Code Coverage for /__w/eappointment/eappointment/zmsadmin/src/Zmsadmin/Oidc.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	0.00% covered (danger)	0.00%	0 / 70	0.00% covered (danger)	0.00%	0 / 1	CRAP	0.00% covered (danger)	0.00%	0 / 1
Oidc	0.00% covered (danger)	0.00%	0 / 70	0.00% covered (danger)	0.00%	0 / 1	30	0.00% covered (danger)	0.00%	0 / 1
readResponse	0.00% covered (danger)	0.00%	0 / 70	0.00% covered (danger)	0.00%	0 / 1	30

1	<?php
2
3	/**
4	* @package Zmsadmin
5	* @copyright BerlinOnline Stadtportal GmbH & Co. KG
6	**/
7
8	namespace BO\Zmsadmin;
9
10	use BO\Zmsclient\Auth;
11
12	class Oidc extends BaseController
13	{
14	/**
15	* @SuppressWarnings(Param)
16	* @return \Psr\Http\Message\ResponseInterface
17	*/
18	public function readResponse(
19	\Psr\Http\Message\RequestInterface $request,
20	\Psr\Http\Message\ResponseInterface $response,
21	array $args
22	) {
23	try {
24	$state = $request->getParam("state");
25	$authKey = \BO\Zmsclient\Auth::getKey();
26
27	\App::$log->info('OIDC state validation', [
28	'event' => 'oauth_state_validation',
29	'timestamp' => date('c'),
30	'provider' => \BO\Zmsclient\Auth::getOidcProvider(),
31	'application' => 'zmsadmin',
32	'state_match' => ($state == $authKey)
33	]);
34
35	if ($state == $authKey) {
36	try {
37	$workstation = \App::$http->readGetResult('/workstation/', ['resolveReferences' => 2])->getEntity();
38	$username = $workstation->getUseraccount()->id . '@' . \BO\Zmsclient\Auth::getOidcProvider();
39
40	\App::$log->info('OIDC workstation access', [
41	'event' => 'oauth_workstation_access',
42	'timestamp' => date('c'),
43	'provider' => \BO\Zmsclient\Auth::getOidcProvider(),
44	'application' => 'zmsadmin',
45	'username' => $username,
46	'workstation_id' => $workstation->id ?? 'unknown'
47	]);
48
49	$departmentCount = $workstation->getUseraccount()->getDepartmentList()->count();
50
51	// Log department check with username
52	\App::$log->info('OIDC department check', [
53	'event' => 'oauth_department_check',
54	'timestamp' => date('c'),
55	'provider' => \BO\Zmsclient\Auth::getOidcProvider(),
56	'application' => 'zmsadmin',
57	'username' => $username,
58	'department_count' => $departmentCount,
59	'has_departments' => ($departmentCount > 0)
60	]);
61
62	if (0 == $departmentCount) {
63	return \BO\Slim\Render::redirect(
64	'index',
65	[],
66	[
67	'oidclogin' => true
68	]
69	);
70	}
71	return \BO\Slim\Render::redirect(
72	'workstationSelect',
73	[],
74	[]
75	);
76	} catch (\Exception $e) {
77	// Log workstation access error
78	\App::$log->error('OIDC workstation error', [
79	'event' => 'oauth_workstation_error',
80	'timestamp' => date('c'),
81	'provider' => \BO\Zmsclient\Auth::getOidcProvider(),
82	'application' => 'zmsadmin',
83	'error' => $e->getMessage(),
84	'code' => $e->getCode()
85	]);
86	throw $e;
87	}
88	}
89
90	// Log invalid state
91	\App::$log->error('OIDC invalid state', [
92	'event' => 'oauth_invalid_state',
93	'timestamp' => date('c'),
94	'provider' => \BO\Zmsclient\Auth::getOidcProvider(),
95	'application' => 'zmsadmin'
96	]);
97
98	throw new \BO\Slim\Exception\OAuthInvalid();
99	} catch (\Exception $e) {
100	\App::$log->error('OIDC error', [
101	'event' => 'oauth_error',
102	'timestamp' => date('c'),
103	'provider' => \BO\Zmsclient\Auth::getOidcProvider(),
104	'application' => 'zmsadmin',
105	'error' => $e->getMessage(),
106	'code' => $e->getCode()
107	]);
108	throw $e;
109	}
110	}
111	}