token using Authorization header
+     *
+     * @return TokenResponseInterface
+     * @throws AuthenticationException
+     */
+    private function getRequestedToken(): TokenResponseInterface
+    {
+        $authorizationHeaderValue = $this->request->getHeader('Authorization');
+        if (!$authorizationHeaderValue) {
+            throw new AuthenticationException(__('An authentication error occurred. Verify and try again.'));
+        }
+
+        $headerPieces = explode(" ", $authorizationHeaderValue);
+        if (count($headerPieces) !== 2) {
+            throw new AuthenticationException(__('An authentication error occurred. Verify and try again.'));
+        }
+
+        $tokenType = strtolower($headerPieces[0]);
+        if ($tokenType !== self::AUTHORIZATION_METHOD_HEADER_BEARER) {
+            throw new AuthenticationException(__('An authentication error occurred. Verify and try again.'));
+        }
+
+        $tokenResponse['access_token'] = $headerPieces[1];
+        return $this->tokenResponseFactory->create(['data' => $tokenResponse]);
+    }
+
+    /**
+     * Responsible for logging in to Admin Panel
+     *
+     * @param bool $isReauthorize
+     * @param TokenResponseInterface $tokenResponse
+     * @return void
+     * @throws AdobeImsAuthorizationException
+     * @throws AuthenticationException
+     * @throws AuthorizationException
+     */
+    private function getLoggedIn(bool $isReauthorize, TokenResponseInterface $tokenResponse): void
+    {
+        $profile = $this->profile->getProfile($tokenResponse->getAccessToken());
+        if (empty($profile['email'])) {
+            throw new AuthenticationException(__('An authentication error occurred. Verify and try again.'));
+        }
+
+        $this->organizationMembership->checkOrganizationMembership($tokenResponse->getAccessToken());
+
+        if ($isReauthorize) {
+            $this->adminReauthProcessService->execute($tokenResponse);
+        } else {
+            $this->saveImsUser->save($profile);
+            $this->adminLoginProcessService->execute($tokenResponse, $profile);
+        }
+    }
 }