store id_token

This commit is contained in:
simon lehericey 2024-03-18 10:35:41 +01:00
parent c1171cfd8b
commit 31b84fd770
3 changed files with 9 additions and 7 deletions

View file

@ -19,22 +19,22 @@ class AgentConnect::AgentController < ApplicationController
end
def callback
user_info = AgentConnectService.user_info(params[:code], cookies.encrypted[NONCE_COOKIE_NAME])
user_info, id_token = AgentConnectService.user_info(params[:code], cookies.encrypted[NONCE_COOKIE_NAME])
cookies.encrypted[NONCE_COOKIE_NAME] = nil
instructeur = Instructeur.find_by(agent_connect_id: user_info['sub'])
if instructeur.nil?
instructeur = Instructeur.find_by(users: { email: santized_email(user_info) })
instructeur&.update(agent_connect_id: user_info['sub'])
end
if instructeur.nil?
user = User.create_or_promote_to_instructeur(santized_email(user_info), Devise.friendly_token[0, 20])
instructeur = user.instructeur
instructeur.update(agent_connect_id: user_info['sub'])
end
instructeur.update(agent_connect_id: user_info['sub'], agent_connect_id_token: id_token)
aci = AgentConnectInformation.find_or_initialize_by(instructeur:)
aci.update(user_info.slice('given_name', 'usual_name', 'email', 'sub', 'siret', 'organizational_unit', 'belonging_population', 'phone'))

View file

@ -35,9 +35,7 @@ class AgentConnectService
nonce: nonce
)
access_token
.userinfo!
.raw_attributes
[access_token.userinfo!.raw_attributes, access_token.id_token]
end
private

View file

@ -20,6 +20,7 @@ describe AgentConnect::AgentController, type: :controller do
let(:email) { 'i@email.com' }
let(:original_state) { 'original_state' }
let(:nonce) { 'nonce' }
let(:id_token) { 'id_token' }
subject { get :callback, params: { code: code, state: state } }
before do
@ -34,7 +35,7 @@ describe AgentConnect::AgentController, type: :controller do
context 'and user_info returns some info' do
before do
expect(AgentConnectService).to receive(:user_info).with(code, nonce).and_return(user_info)
expect(AgentConnectService).to receive(:user_info).with(code, nonce).and_return([user_info, id_token])
end
context 'and the instructeur does not have an account yet' do
@ -50,6 +51,7 @@ describe AgentConnect::AgentController, type: :controller do
expect(last_user.email).to eq(email)
expect(last_user.confirmed_at).to be_present
expect(last_user.instructeur.agent_connect_id).to eq('sub')
expect(last_user.instructeur.agent_connect_id_token).to eq('id_token')
expect(response).to redirect_to(instructeur_procedures_path)
expect(state_cookie).to be_nil
expect(nonce_cookie).to be_nil
@ -69,6 +71,7 @@ describe AgentConnect::AgentController, type: :controller do
instructeur.reload
expect(instructeur.agent_connect_id).to eq('sub')
expect(instructeur.agent_connect_id_token).to eq('id_token')
expect(response).to redirect_to(instructeur_procedures_path)
end
end
@ -86,6 +89,7 @@ describe AgentConnect::AgentController, type: :controller do
instructeur = user.reload.instructeur
expect(instructeur.agent_connect_id).to eq('sub')
expect(instructeur.agent_connect_id_token).to eq('id_token')
expect(response).to redirect_to(instructeur_procedures_path)
end
end