fix: restore the use of a UserProvider

(cherry picked from commit b6b5841)
ecphp · Feb 8, 2023 · 5531bda · 5531bda
1 parent f7cf369
commit 5531bda
Show file tree

Hide file tree

Showing 5 changed files with 27 additions and 18 deletions.
diff --git a/spec/EcPhp/CasBundle/Cas.php b/spec/EcPhp/CasBundle/Cas.php
@@ -38,15 +38,15 @@ public static function getHttpClientMock()
                 case 'http://local/cas/serviceValidate?ticket=ST-ticket&service=http%3A%2F%2Flocal%2Fcas%2FserviceValidate%3Fservice%3Dservice':
                 case 'http://local/cas/serviceValidate?ticket=PT-ticket&service=http%3A%2F%2Flocal%2Fcas%2FproxyValidate%3Fservice%3Dservice':
                 case 'http://local/cas/serviceValidate?ticket=PT-ticket&service=http%3A%2F%2Ffrom':
-                $body = <<< 'EOF'
-                    <cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">
-                     <cas:authenticationSuccess>
-                      <cas:user>username</cas:user>
-                     </cas:authenticationSuccess>
-                    </cas:serviceResponse>
-                    EOF;
-
-                break;
+                    $body = <<< 'EOF'
+                        <cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">
+                         <cas:authenticationSuccess>
+                          <cas:user>username</cas:user>
+                         </cas:authenticationSuccess>
+                        </cas:serviceResponse>
+                        EOF;
+
+                    break;
 
                 case 'http://local/cas/serviceValidate?service=service&ticket=ticket-failure':
                     $body = <<< 'EOF'

diff --git a/spec/EcPhp/CasBundle/Security/CasAuthenticatorSpec.php b/spec/EcPhp/CasBundle/Security/CasAuthenticatorSpec.php
@@ -12,6 +12,7 @@
 namespace spec\EcPhp\CasBundle\Security;
 
 use EcPhp\CasBundle\Security\CasAuthenticator;
+use EcPhp\CasBundle\Security\Core\User\CasUserProvider;
 use EcPhp\CasLib\Cas;
 use EcPhp\CasLib\CasInterface;
 use EcPhp\CasLib\Introspection\Introspector;
@@ -60,9 +61,10 @@ public function it_can_check_if_authentication_is_supported_when_a_user_is_logge
         );
 
         $unalteredPsrHttpMessageFactory = new UnalteredPsrHttpFactory($psrHttpMessageFactory, $psr17Factory);
+        $userProvider = new CasUserProvider(new Introspector());
 
         $this
-            ->beConstructedWith($cas, $unalteredPsrHttpMessageFactory);
+            ->beConstructedWith($cas, $unalteredPsrHttpMessageFactory, $userProvider);
 
         $this
             ->supports(Request::create('http://app'))
@@ -196,8 +198,10 @@ public function let()
 
         $unalteredPsrHttpMessageFactory = new UnalteredPsrHttpFactory($psrHttpMessageFactory, $psr17Factory);
 
+        $userProvider = new CasUserProvider(new Introspector());
+
         $this
-            ->beConstructedWith($cas, $unalteredPsrHttpMessageFactory);
+            ->beConstructedWith($cas, $unalteredPsrHttpMessageFactory, $userProvider);
     }
 
     private function getCas(): CasInterface

diff --git a/src/Controller/Logout.php b/src/Controller/Logout.php
@@ -33,7 +33,7 @@ public function __invoke(
             return new RedirectResponse('/');
         }
 
-        $tokenStorage->setToken();
+        $tokenStorage->setToken(null);
 
         return $response;
     }

diff --git a/src/Resources/config/services.php b/src/Resources/config/services.php
@@ -19,6 +19,7 @@
 use EcPhp\CasBundle\Security\CasAuthenticator;
 use EcPhp\CasBundle\Security\CasGuardAuthenticator;
 use EcPhp\CasBundle\Security\Core\User\CasUserProvider;
+use EcPhp\CasBundle\Security\Core\User\CasUserProviderInterface;
 use EcPhp\CasLib\Cas;
 use EcPhp\CasLib\CasInterface;
 use EcPhp\CasLib\Configuration\PropertiesInterface;
@@ -45,7 +46,7 @@
     $services->alias(PropertiesInterface::class, 'cas.configuration');
 
     $services->set('cas.userprovider', CasUserProvider::class);
-    $services->alias(CasUserProvider::class, 'cas.userprovider');
+    $services->alias(CasUserProviderInterface::class, 'cas.userprovider');
 
     $services->set('cas.authenticator', CasAuthenticator::class);
     $services->alias(CasAuthenticator::class, 'cas.authenticator');

diff --git a/src/Security/CasAuthenticator.php b/src/Security/CasAuthenticator.php
@@ -11,7 +11,7 @@
 
 namespace EcPhp\CasBundle\Security;
 
-use EcPhp\CasBundle\Security\Core\User\CasUser;
+use EcPhp\CasBundle\Security\Core\User\CasUserProviderInterface;
 use EcPhp\CasLib\CasInterface;
 use EcPhp\CasLib\Introspection\Contract\ServiceValidate;
 use EcPhp\CasLib\Utils\Uri;
@@ -35,12 +35,16 @@ final class CasAuthenticator extends AbstractAuthenticator
 
     private HttpMessageFactoryInterface $httpMessageFactory;
 
+    private CasUserProviderInterface $userProvider;
+
     public function __construct(
         CasInterface $cas,
-        HttpMessageFactoryInterface $httpMessageFactory
+        HttpMessageFactoryInterface $httpMessageFactory,
+        CasUserProviderInterface $userProvider
     ) {
         $this->cas = $cas;
         $this->httpMessageFactory = $httpMessageFactory;
+        $this->userProvider = $userProvider;
     }
 
     public function authenticate(Request $request): Passport
@@ -66,12 +70,12 @@ public function authenticate(Request $request): Passport
             );
         }
 
-        $payload = $introspect->getCredentials();
+        $user = $this->userProvider->loadUserByResponse($response);
 
         return new SelfValidatingPassport(
             new UserBadge(
-                $payload['user'],
-                static fn (string $identifier): UserInterface => new CasUser($payload)
+                $user->getUserIdentifier(),
+                static fn (): UserInterface => $user
             )
         );
     }