demarches-normaliennes/app/models/france_connect_information.rb

# frozen_string_literal: true

class FranceConnectInformation < ApplicationRecord
  MERGE_VALIDITY = 15.minutes
  CONFIRMATION_EMAIL_VALIDITY = 2.days

  belongs_to :user, optional: true

  validates :france_connect_particulier_id, presence: true, allow_blank: false, allow_nil: false

  def safely_associate_user!(email)
    begin
      user = User.create!(
        email: email.downcase,
        password: Devise.friendly_token[0, 20],
        confirmed_at: Time.zone.now
      )
    rescue ActiveRecord::RecordNotUnique
      # ignore this exception because we check before if user is nil.
      # exception can be raised in race conditions, when FranceConnect calls callback 2 times.
      # At the 2nd call, user is nil but exception is raised at the creation of the user
      # because the first call has already created a user
    end

    clean_tokens_and_requested_email
    update_attribute('user_id', user.id)
    save!
  end

  def safely_update_user(user:)
    self.user = user
    clean_tokens_and_requested_email
    save!
  end

  def send_custom_confirmation_instructions
    token = SecureRandom.hex(10)
    user.update!(confirmation_token: token, confirmation_sent_at: Time.zone.now)
    UserMailer.custom_confirmation_instructions(user, token).deliver_later
  end

  def create_merge_token!
    merge_token = SecureRandom.uuid
    update(merge_token:, merge_token_created_at: Time.zone.now)

    merge_token
  end

  def create_email_merge_token!
    email_merge_token = SecureRandom.uuid
    update(email_merge_token:, email_merge_token_created_at: Time.zone.now)

    email_merge_token
  end

  def valid_for_merge?
    (MERGE_VALIDITY.ago < merge_token_created_at) && user_id.nil?
  end

  def valid_for_email_merge?
    (MERGE_VALIDITY.ago < email_merge_token_created_at) && user_id.nil?
  end

  def delete_email_merge_token!
    update(email_merge_token: nil, email_merge_token_created_at: nil)
  end

  def clean_tokens_and_requested_email
    self.merge_token = nil
    self.merge_token_created_at = nil
    self.email_merge_token = nil
    self.email_merge_token_created_at = nil
    self.requested_email = nil
  end

  def full_name
    [given_name, family_name].compact.join(" ")
  end
end
chore: enable freeze string literals by comment 2024-04-29 00:17:15 +02:00			`# frozen_string_literal: true`

Enable some Rails cops 2018-03-06 13:44:29 +01:00			`class FranceConnectInformation < ApplicationRecord`
Add fci valid_for_merge 2021-10-13 00:14:12 +02:00			`MERGE_VALIDITY = 15.minutes`
Model FC : au lieu de valider le mail on envoie une demande de confirmation par mail 2024-07-01 16:41:02 +02:00			`CONFIRMATION_EMAIL_VALIDITY = 2.days`
Add fci valid_for_merge 2021-10-13 00:14:12 +02:00
models: explicitly mark optional `belongs_to` relationship as so This prepares making the `belongs_to` relationship required by default. 2020-07-20 16:06:03 +02:00			`belongs_to :user, optional: true`
- Add FranceConnectInformation table to make safe FranceConnect pivot identity. - Adapt source code with the new table 2016-01-21 17:06:09 +01:00
			`validates :france_connect_particulier_id, presence: true, allow_blank: false, allow_nil: false`
disable france connect authentication for admin and instructeurs 2021-02-01 14:28:04 +01:00
readapt name and logic 2024-07-31 17:50:14 +02:00			`def safely_associate_user!(email)`
Sign in with a user linked by france connect sub (openid) instead of looking linked user by email because : - follows FC recommendation to fetch ds account by openid - the email is not a valid key as many user can share the same FCI email. The following scenario is now working A user A (email: 1@mail.com) uses FC to connect to DS => It is connected as 1@mail.com Another user B (email: generic@mail.com) uses FC to connect => It is connected as generic@mail.com The first user A change its FC email to generic@mail.com and connect to DS => It is still connected as 1@mail.com 2021-10-11 11:39:14 +02:00			`begin`
			`user = User.create!(`
associate_user take a target email 2021-10-13 00:18:00 +02:00			`email: email.downcase,`
Sign in with a user linked by france connect sub (openid) instead of looking linked user by email because : - follows FC recommendation to fetch ds account by openid - the email is not a valid key as many user can share the same FCI email. The following scenario is now working A user A (email: 1@mail.com) uses FC to connect to DS => It is connected as 1@mail.com Another user B (email: generic@mail.com) uses FC to connect => It is connected as generic@mail.com The first user A change its FC email to generic@mail.com and connect to DS => It is still connected as 1@mail.com 2021-10-11 11:39:14 +02:00			`password: Devise.friendly_token[0, 20],`
			`confirmed_at: Time.zone.now`
			`)`
			`rescue ActiveRecord::RecordNotUnique`
Model FC : au lieu de valider le mail on envoie une demande de confirmation par mail 2024-07-01 16:41:02 +02:00			`# ignore this exception because we check before if user is nil.`
Sign in with a user linked by france connect sub (openid) instead of looking linked user by email because : - follows FC recommendation to fetch ds account by openid - the email is not a valid key as many user can share the same FCI email. The following scenario is now working A user A (email: 1@mail.com) uses FC to connect to DS => It is connected as 1@mail.com Another user B (email: generic@mail.com) uses FC to connect => It is connected as generic@mail.com The first user A change its FC email to generic@mail.com and connect to DS => It is still connected as 1@mail.com 2021-10-11 11:39:14 +02:00			`# exception can be raised in race conditions, when FranceConnect calls callback 2 times.`
			`# At the 2nd call, user is nil but exception is raised at the creation of the user`
			`# because the first call has already created a user`
disable france connect authentication for admin and instructeurs 2021-02-01 14:28:04 +01:00			`end`

