DGNum/demarches-normaliennes
13
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Merge pull request #10135 from demarches-simplifiees/agent_connect_logout

Browse source 
ETQ instructeur agent connecté, me déconnecter me déconnecte également d'agent connect
This commit is contained in:
LeSim 2024-03-18 13:11:03 +00:00 committed by GitHub
commit 78462841cc
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
10 changed files with 53 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
app/controllers/agent_connect/agent_controller.rb
View file

@ -19,22 +19,22 @@ class AgentConnect::AgentController < ApplicationController
end
def callback
user_info = AgentConnectService.user_info(params[:code], cookies.encrypted[NONCE_COOKIE_NAME])
user_info, id_token = AgentConnectService.user_info(params[:code], cookies.encrypted[NONCE_COOKIE_NAME])
cookies.encrypted[NONCE_COOKIE_NAME] = nil
instructeur = Instructeur.find_by(agent_connect_id: user_info['sub'])
if instructeur.nil?
instructeur = Instructeur.find_by(users: { email: santized_email(user_info) })
instructeur&.update(agent_connect_id: user_info['sub'])
end
if instructeur.nil?
user = User.create_or_promote_to_instructeur(santized_email(user_info), Devise.friendly_token[0, 20])
instructeur = user.instructeur
instructeur.update(agent_connect_id: user_info['sub'])
end
instructeur.update(agent_connect_id: user_info['sub'], agent_connect_id_token: id_token)
aci = AgentConnectInformation.find_or_initialize_by(instructeur:)
aci.update(user_info.slice('given_name', 'usual_name', 'email', 'sub', 'siret', 'organizational_unit', 'belonging_population', 'phone'))

27
app/controllers/users/sessions_controller.rb
View file

@ -44,14 +44,19 @@ class Users::SessionsController < Devise::SessionsController
def destroy
if user_signed_in?
connected_with_france_connect = current_user.loged_in_with_france_connect
current_user.update(loged_in_with_france_connect: '')
agent_connect_id_token = current_user&.instructeur&.agent_connect_id_token
current_user.update(loged_in_with_france_connect: nil)
current_user&.instructeur&.update(agent_connect_id_token: nil)
sign_out :user
case connected_with_france_connect
when User.loged_in_with_france_connects.fetch(:particulier)
redirect_to FRANCE_CONNECT[:particulier][:logout_endpoint], allow_other_host: true
return
if connected_with_france_connect == User.loged_in_with_france_connects.fetch(:particulier)
return redirect_to FRANCE_CONNECT[:particulier][:logout_endpoint], allow_other_host: true
end
if agent_connect_id_token.present?
return redirect_to build_agent_connect_logout_url(agent_connect_id_token), allow_other_host: true
end
end
@ -95,4 +100,16 @@ class Users::SessionsController < Devise::SessionsController
redirect_to link_sent_path(email: instructeur.email)
end
end
# agent connect callback
def logout
redirect_to root_path, notice: I18n.t('devise.sessions.signed_out')
end
private
def build_agent_connect_logout_url(id_token)
h = { id_token_hint: id_token, post_logout_redirect_uri: logout_url }
"#{ENV['AGENT_CONNECT_BASE_URL']}/api/v2/session/end?#{h.to_query}"
end
end

4
app/services/agent_connect_service.rb
View file

@ -35,9 +35,7 @@ class AgentConnectService
nonce: nonce
)
access_token
.userinfo!
.raw_attributes
[access_token.userinfo!.raw_attributes, access_token.id_token]
end
private

1
config/locales/devise.en.yml
View file

@ -5,3 +5,4 @@ en:
request_new_password: Request new password
sessions:
signed_in_multiple_profile: "You are connected ! You can switch between your multiple profiles : %{roles}."
signed_out: You are now disconnected.

1
config/locales/devise.fr.yml
View file

@ -5,3 +5,4 @@ fr:
request_new_password: Demander un nouveau mot de passe
sessions:
signed_in_multiple_profile: "Vous êtes connecté(e) ! Vous pouvez à tout moment alterner entre vos différents profils : %{roles}."
signed_out: Vous êtes maintenant déconnecté(e).

