Merge pull request #11 from ristekusdi/10-refactor-user-attributes

Refactor user attributes
ristekusdi · Nov 28, 2022 · ecc7866 · ecc7866
2 parents fb62331 + b48486e
commit ecc7866
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 26 deletions.
diff --git a/src/Auth/Guard/WebGuard.php b/src/Auth/Guard/WebGuard.php
@@ -91,6 +91,12 @@ public function authenticate()
             return false;
         }
 
+        // Get client roles
+        $roles = ['roles' => []];
+        $roles = (new AccessToken($credentials))->parseAccessToken()['resource_access'][$_SERVER['SSO_CLIENT_ID']];
+
+        $user = array_merge($user, ['client_roles' => $roles['roles']]);
+
         $provider = new WebUserProvider((new \ReflectionClass('RistekUSDI\SSO\PHP\Models\User'))->getName());
         $user = $provider->retrieveByCredentials($user);
         $this->setUser($user);

diff --git a/src/Models/User.php b/src/Models/User.php
@@ -3,7 +3,6 @@
 namespace RistekUSDI\SSO\PHP\Models;
 
 use Illuminate\Contracts\Auth\Authenticatable;
-use RistekUSDI\SSO\PHP\Auth\Guard\WebGuard;
 
 class User implements Authenticatable
 {
@@ -12,21 +11,7 @@ class User implements Authenticatable
      *
      * @var array
      */
-    protected $fillable = [
-        'name',
-        'email',
-        'sub',
-        'preferred_username',
-        'given_name',
-        'family_name',
-        'client_roles',
-        'unud_identifier_id',
-        'unud_user_type_id',
-        'unud_sso_id',
-        'picture',
-        'address',
-        'phone_number'
-    ];
+    protected $fillable;
 
     /**
      * User attributes
@@ -43,9 +28,7 @@ class User implements Authenticatable
     public function __construct(array $profile)
     {
         foreach ($profile as $key => $value) {
-            if (in_array($key, $this->fillable)) {
-                $this->attributes[ $key ] = $value;
-            }
+            $this->attributes[$key] = $value;
             $this->attributes['username'] = $profile['preferred_username'];
             $this->attributes['identity'] = $profile['given_name'];
             $this->attributes['full_identity'] = $profile['name'];
@@ -92,7 +75,7 @@ public function getAuthIdentifierName()
      */
     public function getAuthIdentifier()
     {
-        return $this->email;
+        return $this->preferred_username;
     }
 
     /**

diff --git a/src/Services/SSOService.php b/src/Services/SSOService.php
@@ -507,12 +507,6 @@ public function getUserProfile($credentials)
             $user = $response->getBody()->getContents();
             $user = json_decode($user, true);
 
-            // Get client roles
-            $roles = ['roles' => []];
-            $roles = $token->parseAccessToken()['resource_access'][$_SERVER['SSO_CLIENT_ID']];
-
-            $user = array_merge($user, ['client_roles' => $roles['roles']]);
-
             // Validate retrieved user is owner of token
             $token->validateSub($user['sub'] ?? '');
         } catch (GuzzleException $e) {