readapt name and logic 2024-07-31 17:50:14 +02:00			`clean_tokens_and_requested_email`
disable france connect authentication for admin and instructeurs 2021-02-01 14:28:04 +01:00			`update_attribute('user_id', user.id)`
readapt name and logic 2024-07-31 17:50:14 +02:00			`save!`
disable france connect authentication for admin and instructeurs 2021-02-01 14:28:04 +01:00			`end`
Add fci valid_for_merge 2021-10-13 00:14:12 +02:00
readapt name and logic 2024-07-31 17:50:14 +02:00			`def safely_update_user(user:)`
			`self.user = user`
			`clean_tokens_and_requested_email`
			`save!`
			`end`

			`def send_custom_confirmation_instructions`
Model FC : au lieu de valider le mail on envoie une demande de confirmation par mail 2024-07-01 16:41:02 +02:00			`token = SecureRandom.hex(10)`
			`user.update!(confirmation_token: token, confirmation_sent_at: Time.zone.now)`
			`UserMailer.custom_confirmation_instructions(user, token).deliver_later`
			`end`

create_merge_token! 2021-10-13 00:40:15 +02:00			`def create_merge_token!`
			`merge_token = SecureRandom.uuid`
style 2024-01-11 10:44:27 +01:00			`update(merge_token:, merge_token_created_at: Time.zone.now)`
create_merge_token! 2021-10-13 00:40:15 +02:00
			`merge_token`
			`end`

add email_merge_token to france connect information 2024-01-10 12:43:17 +01:00			`def create_email_merge_token!`
			`email_merge_token = SecureRandom.uuid`
			`update(email_merge_token:, email_merge_token_created_at: Time.zone.now)`

			`email_merge_token`
			`end`

Add fci valid_for_merge 2021-10-13 00:14:12 +02:00			`def valid_for_merge?`
			`(MERGE_VALIDITY.ago < merge_token_created_at) && user_id.nil?`
			`end`
merge with an existing account by using the password 2021-10-13 09:23:40 +02:00
add email_merge_token to france connect information 2024-01-10 12:43:17 +01:00			`def valid_for_email_merge?`
			`(MERGE_VALIDITY.ago < email_merge_token_created_at) && user_id.nil?`
			`end`

			`def delete_email_merge_token!`
			`update(email_merge_token: nil, email_merge_token_created_at: nil)`
			`end`

readapt name and logic 2024-07-31 17:50:14 +02:00			`def clean_tokens_and_requested_email`
			`self.merge_token = nil`
			`self.merge_token_created_at = nil`
			`self.email_merge_token = nil`
			`self.email_merge_token_created_at = nil`
			`self.requested_email = nil`
			`end`

style(france_connect_account): convert notice about FC user to DSFR 2022-09-13 14:27:07 +02:00			`def full_name`
			`[given_name, family_name].compact.join(" ")`
			`end`
Files should end with a new line 2017-04-04 15:27:04 +02:00			`end`