Skip to content

Commit 332fcbc

Browse files
rimple-sainirimple-saini
committed
Merge remote-tracking branch 'origin/CABPI-467' into gl_pr_arrows_sep6_2022
2 parents eb348e2 + 1be5f2a commit 332fcbc

File tree

7 files changed

+701
-122
lines changed

7 files changed

+701
-122
lines changed

app/code/Magento/AdminAdobeIms/Controller/Adminhtml/OAuth/ImsCallback.php

Lines changed: 14 additions & 69 deletions
Original file line numberDiff line numberDiff line change
@@ -8,20 +8,18 @@
88
namespace Magento\AdminAdobeIms\Controller\Adminhtml\OAuth;
99

1010
use Exception;
11-
use Magento\AdminAdobeIms\Exception\AdobeImsAuthorizationException;
11+
1212
use Magento\AdminAdobeIms\Logger\AdminAdobeImsLogger;
13-
use Magento\AdminAdobeIms\Service\AdminLoginProcessService;
1413
use Magento\AdminAdobeIms\Service\ImsConfig;
15-
use Magento\AdobeIms\Exception\AdobeImsOrganizationAuthorizationException;
16-
use Magento\AdobeImsApi\Api\GetProfileInterface;
17-
use Magento\AdobeImsApi\Api\GetTokenInterface;
18-
use Magento\AdobeImsApi\Api\OrganizationMembershipInterface;
14+
use Magento\Authorization\Model\UserContextInterface;
1915
use Magento\Backend\App\Action\Context;
2016
use Magento\Backend\Controller\Adminhtml\Auth;
2117
use Magento\Backend\Model\View\Result\Redirect;
2218
use Magento\Framework\App\Action\HttpGetActionInterface;
23-
use Magento\Framework\Exception\AuthenticationException;
2419

20+
/**
21+
* Callback for handling redirect from Adobe IMS
22+
*/
2523
class ImsCallback extends Auth implements HttpGetActionInterface
2624
{
2725
public const ACTION_NAME = 'imscallback';
@@ -31,56 +29,32 @@ class ImsCallback extends Auth implements HttpGetActionInterface
3129
*/
3230
private ImsConfig $adminImsConfig;
3331

34-
/**
35-
* @var OrganizationMembershipInterface
36-
*/
37-
private OrganizationMembershipInterface $organizationMembership;
38-
39-
/**
40-
* @var AdminLoginProcessService
41-
*/
42-
private AdminLoginProcessService $adminLoginProcessService;
43-
4432
/**
4533
* @var AdminAdobeImsLogger
4634
*/
4735
private AdminAdobeImsLogger $logger;
4836

4937
/**
50-
* @var GetTokenInterface
51-
*/
52-
private GetTokenInterface $token;
53-
54-
/**
55-
* @var GetProfileInterface
38+
* @var UserContextInterface
5639
*/
57-
private GetProfileInterface $profile;
40+
private UserContextInterface $userContext;
5841

5942
/**
6043
* @param Context $context
6144
* @param ImsConfig $adminImsConfig
62-
* @param OrganizationMembershipInterface $organizationMembership
63-
* @param AdminLoginProcessService $adminLoginProcessService
6445
* @param AdminAdobeImsLogger $logger
65-
* @param GetTokenInterface $token
66-
* @param GetProfileInterface $profile
46+
* @param UserContextInterface $userContext
6747
*/
6848
public function __construct(
6949
Context $context,
7050
ImsConfig $adminImsConfig,
71-
OrganizationMembershipInterface $organizationMembership,
72-
AdminLoginProcessService $adminLoginProcessService,
7351
AdminAdobeImsLogger $logger,
74-
GetTokenInterface $token,
75-
GetProfileInterface $profile
52+
UserContextInterface $userContext
7653
) {
7754
parent::__construct($context);
7855
$this->adminImsConfig = $adminImsConfig;
79-
$this->organizationMembership = $organizationMembership;
80-
$this->adminLoginProcessService = $adminLoginProcessService;
8156
$this->logger = $logger;
82-
$this->token = $token;
83-
$this->profile = $profile;
57+
$this->userContext = $userContext;
8458
}
8559

