Move account disconnecting from oauth account to external account

7 years ago · 095c8eea71
parent fce2ca821b
commit 095c8eea71
5 changed files with 53 additions and 79 deletions
--- a/Controller/ConnectController.php
+++ b/Controller/ConnectController.php
@ -18,20 +18,14 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
-
 namespace vierbergenlars\AuthserverOAuthAccountBundle\Controller;

-use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\HttpFoundation\Response;
-use Symfony\Component\Form\Extension\Core\Type\FormType;
-use vierbergenlars\AuthserverExternalAccountBundle\Entity\ExternalUser;
-use HWI\Bundle\OAuthBundle\Security\Core\Authentication\Token\OAuthToken;
 use HWI\Bundle\OAuthBundle\Controller\ConnectController as BaseConnectController;
-use vierbergenlars\AuthserverExternalAccountBundle\ExternalAccount\ExternalAccountProviderManager;
-use vierbergenlars\AuthserverOAuthAccountBundle\DependencyInjection\AuthserverOAuthAccountExtension;
+use Symfony\Component\HttpFoundation\Response;

 class ConnectController extends BaseConnectController
 {
+
    protected function render($view, array $parameters = [], Response $response = null)
    {
        if ($view === 'HWIOAuthBundle:Connect:connect_success.html.twig')
@ -39,42 +33,8 @@ class ConnectController extends BaseConnectController

        $externalAccountProviderManager = $this->container->get('vierbergenlars.authserver_external_account.account_provider_manager');

-        return parent::render($view, $parameters + ['externalAccountProviderManager' => $externalAccountProviderManager], $response);
-    }
-
-    public function disconnectServiceAction(Request $request, ExternalUser $externalUser)
-    {
-        if($externalUser->getUser() !== $this->getUser())
-            throw $this->createAccessDeniedException();
-        $token = $this->getToken();
-        if($token instanceof OAuthToken) {
-            if('oauth_'.$token->getResourceOwnerName() === $externalUser->getProvider()) {
-                $resourceOwnerMap = $this->get('hwi_oauth.resource_ownermap.public');
-                /* @var $resourceOwnerMap \HWI\Bundle\OAuthBundle\Security\Http\ResourceOwnerMap */
-                $resourceOwner = $resourceOwnerMap->getResourceOwnerByName($token->getResourceOwnerName());
-                $userInfo = $resourceOwner->getUserInformation($token->getRawToken());
-
-                if($userInfo->getUsername() == $externalUser->getProviderRef()) {
-                    throw $this->createAccessDeniedException('You can not disconnect the external user you are currently authenticated with.');
-                }
-
-            }
-        }
-
-
-        $form = $this->createForm(FormType::class);
-        $form->handleRequest($request);
-
-        if($form->isSubmitted() && $form->isValid()) {
-            $this->container->get('hwi_oauth.account.connector')->disconnect($externalUser);
-
-            return $this->redirectToRoute('user_profile');
-        }
-
-        return $this->render('AuthserverOAuthAccountBundle:Connect:disconnect_service.html.twig', [
-            'externalUser' => $externalUser,
-            'form' => $form->createView(),
-        ]);
-
+        return parent::render($view, $parameters + [
+            'externalAccountProviderManager' => $externalAccountProviderManager
+        ], $response);
    }
 }
--- a/ExternalAccount/OAuthExternalAccountProvider.php
+++ b/ExternalAccount/OAuthExternalAccountProvider.php
@ -20,11 +20,15 @@
 namespace vierbergenlars\AuthserverOAuthAccountBundle\ExternalAccount;

 use HWI\Bundle\OAuthBundle\Security\OAuthUtils;
+use HWI\Bundle\OAuthBundle\Security\Core\Authentication\Token\OAuthToken;
 use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
+use Symfony\Component\Security\Core\Exception\AccessDeniedException;
+use vierbergenlars\AuthserverExternalAccountBundle\Entity\ExternalUser;
 use vierbergenlars\AuthserverExternalAccountBundle\ExternalAccount\ExternalAccountProviderInterface;
 use vierbergenlars\AuthserverExternalAccountBundle\ValueObject\Button;
-use vierbergenlars\AuthserverOAuthAccountBundle\ResourceOwner\ResourceOwnerConfig;
 use vierbergenlars\AuthserverOAuthAccountBundle\ResourceOwner\ResourceOwnerMap;
+use vierbergenlars\AuthserverOAuthAccountBundle\Security\Core\User\OAuthUserProvider;

 class OAuthExternalAccountProvider implements ExternalAccountProviderInterface
 {
@ -47,11 +51,32 @@ class OAuthExternalAccountProvider implements ExternalAccountProviderInterface
     */
    private $OAuthUtils;

