/** * Returns the url for the account administration iframe. * If the passed account is null, then the url will point to the start page where a new account can be created. * * @param NostoAccountMetaSingleSignOnInterface $sso the SSO meta data. * @param NostoAccountMetaIframeInterface $iframe the iframe meta data. * @param NostoAccount|null $account the account to return the url for. * @param array $params additional parameters to add to the iframe url. * @return string the iframe url. * @throws NostoException if the url cannot be created. */ public function getUrl(NostoAccountMetaSingleSignOnInterface $sso, NostoAccountMetaIframeInterface $iframe, NostoAccount $account = null, array $params = array()) { $queryParams = http_build_query(array_merge(array('lang' => $iframe->getLanguage()->getCode(), 'ps_version' => $iframe->getVersionPlatform(), 'nt_version' => $iframe->getVersionModule(), 'product_pu' => $iframe->getPreviewUrlProduct(), 'category_pu' => $iframe->getPreviewUrlCategory(), 'search_pu' => $iframe->getPreviewUrlSearch(), 'cart_pu' => $iframe->getPreviewUrlCart(), 'front_pu' => $iframe->getPreviewUrlFront(), 'shop_lang' => $iframe->getShopLanguage()->getCode(), 'shop_name' => $iframe->getShopName(), 'unique_id' => $iframe->getUniqueId(), 'fname' => $sso->getFirstName(), 'lname' => $sso->getLastName(), 'email' => $sso->getEmail(), 'missing_scopes' => !is_null($account) && !$account->isConnectedToNosto() ? implode(',', $account->getMissingScopes()) : ''), $params)); if ($account !== null) { try { $service = new NostoServiceAccount(); $url = $service->sso($account, $sso); $url .= '?' . $queryParams; } catch (NostoException $e) { // If the SSO fails, we show a "remove account" page to the user in order to // allow to remove Nosto and start over. // The only case when this should happen is when the api token for some // reason is invalid, which is the case when switching between environments. $url = NostoHttpRequest::buildUri($this->getBaseUrl() . self::IFRAME_URI_UNINSTALL . '?' . $queryParams, array('{platform}' => $sso->getPlatform())); } } else { $url = NostoHttpRequest::buildUri($this->getBaseUrl() . self::IFRAME_URI_INSTALL . '?' . $queryParams, array('{platform}' => $sso->getPlatform())); } return $url; }
/** * Signs the user in to Nosto via SSO. * * Requires that the account has a valid sso token associated with it. * * @param NostoAccount $account the account to sign into. * @param NostoAccountMetaSingleSignOnInterface $meta the SSO meta-data. * @return string a secure login url. * * @throws NostoException on failure. */ public function sso(NostoAccount $account, NostoAccountMetaSingleSignOnInterface $meta) { $token = $account->getApiToken(NostoApiToken::API_SSO); if (is_null($token)) { throw new NostoException(sprintf('No `%s` API token found for account "%s".', NostoApiToken::API_SSO, $account->getName())); } $request = new NostoHttpRequest(); $request->setUrl(NostoHttpRequest::$baseUrl . NostoHttpRequest::PATH_SSO_AUTH); $request->setReplaceParams(array('{platform}' => $meta->getPlatform(), '{email}' => $meta->getEmail())); $request->setContentType('application/x-www-form-urlencoded'); $request->setAuthBasic('', $token->getValue()); $response = $request->post(http_build_query(array('fname' => $meta->getFirstName(), 'lname' => $meta->getLastName()))); if ($response->getCode() !== 200) { throw Nosto::createHttpException('Failed to sign into Nosto using Single Sign On.', $request, $response); } $result = $response->getJsonResult(); if (empty($result->login_url)) { throw new NostoException('No "login_url" returned when logging in employee to Nosto'); } return $result->login_url; }