1
config/routes.rb
View file

@ -155,6 +155,7 @@ Rails.application.routes.draw do
get 'lien-envoye' => 'users/sessions#link_sent', as: 'link_sent'
post '/instructeurs/reset-link-sent' => 'users/sessions#reset_link_sent'
get '/users/password/reset-link-sent' => 'users/passwords#reset_link_sent'
get 'logout' => 'users/sessions#logout'
end
get 'password_complexity' => 'password_complexity#show', as: 'show_password_complexity'

5
db/migrate/20240318092147_add_agent_connect_id_token_column_to_instructeur_table.rb Normal file
View file

@ -0,0 +1,5 @@
class AddAgentConnectIdTokenColumnToInstructeurTable < ActiveRecord::Migration[7.0]
def change
add_column :instructeurs, :agent_connect_id_token, :string
end
end

3
db/schema.rb
View file

@ -10,7 +10,7 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema[7.0].define(version: 2024_03_16_065520) do
ActiveRecord::Schema[7.0].define(version: 2024_03_18_092147) do
# These are extensions that must be enabled in order to support this database
enable_extension "pgcrypto"
enable_extension "plpgsql"
@ -763,6 +763,7 @@ ActiveRecord::Schema[7.0].define(version: 2024_03_16_065520) do
create_table "instructeurs", id: :serial, force: :cascade do |t|
t.string "agent_connect_id"
t.string "agent_connect_id_token"
t.boolean "bypass_email_login_token", default: false, null: false
t.datetime "created_at", precision: nil
t.text "encrypted_login_token"

6
spec/controllers/agent_connect/agent_controller_spec.rb
View file

@ -20,6 +20,7 @@ describe AgentConnect::AgentController, type: :controller do
let(:email) { 'i@email.com' }
let(:original_state) { 'original_state' }
let(:nonce) { 'nonce' }
let(:id_token) { 'id_token' }
subject { get :callback, params: { code: code, state: state } }
before do
@ -34,7 +35,7 @@ describe AgentConnect::AgentController, type: :controller do
context 'and user_info returns some info' do
before do
expect(AgentConnectService).to receive(:user_info).with(code, nonce).and_return(user_info)
expect(AgentConnectService).to receive(:user_info).with(code, nonce).and_return([user_info, id_token])
end
context 'and the instructeur does not have an account yet' do
@ -50,6 +51,7 @@ describe AgentConnect::AgentController, type: :controller do
expect(last_user.email).to eq(email)
expect(last_user.confirmed_at).to be_present
expect(last_user.instructeur.agent_connect_id).to eq('sub')
expect(last_user.instructeur.agent_connect_id_token).to eq('id_token')
expect(response).to redirect_to(instructeur_procedures_path)
expect(state_cookie).to be_nil
expect(nonce_cookie).to be_nil
@ -69,6 +71,7 @@ describe AgentConnect::AgentController, type: :controller do
instructeur.reload
expect(instructeur.agent_connect_id).to eq('sub')
expect(instructeur.agent_connect_id_token).to eq('id_token')
expect(response).to redirect_to(instructeur_procedures_path)
end
end
@ -86,6 +89,7 @@ describe AgentConnect::AgentController, type: :controller do
instructeur = user.reload.instructeur
expect(instructeur.agent_connect_id).to eq('sub')
expect(instructeur.agent_connect_id_token).to eq('id_token')
expect(response).to redirect_to(instructeur_procedures_path)
end
end

12
spec/controllers/users/sessions_controller_spec.rb
View file

@ -81,6 +81,8 @@ describe Users::SessionsController, type: :controller do
describe '#destroy' do
let!(:user) { create(:user, email: email, password: password, loged_in_with_france_connect: loged_in_with_france_connect) }
let!(:instructeur) { create(:instructeur, user: user, agent_connect_id_token:) }
let(:agent_connect_id_token) { nil }
before do
sign_in user
@ -111,6 +113,16 @@ describe Users::SessionsController, type: :controller do
expect(response).to redirect_to(root_path)
end
end
context 'when user is connect with agent connect' do
let(:loged_in_with_france_connect) { nil }
let(:agent_connect_id_token) { 'qwerty' }
it 'redirect to agent connect logout page' do
expect(response.location).to include(agent_connect_id_token)
expect(instructeur.reload.agent_connect_id_token).to be_nil
end
end
end
describe '#new' do