public function setUp()
{
$this->person = new Person();
$this->person->setName(new PersonName('Dhr.', 'Sebastiaan', 'van', 'Parijs'));
/** @var ElectronicAddress $electronicAddress */
$electronicAddress = new ElectronicAddress();
$electronicAddress->setIdentifier('*****@*****.**');
$electronicAddress->setType('Email');
$electronicAddress->setApproved(TRUE);
$this->person->setPrimaryElectronicAddress($electronicAddress);
}
/**
* @dataProvider personsDataProvider
* @test
*/
public function personsAndAccountPersistingAndRetrievingWorksCorrectly($firstName, $middleName, $lastName, $emailAddress)
{
$person = new Domain\Model\Person();
$person->setName(new Domain\Model\PersonName('', $firstName, $middleName, $lastName));
$electronicAddress = new Domain\Model\ElectronicAddress();
$electronicAddress->setType(Domain\Model\ElectronicAddress::TYPE_EMAIL);
$electronicAddress->setIdentifier($emailAddress);
$person->setPrimaryElectronicAddress($electronicAddress);
$account = $this->accountFactory->createAccountWithPassword($emailAddress, $this->persistenceManager->getIdentifierByObject($person));
$this->accountRepository->add($account);
$person->addAccount($account);
$this->partyRepository->add($person);
$this->persistenceManager->persistAll();
$this->assertEquals(1, $this->partyRepository->countAll());
$this->persistenceManager->clearState();
$foundPerson = $this->partyRepository->findByIdentifier($this->persistenceManager->getIdentifierByObject($person));
$this->assertEquals($foundPerson->getName()->getFullName(), $person->getName()->getFullName());
$this->assertEquals($foundPerson->getName()->getFullName(), $firstName . ' ' . $middleName . ' ' . $lastName);
$this->assertEquals($foundPerson->getPrimaryElectronicAddress()->getIdentifier(), $emailAddress);
}
/**
* Authenticates against a crowd instance.
*
* @param \TYPO3\Flow\Security\Authentication\TokenInterface $authenticationToken The token to be authenticated
* @return void
* @throws \TYPO3\Flow\Security\Exception\UnsupportedAuthenticationTokenException
*/
public function authenticate(TokenInterface $authenticationToken)
{
if (!$authenticationToken instanceof UsernamePassword) {
throw new UnsupportedAuthenticationTokenException('This provider cannot authenticate the given token.', 1217339845);
}
$credentials = $authenticationToken->getCredentials();
if (is_array($credentials) && isset($credentials['username']) && isset($credentials['password'])) {
$crowdAuthenticationResponse = $this->crowdClient->authenticate($credentials['username'], $credentials['password']);
if ($crowdAuthenticationResponse !== NULL) {
/** @var $account \TYPO3\Flow\Security\Account */
$account = NULL;
$providerName = $this->name;
$accountRepository = $this->accountRepository;
$this->securityContext->withoutAuthorizationChecks(function () use($credentials, $providerName, $accountRepository, &$account) {
$account = $accountRepository->findActiveByAccountIdentifierAndAuthenticationProviderName($credentials['username'], $providerName);
});
if ($account === NULL) {
$account = new Account();
$account->setAuthenticationProviderName($providerName);
$account->setAccountIdentifier($credentials['username']);
$this->accountRepository->add($account);
}
$authenticateRole = $this->policyService->getRole($this->options['authenticateRole']);
if ($account->hasRole($authenticateRole) === FALSE) {
$account->addRole($authenticateRole);
}
$crowdUser = $this->partyService->getAssignedPartyOfAccount($account);
if ($crowdUser instanceof Person) {
if ($crowdUser->getName()->getFirstName() !== $crowdAuthenticationResponse['first-name']) {
$crowdUser->getName()->setFirstName($crowdAuthenticationResponse['first-name']);
$this->partyRepository->update($crowdUser);
}
if ($crowdUser->getName()->getLastName() !== $crowdAuthenticationResponse['last-name']) {
