Code Coverage for /__w/eappointment/eappointment/zmsadmin/src/Zmsadmin/Oidc.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	0.00% covered (danger)	0.00%	0 / 75	0.00% covered (danger)	0.00%	0 / 1	CRAP	0.00% covered (danger)	0.00%	0 / 1
Oidc	0.00% covered (danger)	0.00%	0 / 75	0.00% covered (danger)	0.00%	0 / 1	30	0.00% covered (danger)	0.00%	0 / 1
readResponse	0.00% covered (danger)	0.00%	0 / 75	0.00% covered (danger)	0.00%	0 / 1	30

1	<?php
2
3	/**
4	* @package Zmsadmin
5	* @copyright BerlinOnline Stadtportal GmbH & Co. KG
6	**/
7
8	namespace BO\Zmsadmin;
9
10	use BO\Zmsclient\Auth;
11
12	class Oidc extends BaseController
13	{
14	/**
15	* @SuppressWarnings(Param)
16	* @return \Psr\Http\Message\ResponseInterface
17	*/
18	public function readResponse(
19	\Psr\Http\Message\RequestInterface $request,
20	\Psr\Http\Message\ResponseInterface $response,
21	array $args
22	) {
23	try {
24	$state = $request->getParam("state");
25	$authKey = \BO\Zmsclient\Auth::getKey();
26	$sessionHash = hash('sha256', $authKey);
27
28	\App::$log->info('OIDC Login state validation', [
29	'event' => 'oauth_login_state_validation',
30	'timestamp' => date('c'),
31	'provider' => \BO\Zmsclient\Auth::getOidcProvider(),
32	'application' => 'zmsadmin',
33	'state_match' => ($state == $authKey),
34	'hashed_session_token' => $sessionHash
35	]);
36
37	if ($state == $authKey) {
38	try {
39	$workstation = \App::$http->readGetResult('/workstation/', ['resolveReferences' => 2])->getEntity();
40	$username = $workstation->getUseraccount()->id;
41	$sessionHash = hash('sha256', $workstation->authkey);
42
43	\App::$log->info('OIDC Login workstation access', [
44	'event' => 'oauth_login_workstation_access',
45	'timestamp' => date('c'),
46	'provider' => \BO\Zmsclient\Auth::getOidcProvider(),
47	'application' => 'zmsadmin',
48	'username' => $username,
49	'workstation_id' => $workstation->id ?? 'unknown',
50	'hashed_session_token' => $sessionHash
51	]);
52
53	$departmentCount = $workstation->getUseraccount()->getDepartmentList()->count();
54
55	// Log department check with username
56	\App::$log->info('OIDC Login department check', [
57	'event' => 'oauth_login_department_check',
58	'timestamp' => date('c'),
59	'provider' => \BO\Zmsclient\Auth::getOidcProvider(),
60	'application' => 'zmsadmin',
61	'username' => $username,
62	'department_count' => $departmentCount,
63	'has_departments' => ($departmentCount > 0),
64	'hashed_session_token' => $sessionHash
65	]);
66
67	if (0 == $departmentCount) {
68	return \BO\Slim\Render::redirect(
69	'index',
70	[],
71	[
72	'oidclogin' => true
73	]
74	);
75	}
76	return \BO\Slim\Render::redirect(
77	'workstationSelect',
78	[],
79	[]
80	);
81	} catch (\Exception $e) {
82	// Log workstation access error
83	\App::$log->error('OIDC Login workstation error', [
84	'event' => 'oauth_login_workstation_error',
85	'timestamp' => date('c'),
86	'provider' => \BO\Zmsclient\Auth::getOidcProvider(),
87	'application' => 'zmsadmin',
88	'error' => $e->getMessage(),
89	'code' => $e->getCode()
90	]);
91	throw $e;
92	}
93	}
94
95	// Log invalid state
96	\App::$log->error('OIDC Login invalid state', [
97	'event' => 'oauth_login_invalid_state',
98	'timestamp' => date('c'),
99	'provider' => \BO\Zmsclient\Auth::getOidcProvider(),
100	'application' => 'zmsadmin'
101	]);
102
103	throw new \BO\Slim\Exception\OAuthInvalid();
104	} catch (\Exception $e) {
105	\App::$log->error('OIDC Login error', [
106	'event' => 'oauth_login_error',
107	'timestamp' => date('c'),
108	'provider' => \BO\Zmsclient\Auth::getOidcProvider(),
109	'application' => 'zmsadmin',
110	'error' => $e->getMessage(),
111	'code' => $e->getCode()
112	]);
113	throw $e;
114	}
115	}
116	}