BookStack/app/Access/Oidc/OidcUserDetails.php at 58e2e0ea241e4059e202084fec40d7668613e774 · BookStackApp/BookStack · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
<?php

namespace BookStack\Access\Oidc;

use Illuminate\Support\Arr;

class OidcUserDetails
{
    public function __construct(
        public ?string $externalId = null,
        public ?string $email = null,
        public ?string $name = null,
        public ?array $groups = null,
        public ?string $picture = null,
    ) {
    }

    /**
     * Check if the user details are fully populated for our usage.
     */
    public function isFullyPopulated(bool $groupSyncActive): bool
    {
        $hasEmpty = empty($this->externalId)
            || empty($this->email)
            || empty($this->name)
            || ($groupSyncActive && $this->groups === null);

        return !$hasEmpty;
    }

    /**
     * Populate user details from the given claim data.
     */
    public function populate(
        ProvidesClaims $claims,
        string $idClaim,
        string $displayNameClaims,
        string $groupsClaim,
    ): void {
        $this->externalId = $claims->getClaim($idClaim) ?? $this->externalId;
        $this->email = $claims->getClaim('email') ?? $this->email;
        $this->name = static::getUserDisplayName($displayNameClaims, $claims) ?: $this->name;
        $this->groups = static::getUserGroups($groupsClaim, $claims) ?? $this->groups;
        $this->picture = static::getPicture($claims) ?: $this->picture;
    }

    protected static function getUserDisplayName(string $displayNameClaims, ProvidesClaims $claims): string
    {
        $displayNameClaimParts = explode('|', $displayNameClaims);

        $displayName = [];
        foreach ($displayNameClaimParts as $claim) {
            $component = $claims->getClaim(trim($claim)) ?? '';
            if ($component !== '') {
                $displayName[] = $component;
            }
        }

        return implode(' ', $displayName);
    }

    protected static function getUserGroups(string $groupsClaim, ProvidesClaims $claims): ?array
    {
        if (empty($groupsClaim)) {
            return null;
        }

        $groupsList = Arr::get($claims->getAllClaims(), $groupsClaim);
        if (!is_array($groupsList)) {
            return null;
        }

        return array_values(array_filter($groupsList, function ($val) {
            return is_string($val);
        }));
    }

    protected static function getPicture(ProvidesClaims $claims): ?string
    {
        $picture = $claims->getClaim('picture');
        if (is_string($picture) && str_starts_with($picture, 'http')) {
            return $picture;
        }

        return null;
    }
}