You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
104 lines
3.3 KiB
PHTML
104 lines
3.3 KiB
PHTML
3 years ago
|
<?php
|
||
|
|
||
|
namespace Isekai\OIDC;
|
||
|
|
||
|
use ApiBase;
|
||
2 years ago
|
use MediaWiki\MediaWikiServices;
|
||
3 years ago
|
use Wikimedia\ParamValidator\ParamValidator;
|
||
|
|
||
2 years ago
|
class ApiOIDCWebhook extends ApiBase {
|
||
3 years ago
|
public function __construct( $main, $method ) {
|
||
|
parent::__construct( $main->getMain(), $method );
|
||
|
}
|
||
|
|
||
|
public function execute() {
|
||
2 years ago
|
$services = MediaWikiServices::getInstance();
|
||
|
$config = $services->getMainConfig();
|
||
|
$wgIsekaiOIDC = $config->get('IsekaiOIDC');
|
||
|
|
||
3 years ago
|
$queryValues = $this->getRequest()->getQueryValues();
|
||
|
$provider = '';
|
||
|
if (isset($queryValues['provider'])) {
|
||
|
$provider = $queryValues['provider'];
|
||
|
}
|
||
|
|
||
|
if (isset($wgIsekaiOIDC['webhookKey'])) {
|
||
|
if (!isset($queryValues['key']) || $queryValues['key'] !== $wgIsekaiOIDC['webhookKey']) {
|
||
3 years ago
|
$this->addError('isekaioidc-api-key error', '-1', [ 'provider' => $provider ]);
|
||
3 years ago
|
return;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
switch ($provider) {
|
||
|
case 'keycloak':
|
||
|
$this->keycloakCallback();
|
||
|
break;
|
||
|
default:
|
||
|
$this->addError('isekaioidc-api-provider-not-supported', '-1', [ 'provider' => $provider ]);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
private function keycloakCallback() {
|
||
2 years ago
|
$services = MediaWikiServices::getInstance();
|
||
|
$config = $services->getMainConfig();
|
||
|
$wgIsekaiOIDC = $config->get('IsekaiOIDC');
|
||
|
|
||
3 years ago
|
if (!$this->getRequest()->wasPosted()) {
|
||
2 years ago
|
$this->addError('isekaioidc-api-post-body-invalid');
|
||
|
return;
|
||
3 years ago
|
}
|
||
|
|
||
|
$postBody = $this->getRequest()->getRawPostString();
|
||
|
$postData = json_decode($postBody);
|
||
|
if (!$this->getRequest()->wasPosted() || !$postData) {
|
||
2 years ago
|
$this->addError('isekaioidc-api-post-body-invalid');
|
||
|
return;
|
||
3 years ago
|
}
|
||
|
$realm = $wgIsekaiOIDC['realm'];
|
||
2 years ago
|
$apiMode = $wgIsekaiOIDC['apiMode'] ?? 'oauth';
|
||
3 years ago
|
|
||
|
$eventType = $postData->type;
|
||
|
$subject = $postData->userId;
|
||
|
$eventRealm = $postData->realmId;
|
||
|
if ($eventRealm !== $realm) {
|
||
|
//return $this->addError('isekaioidc-api-realm-not-match');
|
||
|
$this->getResult()->addValue(null, 'webhook', 0);
|
||
|
return;
|
||
|
}
|
||
|
|
||
|
if (!in_array($eventType, ['UPDATE_PROFILE', 'UPDATE_EMAIL'])) {
|
||
|
//return $this->addError('isekaioidc-api-unsupported-event');
|
||
|
$this->getResult()->addValue(null, 'webhook', 0);
|
||
|
return;
|
||
|
}
|
||
|
|
||
|
list($userId, $userName, $accessToken, $refreshToken) = IsekaiOIDCAuth::findUser($subject);
|
||
|
|
||
|
if ($userId) {
|
||
|
$userInfo = $postData->userInfo;
|
||
|
$newProfile = [
|
||
|
'realname' => $userInfo->name,
|
||
|
'email' => $userInfo->email,
|
||
|
'phone' => $userInfo->phone_number,
|
||
|
];
|
||
|
|
||
2 years ago
|
$user = $services->getUserFactory()->newFromId($userId);
|
||
3 years ago
|
IsekaiOIDCAuth::updateUserInfo($user, $newProfile);
|
||
|
}
|
||
|
$this->getResult()->addValue(null, 'webhook', 1);
|
||
|
}
|
||
|
|
||
|
public function getAllowedParams() {
|
||
|
return [
|
||
|
'provider' => [
|
||
|
ParamValidator::PARAM_DEFAULT => null,
|
||
2 years ago
|
ParamValidator::PARAM_TYPE => 'text',
|
||
3 years ago
|
],
|
||
|
'key' => [
|
||
|
ParamValidator::PARAM_DEFAULT => null,
|
||
2 years ago
|
ParamValidator::PARAM_TYPE => 'text',
|
||
3 years ago
|
]
|
||
|
];
|
||
|
}
|
||
|
}
|