lukas/kupshop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
kupshop/bundles/KupShop/UserOauthBundle/ResourceOwner/BankIdResourceOwner.php
Lukáš Trkan 23646bfcee first commit
2025-08-02 16:30:27 +02:00

136 lines
4.3 KiB
PHP
Raw Permalink Blame History

<?php
declare(strict_types=1);
namespace KupShop\UserOauthBundle\ResourceOwner;
use HWI\Bundle\OAuthBundle\OAuth\RequestDataStorageInterface;
use HWI\Bundle\OAuthBundle\OAuth\ResourceOwner\GenericOAuth2ResourceOwner;
use HWI\Bundle\OAuthBundle\OAuth\Response\UserResponseInterface;
use HWI\Bundle\OAuthBundle\Security\Helper\NonceGenerator;
use KupShop\AgeVerifyBundle\Utils\AgeVerifyUtil;
use KupShop\KupShopBundle\Config;
use KupShop\KupShopBundle\Context\DomainContext;
use KupShop\KupShopBundle\Util\Contexts;
use Query\Operator;
use Symfony\Component\Security\Http\HttpUtils;
use Symfony\Contracts\Service\Attribute\Required;
class BankIdResourceOwner extends GenericOAuth2ResourceOwner implements ICustomResourceOwner
{
public const SANDBOX_URL = 'https://oidc.sandbox.bankid.cz/';
public const PROD_URL = 'https://oidc.bankid.cz/';
private ?AgeVerifyUtil $ageVerifyUtil = null;
public function __construct(
$httpClient,
HttpUtils $httpUtils,
array $options,
$name,
RequestDataStorageInterface $storage,
) {
if (!isLocalDevelopment()) {
$options['client_id'] = $this->getClientId();
$options['client_secret'] = $this->getClientSecret();
}
$options['access_token_url'] = $this->getUrl('token');
$options['authorization_url'] = $this->getUrl('auth');
$options['infos_url'] = $this->getUrl('userinfo');
$options['csrf'] = true;
parent::__construct($httpClient, $httpUtils, $options, $name, $storage);
}
public function updateUserData(\User $user, UserResponseInterface $response)
{
$data = [];
if ($birthdate = $response->getBirthdate()) {
$data['birthdate'] = $birthdate;
}
if ($name = $response->getFirstName()) {
$data['name'] = $name;
}
if ($surname = $response->getLastName()) {
$data['surname'] = $surname;
}
if (!empty($data)) {
sqlQueryBuilder()->update('users')
->directValues($data)
->where(Operator::equals(['id' => $user->id]))
->execute();
}
$date = \DateTime::createFromFormat('Y-m-d', $birthdate)->add(\DateInterval::createFromDateString('+18YEARS'));
$this->ageVerifyUtil?->setVerificationData(legalAge: $date <= (new \DateTime()) ? 'Y' : 'N', type: 'bankId', userId: $user->id);
}
protected function getClientId()
{
if (isLocalDevelopment()) {
return $this->options['client_id'];
}
$settings = \Settings::getDefault();
return $settings['oauth']['bank_id']['client_id'] ?? '';
}
protected function getClientSecret()
{
if (isLocalDevelopment()) {
return $this->options['client_secret'];
}
$settings = \Settings::getDefault();
return $settings['oauth']['bank_id']['client_secret'] ?? '';
}
protected function getUrl($path)
{
if (isDevelopment() || \Settings::getDefault()['oauth']['bank_id']['sandbox']) {
return self::SANDBOX_URL.$path;
}
return self::PROD_URL.$path;
}
protected function getRedirectUri()
{
if (isDevelopment()) {
return Config::get()['Addr']['full_original'].'login/check-bankid';
}
/** @var DomainContext $domainContext */
$domainContext = Contexts::get(DomainContext::class);
return $domainContext->getActiveWithScheme().'/login/check-bankid';
}
public function getAuthorizationUrl($redirectUri, array $extraParameters = [])
{
$extraParameters['redirect_uri'] = $this->getRedirectUri();
$extraParameters['nonce'] = NonceGenerator::generate();
return parent::getAuthorizationUrl($redirectUri, $extraParameters);
}
protected function doGetTokenRequest($url, array $parameters = [])
{
$parameters['client_id'] = $this->getClientId();
$parameters['client_secret'] = $this->getClientSecret();
$parameters['redirect_uri'] = $this->getRedirectUri();
return $this->httpRequest($url, http_build_query($parameters, '', '&'));
}
#[Required]
public function setAgeVerifyUtil(?AgeVerifyUtil $ageVerifyUtil): void
{
$this->ageVerifyUtil = $ageVerifyUtil;
}
}
Reference in New Issue View Git Blame Copy Permalink