$crowdUser->getName()->setLastName($crowdAuthenticationResponse['last-name']);
$this->partyRepository->update($crowdUser);
}
if ($crowdUser->getPrimaryElectronicAddress()->getIdentifier() !== $crowdAuthenticationResponse['email']) {
$crowdUser->getPrimaryElectronicAddress()->setIdentifier($crowdAuthenticationResponse['email']);
$this->partyRepository->update($crowdUser);
}
} else {
$crowdUser = new Person();
$crowdUser->setName(new PersonName('', $crowdAuthenticationResponse['first-name'], '', $crowdAuthenticationResponse['last-name']));
$email = new ElectronicAddress();
$email->setIdentifier($crowdAuthenticationResponse['email']);
$email->setType(ElectronicAddress::TYPE_EMAIL);
$crowdUser->setPrimaryElectronicAddress($email);
$this->partyRepository->add($crowdUser);
$this->partyService->assignAccountToParty($account, $crowdUser);
}
$authenticationToken->setAuthenticationStatus(TokenInterface::AUTHENTICATION_SUCCESSFUL);
$authenticationToken->setAccount($account);
} else {
$authenticationToken->setAuthenticationStatus(TokenInterface::WRONG_CREDENTIALS);
}
} elseif ($authenticationToken->getAuthenticationStatus() !== TokenInterface::AUTHENTICATION_SUCCESSFUL) {
$authenticationToken->setAuthenticationStatus(TokenInterface::NO_CREDENTIALS_GIVEN);
}
}
/**
* @param Person $person
* @param array $userdata
*/
protected function updatePerson(Person $person, array $userdata)
{
if (isset($userdata['name'])) {
$personName = $person->getName();
if ($personName === null) {
$personName = new PersonName();
$person->setName($personName);
}
$this->updateName($personName, $userdata['name']);
}
if (isset($userdata['email'])) {
$primaryElectronicAddress = $person->getPrimaryElectronicAddress();
if ($primaryElectronicAddress === null) {
$primaryElectronicAddress = new ElectronicAddress();
$person->setPrimaryElectronicAddress($primaryElectronicAddress);
}
$primaryElectronicAddress->setType(ElectronicAddress::TYPE_EMAIL);
$primaryElectronicAddress->setIdentifier($userdata['email']);
}
}
/**
* Returns Party.
*
* @param string $providerName Provider name to fetch a person from.
* @param array $casAttributes
*
* @return Person
*/
public function getPerson($providerName, array $casAttributes)
{
$partySettings = $this->settings[$providerName]['Party'];
if (isset($partySettings['doNotMapParties']) && $partySettings['doNotMapParties'] === true) {
return;
}
if (isset($partySettings['Person']['name'])) {
$title = '';
$firstName = '';
$middleName = '';
$lastName = '';
$otherName = '';
$alias = '';
if (isset($partySettings['Person']['name']['alias']) && is_string($partySettings['Person']['name']['alias'])) {
$alias = ArraysUtility::getValueByPath($casAttributes, $partySettings['Person']['name']['alias']);
}
if (isset($partySettings['Person']['name']['firstName']) && is_string($partySettings['Person']['name']['firstName'])) {
$firstName = ArraysUtility::getValueByPath($casAttributes, $partySettings['Person']['name']['firstName']);
}
if (isset($partySettings['Person']['name']['lastName']) && is_string($partySettings['Person']['name']['lastName'])) {
$lastName = ArraysUtility::getValueByPath($casAttributes, $partySettings['Person']['name']['lastName']);
}
if (isset($partySettings['Person']['name']['middleName']) && is_string($partySettings['Person']['name']['middleName'])) {
$middleName = ArraysUtility::getValueByPath($casAttributes, $partySettings['Person']['name']['middleName']);
}
if (isset($partySettings['Person']['name']['otherName']) && is_string($partySettings['Person']['name']['otherName'])) {
$otherName = ArraysUtility::getValueByPath($casAttributes, $partySettings['Person']['name']['otherName']);
}
if (isset($partySettings['Person']['name']['title']) && is_string($partySettings['Person']['name']['title'])) {
