bookstack/app/Access/Oidc/OidcUserDetails.php

<?php

namespace BookStack\Access\Oidc;

use Illuminate\Support\Arr;

class OidcUserDetails
{
    public function __construct(
        public ?string $externalId = null,
        public ?string $email = null,
        public ?string $name = null,
        public ?array $groups = null,
    ) {
    }

    /**
     * Check if the user details are fully populated for our usage.
     */
    public function isFullyPopulated(bool $groupSyncActive): bool
    {
        $hasEmpty = empty($this->externalId)
            || empty($this->email)
            || empty($this->name)
            || ($groupSyncActive && empty($this->groups));

        return !$hasEmpty;
    }

    /**
     * Populate user details from the given claim data.
     */
    public function populate(
        ProvidesClaims $claims,
        string $idClaim,
        string $displayNameClaims,
        string $groupsClaim,
    ): void {
        $this->externalId = $claims->getClaim($idClaim) ?? $this->externalId;
        $this->email = $claims->getClaim('email') ?? $this->email;
        $this->name = static::getUserDisplayName($displayNameClaims, $claims) ?? $this->name;
        $this->groups = static::getUserGroups($groupsClaim, $claims) ?? $this->groups;
    }

    protected static function getUserDisplayName(string $displayNameClaims, ProvidesClaims $token): string
    {
        $displayNameClaimParts = explode('|', $displayNameClaims);

        $displayName = [];
        foreach ($displayNameClaimParts as $claim) {
            $component = $token->getClaim(trim($claim)) ?? '';
            if ($component !== '') {
                $displayName[] = $component;
            }
        }

        return implode(' ', $displayName);
    }

    protected static function getUserGroups(string $groupsClaim, ProvidesClaims $token): array
    {
        if (empty($groupsClaim)) {
            return [];
        }

        $groupsList = Arr::get($token->getAllClaims(), $groupsClaim);
        if (!is_array($groupsList)) {
            return [];
        }

        return array_values(array_filter($groupsList, function ($val) {
            return is_string($val);
        }));
    }
}
OIDC: Extracted user detail handling to own OidcUserDetails class Allows a proper defined object instead of an array an extracts related logic out of OidcService. Updated userinfo to only be called if we're missing details. 2024-04-17 01:10:32 +08:00			`<?php`

			`namespace BookStack\Access\Oidc;`

			`use Illuminate\Support\Arr;`

			`class OidcUserDetails`
			`{`
			`public function __construct(`
			`public ?string $externalId = null,`
			`public ?string $email = null,`
			`public ?string $name = null,`
			`public ?array $groups = null,`
			`) {`
			`}`

			`/**`
			`* Check if the user details are fully populated for our usage.`
			`*/`
			`public function isFullyPopulated(bool $groupSyncActive): bool`
			`{`
			`$hasEmpty = empty($this->externalId)`
			`\|\| empty($this->email)`
			`\|\| empty($this->name)`
			`\|\| ($groupSyncActive && empty($this->groups));`

			`return !$hasEmpty;`
			`}`

			`/**`
OIDC Userinfo: Started writing tests to cover userinfo calling 2024-04-18 06:24:57 +08:00			`* Populate user details from the given claim data.`
OIDC: Extracted user detail handling to own OidcUserDetails class Allows a proper defined object instead of an array an extracts related logic out of OidcService. Updated userinfo to only be called if we're missing details. 2024-04-17 01:10:32 +08:00			`*/`
OIDC Userinfo: Added userinfo data validation, seperated from id token Wrapped userinfo response in its own class for additional handling and validation. Updated userdetails to take abstract claim data, to be populated by either userinfo data or id token data. 2024-04-18 01:23:58 +08:00			`public function populate(`
			`ProvidesClaims $claims,`
OIDC: Extracted user detail handling to own OidcUserDetails class Allows a proper defined object instead of an array an extracts related logic out of OidcService. Updated userinfo to only be called if we're missing details. 2024-04-17 01:10:32 +08:00			`string $idClaim,`
			`string $displayNameClaims,`
			`string $groupsClaim,`
OIDC Userinfo: Added userinfo data validation, seperated from id token Wrapped userinfo response in its own class for additional handling and validation. Updated userdetails to take abstract claim data, to be populated by either userinfo data or id token data. 2024-04-18 01:23:58 +08:00			`): void {`
			`$this->externalId = $claims->getClaim($idClaim) ?? $this->externalId;`
			`$this->email = $claims->getClaim('email') ?? $this->email;`
OIDC Userinfo: Started writing tests to cover userinfo calling 2024-04-18 06:24:57 +08:00			`$this->name = static::getUserDisplayName($displayNameClaims, $claims) ?? $this->name;`
OIDC Userinfo: Added userinfo data validation, seperated from id token Wrapped userinfo response in its own class for additional handling and validation. Updated userdetails to take abstract claim data, to be populated by either userinfo data or id token data. 2024-04-18 01:23:58 +08:00			`$this->groups = static::getUserGroups($groupsClaim, $claims) ?? $this->groups;`
OIDC: Extracted user detail handling to own OidcUserDetails class Allows a proper defined object instead of an array an extracts related logic out of OidcService. Updated userinfo to only be called if we're missing details. 2024-04-17 01:10:32 +08:00			`}`

OIDC Userinfo: Started writing tests to cover userinfo calling 2024-04-18 06:24:57 +08:00			`protected static function getUserDisplayName(string $displayNameClaims, ProvidesClaims $token): string`
OIDC: Extracted user detail handling to own OidcUserDetails class Allows a proper defined object instead of an array an extracts related logic out of OidcService. Updated userinfo to only be called if we're missing details. 2024-04-17 01:10:32 +08:00			`{`
			`$displayNameClaimParts = explode('\|', $displayNameClaims);`

			`$displayName = [];`
			`foreach ($displayNameClaimParts as $claim) {`
			`$component = $token->getClaim(trim($claim)) ?? '';`
			`if ($component !== '') {`
			`$displayName[] = $component;`
			`}`
			`}`

			`return implode(' ', $displayName);`
			`}`

OIDC Userinfo: Added userinfo data validation, seperated from id token Wrapped userinfo response in its own class for additional handling and validation. Updated userdetails to take abstract claim data, to be populated by either userinfo data or id token data. 2024-04-18 01:23:58 +08:00			`protected static function getUserGroups(string $groupsClaim, ProvidesClaims $token): array`
OIDC: Extracted user detail handling to own OidcUserDetails class Allows a proper defined object instead of an array an extracts related logic out of OidcService. Updated userinfo to only be called if we're missing details. 2024-04-17 01:10:32 +08:00			`{`
			`if (empty($groupsClaim)) {`
			`return [];`
			`}`

			`$groupsList = Arr::get($token->getAllClaims(), $groupsClaim);`
			`if (!is_array($groupsList)) {`
			`return [];`
			`}`

			`return array_values(array_filter($groupsList, function ($val) {`
			`return is_string($val);`
			`}));`
			`}`
			`}`