Merge pull request #118 from topcoder-platform/develop

Universal Navigation

Author: jmgasper

Topcoder/class.topcoder.plugin.php

@@ -219,6 +219,10 @@ public function settingsController_topcoder_create($sender) {
             'Plugins.Topcoder.SSO.CookieName' => ['Control' => 'TextBox', 'Default' => '', 'Description' => 'Topcoder Cookie Name'],
             'Plugins.Topcoder.SSO.TopcoderHS256.UsernameClaim' => ['Control' => 'TextBox', 'Default' => '', 'Description' => 'Topcoder Username Claim for HS256 JWT'],
             'Plugins.Topcoder.SSO.TopcoderRS256.UsernameClaim' => ['Control' => 'TextBox', 'Default' => '', 'Description' => 'Topcoder Username Claim for RS256 JWT'],
+            'Plugins.Topcoder.SSO.TopcoderHS256.UserIDClaim' => ['Control' => 'TextBox', 'Default' => '', 'Description' => 'Topcoder User ID Claim for HS256 JWT'],
+            'Plugins.Topcoder.SSO.TopcoderRS256.UserIDClaim' => ['Control' => 'TextBox', 'Default' => '', 'Description' => 'Topcoder User ID Claim for RS256 JWT'],
+            'Plugins.Topcoder.SSO.TopcoderHS256.PhotoUrlClaim' => ['Control' => 'TextBox', 'Default' => '', 'Description' => 'Topcoder Photo URL Claim for HS256 JWT'],
+            'Plugins.Topcoder.SSO.TopcoderRS256.PhotoUrlClaim' => ['Control' => 'TextBox', 'Default' => '', 'Description' => 'Topcoder Photo URL Claim for RS256 JWT'],
         ]);
 
         $cf->renderAll();
@@ -373,16 +377,22 @@ public function gdn_auth_startAuthenticator_handler() {
 
             $AUTH0_AUDIENCE = null;
             $USERNAME_CLAIM = null;
+            $PHOTOURL_CLAIM = null;
+            $USERID_CLAIM = null;
             if ($decodedToken->getHeader('alg') === 'RS256') {
                 $AUTH0_AUDIENCE = c('Plugins.Topcoder.SSO.TopcoderRS256.ID');
                 $USERNAME_CLAIM = c('Plugins.Topcoder.SSO.TopcoderRS256.UsernameClaim');
+                $USERID_CLAIM = c('Plugins.Topcoder.SSO.TopcoderRS256.UserIDClaim');
+                $PHOTOURL_CLAIM = c('Plugins.Topcoder.SSO.TopcoderRS256.PhotoUrlClaim');
                 $jwksUri = $issuer . '.well-known/jwks.json';
                 $jwksHttpOptions = ['base_uri' => $jwksUri];
                 $jwksFetcher = new JWKFetcher($this->cacheHandler, $jwksHttpOptions);
                 $signatureVerifier = new AsymmetricVerifier($jwksFetcher);
 
             } else if ($decodedToken->getHeader('alg') === 'HS256') {
                 $USERNAME_CLAIM = c('Plugins.Topcoder.SSO.TopcoderHS256.UsernameClaim');
+                $USERID_CLAIM = c('Plugins.Topcoder.SSO.TopcoderHS256.UserIDClaim');
+                $PHOTOURL_CLAIM = c('Plugins.Topcoder.SSO.TopcoderHS256.PhotoUrlClaim');
                 $AUTH0_AUDIENCE = c('Plugins.Topcoder.SSO.TopcoderHS256.ID');
                 $CLIENT_H256SECRET = c('Plugins.Topcoder.SSO.TopcoderHS256.Secret');
                 $signatureVerifier = new SymmetricVerifier($CLIENT_H256SECRET);
@@ -450,8 +460,11 @@ public function gdn_auth_startAuthenticator_handler() {
             $this->checkTopcoderRoles($topcoderRoles);
 
             $topcoderUserName = $decodedToken->getClaim($USERNAME_CLAIM);
+            $topcoderPhotoUrl = $decodedToken->getClaim($PHOTOURL_CLAIM);
+            $topcoderUserID = $decodedToken->getClaim($USERID_CLAIM);
+
             if ($topcoderUserName) {
-               self::log('Trying to signIn ...', ['username' => $topcoderUserName]);
+               self::log('Trying to signIn ...', ['username' => $topcoderUserName, 'topcoderId'=> $topcoderUserID ,  'photoUrl' => $topcoderPhotoUrl, ]);
 
                 $userModel = new UserModel();
                 $user = $userModel->getByUsername($topcoderUserName, false);
@@ -505,6 +518,7 @@ public function gdn_auth_startAuthenticator_handler() {
 
                 if ($userID) {
                     $this->syncTopcoderRoles($userID,$topcoderRoles);
+                    $this->syncTopcoderEmail($userID,$decodedToken->getClaim('email'));
                     Gdn::authenticator()->setIdentity($userID, true);
                     Gdn::session()->start($userID, true);
                     Gdn::authenticator()->trigger(Gdn_Authenticator::AUTH_SUCCESS);
@@ -514,6 +528,10 @@ public function gdn_auth_startAuthenticator_handler() {
                        self::log('The session could not be started.', []);
                         throw new ClientException('The session could not be started.', 401);
                     }
+
+                    Gdn::userModel()->saveAttribute(
+                        Gdn::session()->UserID,
+                        ['TopcoderUserID' => $topcoderUserID, 'TopcoderPhotoUrl' => $topcoderPhotoUrl]);
                 } else {
                    self::log('Go with the next Vanilla Authenticator', []);
                 }
@@ -659,6 +677,45 @@ private function syncTopcoderRoles($userID, $roles) {
         }
     }
 
+    /**
+     * Sync the e-mail addressof Topcoder for an user
+     * @param $userID
+     * @param $roles array a list of role names
+     *
+     */
+    private function syncTopcoderEmail($userID,$topcoder_email) {
+        $userModel = new UserModel();
+        $user = $userModel->getID($userID);
+        $vanilla_email = val('Email', $user);
+
+        // Update if two e-mail addresses are different
+        if($vanilla_email !== $topcoder_email) {
+            $userData = [
+                "UserID" => $userID,
+                "Email" => $topcoder_email,
+                "EmailConfirmed" => true
+            ];
+
+            $settings = [
+                'NoConfirmEmail' => true
+            ];
+            $ret = $userModel->save($userData, $settings);
+            if($ret) {
+                $modified_user = $userModel->getID($userID);
+                $modified_email = val('Email', $user);
+                if($modified_email === $topcoder_email) {
+                    self::log('Succeeded to modify e-mail', ["new_email"=>$modified_email]);
+                } else {
+                    self::log('Failed to modify e-mail', []);
+                }
+            } else {
+                self::log('Failed to modify e-mail', []);
+            }
+        } else {
+            self::log('No need to modify e-mail.', []);
+        }
+    }
+
     /**
      * Get a role by name and type.
      *

Topcoder/modules/TopcoderConfigurationModule.php

@@ -133,6 +133,7 @@ public function initialize($schema = null) {
                 $authform = new Gdn_Form();
                 $authform->setModel($model);
                 $authform->setFormValue('AuthenticationKey','topcoder');
+                $authform->setFormValue('RegisterUrl' , $authenticationProviderData['RegisterUrl']);
                 $authform->setFormValue('SignInUrl' , $authenticationProviderData['SignInUrl']);
                 $authform->setFormValue('SignOutUrl' , $authenticationProviderData['SignOutUrl']);
                 $authform->setFormValue('IsDefault' , $authenticationProviderData['IsDefault']);