$title = ArraysUtility::getValueByPath($casAttributes, $partySettings['Person']['name']['title']);
}
$person = new Person();
$personName = new PersonName($title, $firstName, $middleName, $lastName, $otherName, $alias);
$person->setName($personName);
} else {
return;
}
if (isset($partySettings['Person']['primaryElectronicAddress'])) {
if (isset($partySettings['Person']['primaryElectronicAddress']['identifier']) && is_string($partySettings['Person']['primaryElectronicAddress']['identifier'])) {
$identifier = ArraysUtility::getValueByPath($casAttributes, $partySettings['Person']['primaryElectronicAddress']['identifier']);
// todo : throw exception if not string
if (!is_string($identifier)) {
}
}
if (empty($partySettings['Person']['primaryElectronicAddress']['staticType']) && isset($partySettings['Person']['primaryElectronicAddress']['type']) && is_string($partySettings['Person']['primaryElectronicAddress']['type'])) {
$type = ArraysUtility::getValueByPath($casAttributes, $partySettings['Person']['primaryElectronicAddress']['type']);
// todo : throw exception if not string
if (!is_string($type)) {
}
}
if (empty($partySettings['Person']['primaryElectronicAddress']['staticUsage']) && isset($partySettings['Person']['primaryElectronicAddress']['usage']) && is_string($partySettings['Person']['primaryElectronicAddress']['usage'])) {
$usage = ArraysUtility::getValueByPath($casAttributes, $partySettings['Person']['primaryElectronicAddress']['usage']);
// todo : throw exception if not string
if (!is_string($usage)) {
}
}
// static values for type and usage
if (isset($partySettings['Person']['primaryElectronicAddress']['staticType']) && is_string($partySettings['Person']['primaryElectronicAddress']['staticType'])) {
$type = $partySettings['Person']['primaryElectronicAddress']['staticType'];
// todo : throw exception if not string
if (!is_string($type)) {
}
}
if (isset($partySettings['Person']['primaryElectronicAddress']['staticUsage']) && is_string($partySettings['Person']['primaryElectronicAddress']['staticUsage'])) {
$usage = $partySettings['Person']['primaryElectronicAddress']['staticUsage'];
// todo : throw exception if not string
if (!is_string($usage)) {
}
}
$primaryElectronicAddress = new ElectronicAddress();
$primaryElectronicAddress->setIdentifier($identifier);
$primaryElectronicAddress->setType($type);
$primaryElectronicAddress->setUsage($usage);
$person->setPrimaryElectronicAddress($primaryElectronicAddress);
}
return $person;
}
/**
* @param AbstractClientToken $token
* @throws InvalidPartyDataException
*/
public function createPartyAndAttachToAccountFor(AbstractClientToken $token)
{
$userData = $this->authenticationServicesUserData[(string) $token];
$party = new Person();
$party->setName(new PersonName('', $userData['first_name'], '', $userData['last_name']));
// Todo: this is not covered by the Person implementation, we should have a solution for that
#$party->setBirthDate(\DateTime::createFromFormat('!m/d/Y', $userData['birthday'], new \DateTimeZone('UTC')));
#$party->setGender(substr($userData['gender'], 0, 1));
$electronicAddress = new ElectronicAddress();
$electronicAddress->setType(ElectronicAddress::TYPE_EMAIL);
$electronicAddress->setIdentifier($userData['email']);
$party->addElectronicAddress($electronicAddress);
$partyValidator = $this->validatorResolver->getBaseValidatorConjunction('TYPO3\\Party\\Domain\\Model\\Person');
$validationResult = $partyValidator->validate($party);
if ($validationResult->hasErrors()) {
throw new InvalidPartyDataException('The created party does not satisfy the requirements', 1384266207);
}
$account = $token->getAccount();
$account->setParty($party);
// TODO: this must be properly specifiable (the Roles to add)
#$account->setRoles();
$this->accountRepository->update($account);
$this->partyRepository->add($party);
}