|
|
|
|
<?php
|
|
|
|
|
/**
|
|
|
|
|
* Authserver, an OAuth2-based single-signon authentication provider written in PHP.
|
|
|
|
|
*
|
|
|
|
|
* Copyright (C) $today.date Lars Vierbergen
|
|
|
|
|
*
|
|
|
|
|
* his program is free software: you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU Affero General Public License as
|
|
|
|
|
* published by the Free Software Foundation, either version 3 of the
|
|
|
|
|
* License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
*/
|
|
|
|
|
namespace vierbergenlars\AuthserverOAuthAccountBundle\EventListener;
|
|
|
|
|
|
|
|
|
|
use Registration\Event\RegistrationHandleEvent;
|
|
|
|
|
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
|
|
|
|
|
use Registration\RegistrationEvents;
|
|
|
|
|
use Registration\Event\RegistrationFormEvent;
|
|
|
|
|
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
|
|
|
|
|
use vierbergenlars\AuthserverOAuthAccountBundle\Entity\TemporaryUser;
|
|
|
|
|
use Doctrine\ORM\EntityManagerInterface;
|
|
|
|
|
use App\Entity\EmailAddress;
|
|
|
|
|
use vierbergenlars\AuthserverOAuthAccountBundle\ResourceOwner\ResourceOwnerMap;
|
|
|
|
|
use EmailRulesBundle\EmailHandler\EmailRules;
|
|
|
|
|
use Registration\RegistrationHandler\RegistrationRules;
|
|
|
|
|
|
|
|
|
|
class RegistrationHandlerListener implements EventSubscriberInterface
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
|
* @var TokenStorageInterface
|
|
|
|
|
*/
|
|
|
|
|
private $tokenStorage;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
|
* @var EntityManagerInterface
|
|
|
|
|
*/
|
|
|
|
|
private $em;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
|
* @var ResourceOwnerMap
|
|
|
|
|
*/
|
|
|
|
|
private $resourceOwnerMap;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
|
* @var EmailRules|null
|
|
|
|
|
*/
|
|
|
|
|
private $emailRules;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
|
* @var RegistrationRules|null
|
|
|
|
|
*/
|
|
|
|
|
private $registrationRules;
|
|
|
|
|
|
|
|
|
|
public static function getSubscribedEvents()
|
|
|
|
|
{
|
|
|
|
|
return [
|
|
|
|
|
RegistrationEvents::BUILD_FORM => [
|
|
|
|
|
'onBuildForm',
|
|
|
|
|
10
|
|
|
|
|
],
|
|
|
|
|
RegistrationEvents::HANDLE_FORM => [
|
|
|
|
|
'onHandleForm',
|
|
|
|
|
0
|
|
|
|
|
]
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function __construct(EntityManagerInterface $em, TokenStorageInterface $tokenStorage, ResourceOwnerMap $resourceOwnerMap, EmailRules $emailRules = null, RegistrationRules $registrationRules = null)
|
|
|
|
|
{
|
|
|
|
|
$this->em = $em;
|
|
|
|
|
$this->tokenStorage = $tokenStorage;
|
|
|
|
|
$this->resourceOwnerMap = $resourceOwnerMap;
|
|
|
|
|
$this->emailRules = $emailRules;
|
|
|
|
|
$this->registrationRules = $registrationRules;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private function getTemporaryUser()
|
|
|
|
|
{
|
|
|
|
|
$token = $this->tokenStorage->getToken();
|
|
|
|
|
if (!$token)
|
|
|
|
|
return null;
|
|
|
|
|
$user = $token->getUser();
|
|
|
|
|
if ($user instanceof TemporaryUser)
|
|
|
|
|
return $user;
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function onBuildForm(RegistrationFormEvent $event)
|
|
|
|
|
{
|
|
|
|
|
if ($tempuser = $this->getTemporaryUser()) {
|
|
|
|
|
if ($tempuser->getEmail()) {
|
|
|
|
|
if ($this->emailRules) {
|
|
|
|
|
$rule = $this->emailRules->getFirstRuleMatching($tempuser->getEmail());
|
|
|
|
|
if ($rule && $rule->isReject()) {
|
|
|
|
|
// Do not fill in an email address that will get rejected anyways.
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if ($this->registrationRules) {
|
|
|
|
|
$rule = $this->registrationRules->getFirstRuleMatching($tempuser->getEmail());
|
|
|
|
|
if (!$rule || !$rule->isSelfRegistration()) {
|
|
|
|
|
// Do not fill in an email address that is not elegible for self registration.
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$user = $event->getFormBuilder()->getData();
|
|
|
|
|
/* @var $user \App\Entity\User */
|
|
|
|
|
if (!$user->getPrimaryEmailAddress())
|
|
|
|
|
$user->addEmailAddress(new EmailAddress());
|
|
|
|
|
$user->getPrimaryEmailAddress()->setEmail($tempuser->getEmail());
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function onHandleForm(RegistrationHandleEvent $event)
|
|
|
|
|
{
|
|
|
|
|
if ($event->isFailed())
|
|
|
|
|
return;
|
|
|
|
|
$user = $event->getForm()->getData();
|
|
|
|
|
if (!$user)
|
|
|
|
|
return;
|
|
|
|
|
/* @var $user \App\Entity\User */
|
|
|
|
|
if ($temporaryUser = $this->getTemporaryUser()) {
|
|
|
|
|
if (!$this->resourceOwnerMap->getOwnerFromExternalUser($temporaryUser->getExternalUser())
|
|
|
|
|
->isTrustEmailVerification())
|
|
|
|
|
return;
|
|
|
|
|
if ($temporaryUser->getEmail() && $temporaryUser->getEmail() === $user->getPrimaryEmailAddress()->getEmail()) {
|
|
|
|
|
$user->getPrimaryEmailAddress()->setVerified(true);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