8660
/**
@@ -100,40 +74,11 @@ public function execute(): Redirect
10074
}
10175

10276
try {
103-
$code = $this->getRequest()->getParam('code');
104-
105-
if ($code === null) {
106-
throw new AuthenticationException(__('An authentication error occurred. Verify and try again.'));
77+
if ($this->userContext->getUserId()
78+
&& $this->userContext->getUserType() === UserContextInterface::USER_TYPE_ADMIN
79+
) {
80+
return $resultRedirect;
10781
}
108-
109-
//get token from response
110-
$tokenResponse = $this->token->getTokenResponse($code);
111-
$accessToken = $tokenResponse->getAccessToken();
112-
113-
//get profile info to check email
114-
$profile = $this->profile->getProfile($accessToken);
115-
if (empty($profile['email'])) {
116-
throw new AuthenticationException(__('An authentication error occurred. Verify and try again.'));
117-
}
118-
119-
//check membership in organization
120-
$this->organizationMembership->checkOrganizationMembership($accessToken);
121-
122-
$this->adminLoginProcessService->execute($tokenResponse, $profile);
123-
} catch (AdobeImsAuthorizationException $e) {
124-
$this->logger->error($e->getMessage());
125-
126-
$this->imsErrorMessage(
127-
'You don\'t have access to this Commerce instance',
128-
AdobeImsAuthorizationException::ERROR_MESSAGE
129-
);
130-
} catch (AdobeImsOrganizationAuthorizationException $e) {
131-
$this->logger->error($e->getMessage());
132-
133-
$this->imsErrorMessage(
134-
'Unable to sign in with the Adobe ID',
135-
AdobeImsOrganizationAuthorizationException::ERROR_MESSAGE
136-
);
13782
} catch (Exception $e) {
13883
$this->logger->error($e->getMessage());
13984

app/code/Magento/AdminAdobeIms/Controller/Adminhtml/OAuth/ImsReauthCallback.php

Lines changed: 8 additions & 53 deletions
Original file line numberDiff line numberDiff line change
@@ -9,18 +9,14 @@
99

1010
use Exception;
1111
use Magento\AdminAdobeIms\Logger\AdminAdobeImsLogger;
12-
use Magento\AdminAdobeIms\Service\AdminReauthProcessService;
12+
use Magento\AdminAdobeIms\Model\Authorization\AdobeImsAdminTokenUserService;
1313
use Magento\AdminAdobeIms\Service\ImsConfig;
14-
use Magento\AdobeImsApi\Api\OrganizationMembershipInterface;
15-
use Magento\AdobeImsApi\Api\GetProfileInterface;
1614
use Magento\Backend\App\Action\Context;
1715
use Magento\Backend\Controller\Adminhtml\Auth;
1816
use Magento\Framework\App\Action\HttpGetActionInterface;
1917
use Magento\Framework\Controller\Result\Raw;
2018
use Magento\Framework\Controller\ResultFactory;
2119
use Magento\Framework\Controller\ResultInterface;
22-
use Magento\AdobeImsApi\Api\GetTokenInterface;
23-
use Magento\Framework\Exception\AuthenticationException;
2420

2521
class ImsReauthCallback extends Auth implements HttpGetActionInterface
2622
{
@@ -42,56 +38,32 @@ class ImsReauthCallback extends Auth implements HttpGetActionInterface
4238
*/
4339
private ImsConfig $adminImsConfig;
4440

45-
/**
46-
* @var OrganizationMembershipInterface
47-
*/
48-
private OrganizationMembershipInterface $organizationMembership;
49-
50-
/**
51-
* @var AdminReauthProcessService
52-
*/
53-
private AdminReauthProcessService $adminReauthProcessService;
54-
5541
/**
5642
* @var AdminAdobeImsLogger
5743
*/
5844
private AdminAdobeImsLogger $logger;
5945

6046
/**
61-
* @var GetTokenInterface
62-
*/
63-
private GetTokenInterface $token;
64-
65-
/**
66-
* @var GetProfileInterface
47+
* @var AdobeImsAdminTokenUserService
6748
*/
68-
private GetProfileInterface $profile;
49+
private AdobeImsAdminTokenUserService $adminTokenUserService;
6950

7051
/**
7152
* @param Context $context
72-
* @param GetProfileInterface $profile
7353
* @param ImsConfig $adminImsConfig
74-
* @param OrganizationMembershipInterface $organizationMembership
75-
* @param AdminReauthProcessService $adminReauthProcessService
54+
* @param AdobeImsAdminTokenUserService $adminTokenUserService
7655
* @param AdminAdobeImsLogger $logger
77-
* @param GetTokenInterface $token
7856
*/
7957
public function __construct(
8058
Context $context,
81-
GetProfileInterface $profile,
8259
ImsConfig $adminImsConfig,
83-
OrganizationMembershipInterface $organizationMembership,
84-
AdminReauthProcessService $adminReauthProcessService,
85-
AdminAdobeImsLogger $logger,
86-
GetTokenInterface $token
60+
AdobeImsAdminTokenUserService $adminTokenUserService,
61+
AdminAdobeImsLogger $logger
8762
) {
8863
parent::__construct($context);
89-
$this->profile = $profile;
9064
$this->adminImsConfig = $adminImsConfig;
91-
$this->organizationMembership = $organizationMembership;
92-
$this->adminReauthProcessService = $adminReauthProcessService;
65+
$this->adminTokenUserService = $adminTokenUserService;
9366
$this->logger = $logger;
94-
$this->token = $token;
9567
}
9668

