manage AgentConnect callback

2021-11-19 15:24:54 +01:00 · 2021-11-19 15:24:54 +01:00 · 5234a1854c
commit 5234a1854c
parent 1926a630f9
4 changed files with 46 additions and 1 deletions
--- a/app/controllers/agent_connect/agent_controller.rb
+++ b/app/controllers/agent_connect/agent_controller.rb
@ -1,3 +1,4 @@
+# doc: https://github.com/france-connect/Documentation-AgentConnect
 class AgentConnect::AgentController < ApplicationController
  def index
  end
@ -5,4 +6,35 @@ class AgentConnect::AgentController < ApplicationController
  def login
    redirect_to AgentConnectService.authorization_uri
  end
+
+  def callback
+    user_info = AgentConnectService.user_info(params[:code])
+
+    instructeur = Instructeur.find_by(agent_connect_id: user_info['sub'])
+
+    if instructeur.nil?
+      instructeur = Instructeur.find_by(users: { email: santized_email(user_info) })
+      instructeur&.update(agent_connect_id: user_info['sub'])
+    end
+
+    if instructeur.nil?
+      user = User.create_or_promote_to_instructeur(santized_email(user_info), Devise.friendly_token[0, 20])
+      instructeur = user.instructeur
+      instructeur.update(agent_connect_id: user_info['sub'])
+    end
+
+    sign_in(:user, instructeur.user)
+
+    redirect_to instructeur_procedures_path
+
+  rescue Rack::OAuth2::Client::Error => e
+    Rails.logger.error e.message
+    redirect_france_connect_error_connection
+  end
+
+  private
+
+  def santized_email(user_info)
+    user_info['email'].strip.downcase
+  end
 end
--- a/app/models/agent_connect_client.rb
+++ b/app/models/agent_connect_client.rb
@ -1,5 +1,9 @@
 class AgentConnectClient < OpenIDConnect::Client
-  def initialize
+  def initialize(code = nil)
    super(AGENT_CONNECT)
+
+    if code.present?
+      self.authorization_code = code
+    end
  end
 end
--- a/app/services/agent_connect_service.rb
+++ b/app/services/agent_connect_service.rb
@ -13,4 +13,12 @@ class AgentConnectService
      acr_values: 'eidas1'
    )
  end
+
+  def self.user_info(code)
+    client = AgentConnectClient.new(code)
+
+    client.access_token!(client_auth_method: :secret)
+      .userinfo!
+      .raw_attributes
+  end
 end
--- a/config/routes.rb
+++ b/config/routes.rb
@ -132,6 +132,7 @@ Rails.application.routes.draw do
  namespace :agent_connect do
    get '' => 'agent#index'
    get 'login' => 'agent#login'
+    get 'callback' => 'agent#callback'
  end

  namespace :champs do