fix: Don't show login button if not configured

PurdueRCAC · Apr 3, 2024 · dd523e6 · dd523e6
1 parent 68ecd10
commit dd523e6
Showing 1 changed file with 27 additions and 13 deletions.
diff --git a/app/Listeners/Auth/CILogon/CILogon.php b/app/Listeners/Auth/CILogon/CILogon.php
@@ -22,6 +22,13 @@ class CILogon
 	 */
 	protected $cilogon = null;
 
+	/**
+	 * Authenticator name
+	 *
+	 * @var string
+	 */
+	protected static $auth_name = 'cilogon';
+
 	/**
 	 * Register the listeners for the subscriber.
 	 *
@@ -52,7 +59,7 @@ protected function provider(): ?Provider
 				return null;
 			}
 
-			$config['redirectUri'] = route('callback', ['authenticator' => 'cilogon']);
+			$config['redirectUri'] = route('callback', ['authenticator' => self::$auth_name]);
 
 			if (!in_array($config['server'], ['test', 'dev']))
 			{
@@ -66,13 +73,20 @@ protected function provider(): ?Provider
 	}
 
 	/**
-	 * Handle user login events.
+	 * Add to the list of available authenticators
 	 * 
 	 * @param  Authenticators $event
 	 * @return void
 	 */
 	public function handleAuthenticators(Authenticators $event): void
 	{
+		$config = config('listener.cilogon', []);
+
+		if (empty($config) || !$config['clientId'] || !$config['clientSecret'])
+		{
+			return;
+		}
+
 		app('translator')->addNamespace(
 			'listener.auth.cilogon',
 			__DIR__ . '/lang'
@@ -83,21 +97,21 @@ public function handleAuthenticators(Authenticators $event): void
 			__DIR__ . '/views'
 		);
 
-		$event->addAuthenticator('cilogon', [
+		$event->addAuthenticator(self::$auth_name, [
 			'label' => 'CILogon',
 			'view' => 'listener.auth.cilogon::index',
 		]);
 	}
 
 	/**
-	 * Handle user login events.
+	 * Handle user login event
 	 * 
 	 * @param  Login $event
 	 * @return void
 	 */
 	public function handleLogin(Login $event): void
 	{
-		if ($event->authenticator != 'cilogon')
+		if ($event->authenticator != self::$auth_name)
 		{
 			return;
 		}
@@ -123,22 +137,22 @@ public function handleLogin(Login $event): void
 		));
 		$returnUrl = $request->input('return', route(config('module.users.redirect_route_after_login', 'home')));
 
-		session()->put('cilogon.state', $provider->getState());
-		session()->put('cilogon.returnUrl', $returnUrl);
+		session()->put(self::$auth_name . '.state', $provider->getState());
+		session()->put(self::$auth_name . '.returnUrl', $returnUrl);
 
 		// Redirect to the login URL
 		abort(redirect($loginUrl));
 	}
 
 	/**
-	 * Handle user login events.
+	 * Handle authentication event
 	 * 
 	 * @param  Authenticate $event
 	 * @return void
 	 */
 	public function handleAuthenticate(Authenticate $event): void
 	{
-		if ($event->authenticator != 'cilogon')
+		if ($event->authenticator != self::$auth_name)
 		{
 			return;
 		}
@@ -153,15 +167,15 @@ public function handleAuthenticate(Authenticate $event): void
 		}
 
 		// Check given state against previously stored one to mitigate CSRF attack
-		$storedState = session()->get('cilogon.state');
+		$storedState = session()->get(self::$auth_name . '.state');
 		$state = $request->input('state');
 
 		if (empty($state) || $storedState !== $state)
 		{
 			//throw new \Exception('Mismatched state', 401);
 		}
 
-		session()->forget('cilogon.state');
+		session()->forget(self::$auth_name . '.state');
 
 		if (!auth()->user())
 		{
@@ -187,7 +201,7 @@ public function handleAuthenticate(Authenticate $event): void
 				{
 					$user->name = $cilogonResponse->getGivenName() . ' ' . $cilogonResponse->getFamilyName();
 				}
-				$user->api_token = Str::random(60);
+				$user->api_token = $user->generateApiToken();
 				//$user->puid = $cilogonResponse->getId();
 
 				$user->setDefaultRole();
@@ -227,7 +241,7 @@ public function handleAuthenticate(Authenticate $event): void
 
 			if (!$user->api_token)
 			{
-				$user->api_token = Str::random(60);
+				$user->api_token = $user->generateApiToken();
 				$user->save();
 			}