9769
/**
@@ -119,24 +91,7 @@ public function execute(): ResultInterface
11991
}
12092

12193
try {
122-
$code = $this->getRequest()->getParam('code');
123-
124-
if ($code === null) {
125-
throw new AuthenticationException(__('An authentication error occurred. Verify and try again.'));
126-
}
127-
128-
$tokenResponse = $this->token->getTokenResponse($code);
129-
$accessToken = $tokenResponse->getAccessToken();
130-
131-
$profile = $this->profile->getProfile($accessToken);
132-
if (empty($profile['email'])) {
133-
throw new AuthenticationException(__('An authentication error occurred. Verify and try again.'));
134-
}
135-
136-
//check membership in organization
137-
$this->organizationMembership->checkOrganizationMembership($accessToken);
138-
139-
$this->adminReauthProcessService->execute($tokenResponse);
94+
$this->adminTokenUserService->processLoginRequest(true);
14095

14196
$response = sprintf(
14297
self::RESPONSE_TEMPLATE,

app/code/Magento/AdminAdobeIms/Model/Authorization/AdobeImsAdminTokenUserContext.php

Lines changed: 106 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,106 @@
1+
<?php
2+
/**
3+
* Copyright © Magento, Inc. All rights reserved.
4+
* See COPYING.txt for license details.
5+
*/
6+
declare(strict_types=1);
7+
8+
namespace Magento\AdminAdobeIms\Model\Authorization;
9+
10+
use Magento\AdminAdobeIms\Model\Auth;
11+
use Magento\AdminAdobeIms\Service\ImsConfig;
12+
use Magento\AdobeImsApi\Api\IsTokenValidInterface;
13+
use Magento\Authorization\Model\UserContextInterface;
14+
use Magento\Framework\Exception\AuthenticationException;
15+
16+
/**
17+
* A user context determined by Adobe IMS tokens for Admin Panel.
18+
*/
19+
class AdobeImsAdminTokenUserContext implements UserContextInterface
20+
{
21+
/**
22+
* @var int|null
23+
*/
24+
private ?int $userId = null;
25+
26+
/**
27+
* @var bool
28+
*/
29+
private bool $isRequestProcessed = false;
30+
31+
/**
32+
* @var ImsConfig
33+
*/
34+
private ImsConfig $adminImsConfig;
35+
36+
/**
37+
* @var Auth
38+
*/
39+
protected Auth $auth;
40+
41+
/**
42+
* @var IsTokenValidInterface
43+
*/
44+
private IsTokenValidInterface $isTokenValid;
45+
46+
/**
47+
* @var AdobeImsAdminTokenUserService
48+
*/
49+
private AdobeImsAdminTokenUserService $adminTokenUserService;
50+
51+
/**
52+
* @param ImsConfig $adminImsConfig
53+
* @param Auth $auth
54+
* @param IsTokenValidInterface $isTokenValid
55+
* @param AdobeImsAdminTokenUserService $adminTokenUserService
56+
*/
57+
public function __construct(
58+
ImsConfig $adminImsConfig,
59+
Auth $auth,
60+
IsTokenValidInterface $isTokenValid,
61+
AdobeImsAdminTokenUserService $adminTokenUserService
62+
) {
63+
$this->adminImsConfig = $adminImsConfig;
64+
$this->auth = $auth;
65+
$this->isTokenValid = $isTokenValid;
66+
$this->adminTokenUserService = $adminTokenUserService;
67+
}
68+
69+
/**
70+
* @inheritdoc
71+
*/
72+
public function getUserId(): ?int
73+
{
74+
if (!$this->adminImsConfig->enabled() || $this->isRequestProcessed) {
75+
return $this->userId;
76+
}
77+
78+
$session = $this->auth->getAuthStorage();
79+
80+
if (!empty($session->getAdobeAccessToken())) {
81+
$isTokenValid = $this->isTokenValid->validateToken($session->getAdobeAccessToken());
82+
if (!$isTokenValid) {
83+
throw new AuthenticationException(__('Session Access Token is not valid'));
84+
}
85+
} else {
86+
try {
87+
$this->adminTokenUserService->processLoginRequest();
88+
} catch (\Exception $e) {
89+
throw new AuthenticationException(__('Login request error %1', $e->getMessage()), $e, 0);
90+
}
91+
}
92+
93+
$this->userId = (int) $session->getUser()->getUserId();
94+
$this->isRequestProcessed = true;
95+
96+
return $this->userId;
97+
}
98+
99+
/**
100+
* @inheritdoc
101+
*/
102+
public function getUserType(): ?int
103+
{
104+
return UserContextInterface::USER_TYPE_ADMIN;
105+
}
106+
}

0 commit comments

Comments
 (0)