demarches-normaliennes/app/controllers/agent_connect/agent_controller.rb

72 lines
2.2 KiB
Ruby
Raw Normal View History

2021-11-19 15:24:54 +01:00
# doc: https://github.com/france-connect/Documentation-AgentConnect
2021-11-19 10:00:04 +01:00
class AgentConnect::AgentController < ApplicationController
2021-11-19 15:24:54 +01:00
before_action :redirect_to_login_if_fc_aborted, only: [:callback]
2022-04-11 13:11:04 +02:00
before_action :check_state, only: [:callback]
STATE_COOKIE_NAME = :agentConnect_state
2022-04-11 13:11:54 +02:00
NONCE_COOKIE_NAME = :agentConnect_nonce
2021-11-19 15:24:54 +01:00
2021-11-19 10:00:04 +01:00
def index
end
2021-11-19 10:21:47 +01:00
def login
2022-04-11 13:11:54 +02:00
uri, state, nonce = AgentConnectService.authorization_uri
2022-04-11 13:11:04 +02:00
2024-07-03 11:54:10 +02:00
cookies.encrypted[STATE_COOKIE_NAME] = { value: state, secure: Rails.env.production?, httponly: true }
cookies.encrypted[NONCE_COOKIE_NAME] = { value: nonce, secure: Rails.env.production?, httponly: true }
2022-04-11 13:11:04 +02:00
redirect_to uri, allow_other_host: true
2021-11-19 10:21:47 +01:00
end
2021-11-19 15:24:54 +01:00
def callback
2024-03-18 10:35:41 +01:00
user_info, id_token = AgentConnectService.user_info(params[:code], cookies.encrypted[NONCE_COOKIE_NAME])
cookies.delete NONCE_COOKIE_NAME
2021-11-19 15:24:54 +01:00
instructeur = Instructeur.find_by(users: { email: santized_email(user_info) })
2021-11-19 15:24:54 +01:00
if instructeur.nil?
user = User.create_or_promote_to_instructeur(santized_email(user_info), Devise.friendly_token[0, 20], agent_connect: true)
2021-11-19 15:24:54 +01:00
instructeur = user.instructeur
end
instructeur.update(agent_connect_id_token: id_token)
2024-03-18 10:35:41 +01:00
aci = AgentConnectInformation.find_or_initialize_by(instructeur:, sub: user_info['sub'])
aci.update(user_info.slice('given_name', 'usual_name', 'email', 'sub', 'siret', 'organizational_unit', 'belonging_population', 'phone'))
2021-11-19 15:24:54 +01:00
sign_in(:user, instructeur.user)
redirect_to instructeur_procedures_path
rescue Rack::OAuth2::Client::Error => e
Rails.logger.error e.message
redirect_france_connect_error_connection
end
private
def santized_email(user_info)
user_info['email'].strip.downcase
end
2021-11-19 15:24:54 +01:00
def redirect_to_login_if_fc_aborted
if params[:code].blank?
redirect_to new_user_session_path
end
end
def redirect_france_connect_error_connection
flash.alert = t('errors.messages.france_connect.connexion')
redirect_to(new_user_session_path)
end
2022-04-11 13:11:04 +02:00
def check_state
if cookies.encrypted[STATE_COOKIE_NAME] != params[:state]
flash.alert = t('errors.messages.france_connect.connexion')
redirect_to(new_user_session_path)
else
cookies.delete STATE_COOKIE_NAME
2022-04-11 13:11:04 +02:00
end
end
2021-11-19 10:00:04 +01:00
end