demarches-normaliennes/app/controllers/france_connect/particulier_controller.rb

class FranceConnect::ParticulierController < ApplicationController
  before_action :redirect_to_login_if_fc_aborted, only: [:callback]

  def login
    if FranceConnectService.enabled?
      redirect_to FranceConnectService.authorization_uri
    else
      redirect_to new_user_session_path
    end
  end

  def callback
    fci = FranceConnectService.find_or_retrieve_france_connect_information(params[:code])

    if fci.user.nil?
      fci.associate_user!(fci.email_france_connect)
    end

    user = fci.user

    if user.can_france_connect?
      connect_france_connect_particulier(user)
    else
      fci.destroy
      redirect_to new_user_session_path, alert: t('errors.messages.france_connect.forbidden_html', reset_link: new_user_password_path)
    end

  rescue Rack::OAuth2::Client::Error => e
    Rails.logger.error e.message
    redirect_france_connect_error_connection
  end

  private

  def redirect_to_login_if_fc_aborted
    if params[:code].blank?
      redirect_to new_user_session_path
    end
  end

  def connect_france_connect_particulier(user)
    if user_signed_in?
      sign_out :user
    end

    sign_in user

    user.update_attribute('loged_in_with_france_connect', User.loged_in_with_france_connects.fetch(:particulier))

    redirect_to stored_location_for(current_user) || root_path(current_user)
  end

  def redirect_france_connect_error_connection
    flash.alert = t('errors.messages.france_connect.connexion')
    redirect_to(new_user_session_path)
  end
end
Add FranceConnect Particulier Reactivate FranceConnect Entreprise 2015-12-24 10:12:23 +01:00			`class FranceConnect::ParticulierController < ApplicationController`
FC ParticulierController: move defense logic to before_action 2018-01-15 21:18:02 +01:00			`before_action :redirect_to_login_if_fc_aborted, only: [:callback]`

Add FranceConnect Particulier Reactivate FranceConnect Entreprise 2015-12-24 10:12:23 +01:00			`def login`
Feat: allow to disable France-Connect Refs: #5440 2020-08-01 10:33:38 +02:00			`if FranceConnectService.enabled?`
			`redirect_to FranceConnectService.authorization_uri`
			`else`
			`redirect_to new_user_session_path`
			`end`
Add FranceConnect Particulier Reactivate FranceConnect Entreprise 2015-12-24 10:12:23 +01:00			`end`

- Add FranceConnectInformation table to make safe FranceConnect pivot identity. - Adapt source code with the new table 2016-01-21 17:06:09 +01:00			`def callback`
disable france connect authentication for admin and instructeurs 2021-02-01 14:28:04 +01:00			`fci = FranceConnectService.find_or_retrieve_france_connect_information(params[:code])`
Sign in with a user linked by france connect sub (openid) instead of looking linked user by email because : - follows FC recommendation to fetch ds account by openid - the email is not a valid key as many user can share the same FCI email. The following scenario is now working A user A (email: 1@mail.com) uses FC to connect to DS => It is connected as 1@mail.com Another user B (email: generic@mail.com) uses FC to connect => It is connected as generic@mail.com The first user A change its FC email to generic@mail.com and connect to DS => It is still connected as 1@mail.com 2021-10-11 11:39:14 +02:00
			`if fci.user.nil?`
associate_user take a target email 2021-10-13 00:18:00 +02:00			`fci.associate_user!(fci.email_france_connect)`
Sign in with a user linked by france connect sub (openid) instead of looking linked user by email because : - follows FC recommendation to fetch ds account by openid - the email is not a valid key as many user can share the same FCI email. The following scenario is now working A user A (email: 1@mail.com) uses FC to connect to DS => It is connected as 1@mail.com Another user B (email: generic@mail.com) uses FC to connect => It is connected as generic@mail.com The first user A change its FC email to generic@mail.com and connect to DS => It is still connected as 1@mail.com 2021-10-11 11:39:14 +02:00			`end`
Add FranceConnect Particulier Reactivate FranceConnect Entreprise 2015-12-24 10:12:23 +01:00
refactor controller to avoid return 2021-10-11 11:30:45 +02:00			`user = fci.user`

			`if user.can_france_connect?`
			`connect_france_connect_particulier(user)`
			`else`
disable france connect authentication for admin and instructeurs 2021-02-01 14:28:04 +01:00			`fci.destroy`
			`redirect_to new_user_session_path, alert: t('errors.messages.france_connect.forbidden_html', reset_link: new_user_password_path)`
Add FranceConnect Particulier Reactivate FranceConnect Entreprise 2015-12-24 10:12:23 +01:00			`end`
FC ParticulierController: implement auto reconciliation based on user email 2018-01-16 12:08:50 +01:00
- Add FranceConnectInformation table to make safe FranceConnect pivot identity. - Adapt source code with the new table 2016-01-21 17:06:09 +01:00			`rescue Rack::OAuth2::Client::Error => e`
			`Rails.logger.error e.message`
			`redirect_france_connect_error_connection`
			`end`
Add FranceConnect Particulier Reactivate FranceConnect Entreprise 2015-12-24 10:12:23 +01:00
FC ParticulierController: create is private yep, I know this is strange 2018-01-15 14:37:28 +01:00			`private`

FC ParticulierController: move defense logic to before_action 2018-01-15 21:18:02 +01:00			`def redirect_to_login_if_fc_aborted`
france_connect: fix for params entirely missing from the callback Fix a Sentry exception encountered in production. 2019-05-09 13:54:50 +02:00			`if params[:code].blank?`
FC ParticulierController: move defense logic to before_action 2018-01-15 21:18:02 +01:00			`redirect_to new_user_session_path`
			`end`
			`end`

Add missing brackets around parameters in method definitions 2018-03-20 17:47:37 +01:00			`def connect_france_connect_particulier(user)`
Do one thing per line 2018-10-01 13:24:37 +02:00			`if user_signed_in?`
			`sign_out :user`
			`end`

Add FranceConnect Particulier Reactivate FranceConnect Entreprise 2015-12-24 10:12:23 +01:00			`sign_in user`

Use enum to the fullest with User.loged_in_with_france_connects 2018-08-28 11:41:37 +02:00			`user.update_attribute('loged_in_with_france_connect', User.loged_in_with_france_connects.fetch(:particulier))`
Add FranceConnect Particulier Reactivate FranceConnect Entreprise 2015-12-24 10:12:23 +01:00
FC ParticulierController: remove exotic route 2018-01-16 15:41:51 +01:00			`redirect_to stored_location_for(current_user) \|\| root_path(current_user)`
Add FranceConnect Particulier Reactivate FranceConnect Entreprise 2015-12-24 10:12:23 +01:00			`end`
- Add FranceConnectInformation table to make safe FranceConnect pivot identity. - Adapt source code with the new table 2016-01-21 17:06:09 +01:00
			`def redirect_france_connect_error_connection`
			`flash.alert = t('errors.messages.france_connect.connexion')`
			`redirect_to(new_user_session_path)`
			`end`
Files should end with a new line 2017-04-04 15:27:04 +02:00			`end`