add identity_provider id scope

2024-09-16 11:03:24 +02:00 · 2024-09-16 11:03:24 +02:00 · 1e9982927a
commit 1e9982927a
parent 2d37cfbfb8
2 changed files with 7 additions and 1 deletions
--- a/app/controllers/agent_connect/agent_controller.rb
+++ b/app/controllers/agent_connect/agent_controller.rb
@ -5,6 +5,8 @@ class AgentConnect::AgentController < ApplicationController
  before_action :redirect_to_login_if_fc_aborted, only: [:callback]
  before_action :check_state, only: [:callback]

+  MON_COMPTE_PRO_IDP_ID = "71144ab3-ee1a-4401-b7b3-79b44f7daeeb"
+
  STATE_COOKIE_NAME = :agentConnect_state
  NONCE_COOKIE_NAME = :agentConnect_nonce

@ -24,6 +26,10 @@ class AgentConnect::AgentController < ApplicationController
    user_info, id_token = AgentConnectService.user_info(params[:code], cookies.encrypted[NONCE_COOKIE_NAME])
    cookies.delete NONCE_COOKIE_NAME

+    if user_info['idp_id'] == MON_COMPTE_PRO_IDP_ID
+      # MON COMPTE PRO !
+    end
+
    instructeur = Instructeur.find_by(users: { email: santized_email(user_info) })

    if instructeur.nil?
--- a/app/services/agent_connect_service.rb
+++ b/app/services/agent_connect_service.rb
@ -14,7 +14,7 @@ class AgentConnectService
    nonce = SecureRandom.hex(16)

    uri = client.authorization_uri(
-      scope: [:openid, :email, :given_name, :usual_name, :organizational_unit, :belonging_population, :siret],
+      scope: [:openid, :email, :given_name, :usual_name, :organizational_unit, :belonging_population, :siret, :idp_id],
      state:,
      nonce:,
      acr_values: 'eidas1'