-    public function __construct($name, ResourceOwnerMap $resourceOwnerMap, OAuthUtils $OAuthUtils)
+    /**
+     *
+     * @var OAuthUserProvider
+     */
+    private $userProvider;
+
+    /**
+     *
+     * @var TokenStorageInterface
+     */
+    private $tokenStorage;
+
+    /**
+     *
+     * @var \HWI\Bundle\OAuthBundle\Security\Http\ResourceOwnerMap
+     */
+    private $hwiResourceOwnerMap;
+
+    public function __construct($name, ResourceOwnerMap $resourceOwnerMap, OAuthUtils $OAuthUtils, OAuthUserProvider $userProvider, TokenStorageInterface $tokenStorage, \HWI\Bundle\OAuthBundle\Security\Http\ResourceOwnerMap $hwiResourceOwnerMap)
    {
        $this->resourceOwnerConfig = $resourceOwnerMap[$name];
        $this->name = $name;
        $this->OAuthUtils = $OAuthUtils;
+        $this->userProvider = $userProvider;
+        $this->tokenStorage = $tokenStorage;
+        $this->hwiResourceOwnerMap = $hwiResourceOwnerMap;
    }

    public function getName()
@ -93,6 +118,23 @@ class OAuthExternalAccountProvider implements ExternalAccountProviderInterface
        return true;
    }

+    public function disconnect(ExternalUser $externalUser)
+    {
+        $token = $this->tokenStorage->getToken();
+        if ($token instanceof OAuthToken) {
+            if ('oauth_' . $token->getResourceOwnerName() === $externalUser->getProvider()) {
+                $resourceOwner = $this->hwiResourceOwnerMap->getResourceOwnerByName($token->getResourceOwnerName());
+                $userInfo = $resourceOwner->getUserInformation($token->getRawToken());
+
+                if ($userInfo->getUsername() == $externalUser->getProviderRef()) {
+                    throw new AccessDeniedException('You can not disconnect the external user you are currently authenticated with.');
+                }
+            }
+        }
+
+        $this->userProvider->disconnect($externalUser);
+    }
+
    public function supports($externalProviderData)
    {
        return true;
--- a/Resources/config/routing.yml
+++ b/Resources/config/routing.yml
@ -6,10 +6,6 @@ hwi_oauth_connect:
    resource: "@HWIOAuthBundle/Resources/config/routing/connect.xml"
    prefix:   /usr/oauth/connect

-vierbergenlars_oauth_account_disconnect:
-    path: /usr/oauth/disconnect/{externalUser}
-    defaults:
-        _controller: AuthserverOAuthAccountBundle:Connect:disconnectService

 oauth_login_paths:
    resource: vierbergenlars.authserver_oauth_account.route_provider:getOAuthLoginPaths
--- a/Resources/config/services.xml
+++ b/Resources/config/services.xml
@ -38,6 +38,9 @@
            <argument />
            <argument type="service" id="vierbergenlars.authserver_oauth_account.resource_owner_map" />
            <argument type="service" id="hwi_oauth.security.oauth_utils" />
+            <argument type="service" id="vierbergenlars.authserver_oauth_account.user_provider" />
+            <argument type="service" id="security.token_storage"/>
+            <argument type="service" id="hwi_oauth.resource_ownermap.public" />
        </service>

        <service class="vierbergenlars\AuthserverOAuthAccountBundle\EventListener\RegistrationHandlerListener">
--- a/Resources/views/Connect/disconnect_service.html.twig
+++ b/Resources/views/Connect/disconnect_service.html.twig
@ -1,27 +0,0 @@
-{% extends '::base.html.twig' %}
-{% block title %}{{ parent() }} - Disconnect Account{% endblock %}
-{% block body %}
-    <div class="container">
-        <div class="row">
-            <div class="col-xs-12 col-sm-6 col-sm-offset-3 col-md-4 col-md-offset-4">
-                <div class="panel panel-primary">
-                    <div class="panel-heading">
-                        <h3 class="panel-title">Disconnecting</h3>
-                    </div>
-                    <div class="panel-body">
-                        <p>Are you sure you want to disconnect your {{ externalAccountProviderManager.getProviderForExternalUserUnsafe(externalUser).serviceName }} account "{{ externalUser.providerFriendlyName }}"?</p>
-                        <p>
-                            {{ form_start(form) }}
-                            {{ form_widget(form) }}
-                        <div>
-                            <button type="submit" class="btn btn-primary">Disconnect account</button>
-                            <a href="{{ path('user_profile') }}" class="btn btn-link">Cancel</a>
-                        </div>
-                        {{ form_end(form) }}
-                        </p>
-                    </div>
-                </div>
-            </div>
-        </div>
-    </div>
-{% endblock %}