Code Coverage for /__w/eappointment/eappointment/zmsstatistic/src/Zmsstatistic/Oidc.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	0.00% covered (danger)	0.00%	0 / 75	0.00% covered (danger)	0.00%	0 / 1	CRAP	0.00% covered (danger)	0.00%	0 / 1
Oidc	0.00% covered (danger)	0.00%	0 / 75	0.00% covered (danger)	0.00%	0 / 1	30	0.00% covered (danger)	0.00%	0 / 1
readResponse	0.00% covered (danger)	0.00%	0 / 75	0.00% covered (danger)	0.00%	0 / 1	30

1	<?php
2
3	/**
4	* @package Zmsstatistic
5	* @copyright BerlinOnline Stadtportal GmbH & Co. KG
6	**/
7
8	namespace BO\Zmsstatistic;
9
10	use BO\Zmsclient\Auth;
11
12	class Oidc extends BaseController
13	{
14	/**
15	* @SuppressWarnings(Param)
16	* @return \Psr\Http\Message\ResponseInterface
17	*/
18	public function readResponse(
19	\Psr\Http\Message\RequestInterface $request,
20	\Psr\Http\Message\ResponseInterface $response,
21	array $args
22	) {
23	try {
24	$state = $request->getParam("state");
25	$authKey = \BO\Zmsclient\Auth::getKey();
26	$sessionHash = hash('sha256', $authKey);
27
28	\App::$log->info('OIDC Login state validation', [
29	'event' => 'oauth_login_state_validation',
30	'timestamp' => date('c'),
31	'provider' => \BO\Zmsclient\Auth::getOidcProvider(),
32	'application' => 'zmsstatistic',
33	'state_match' => ($state == $authKey),
34	'hashed_session_token' => $sessionHash
35	]);
36
37	if ($state == $authKey) {
38	try {
39	$workstation = \App::$http->readGetResult('/workstation/', ['resolveReferences' => 2])->getEntity();
40	$username = $workstation->getUseraccount()->id;
41	$sessionHash = hash('sha256', $workstation->authkey);
42
43	\App::$log->info('OIDC Login workstation access', [
44	'event' => 'oauth_login_workstation_access',
45	'timestamp' => date('c'),
46	'provider' => \BO\Zmsclient\Auth::getOidcProvider(),
47	'application' => 'zmsstatistic',
48	'username' => $username,
49	'workstation_id' => $workstation->id ?? 'unknown',
50	'hashed_session_token' => $sessionHash
51	]);
52
53	$departmentCount = $workstation->getUseraccount()->getDepartmentList()->count();
54
55	// Log department check with username
56	\App::$log->info('OIDC Login department check', [
57	'event' => 'oauth_login_department_check',
58	'timestamp' => date('c'),
59	'provider' => \BO\Zmsclient\Auth::getOidcProvider(),
60	'application' => 'zmsstatistic',
61	'username' => $username,
62	'department_count' => $departmentCount,
63	'has_departments' => ($departmentCount > 0),
64	'hashed_session_token' => $sessionHash
65	]);
66
67	if (0 == $departmentCount) {
68	return \BO\Slim\Render::redirect(
69	'index',
70	[],
71	[
72	'oidclogin' => true
73	]
74	);
75	}
76	return \BO\Slim\Render::redirect(
77	'workstationSelect',
78	[],
79	[]
80	);
81	} catch (\Exception $e) {
82	\App::$log->error('OIDC Login workstation error', [
83	'event' => 'oauth_login_workstation_error',
84	'timestamp' => date('c'),
85	'provider' => \BO\Zmsclient\Auth::getOidcProvider(),
86	'application' => 'zmsstatistic',
87	'error' => $e->getMessage(),
88	'code' => $e->getCode()
89	]);
90	throw $e;
91	}
92	}
93
94	\App::$log->error('OIDC Login invalid state', [
95	'event' => 'oauth_login_invalid_state',
96	'timestamp' => date('c'),
97	'provider' => \BO\Zmsclient\Auth::getOidcProvider(),
98	'application' => 'zmsstatistic'
99	]);
100
101	throw new \BO\Slim\Exception\OAuthInvalid();
102	} catch (\Exception $e) {
103	\App::$log->error('OIDC Login error', [
104	'event' => 'oauth_login_error',
105	'timestamp' => date('c'),
106	'provider' => \BO\Zmsclient\Auth::getOidcProvider(),
107	'application' => 'zmsstatistic',
108	'error' => $e->getMessage(),
109	'code' => $e->getCode()
110	]);
111	throw $e;
112	}
113	}
114	}