Skip to content
GitLab
Verified Commit ee575f34 authored by dockx thibault's avatar dockx thibault
Browse files

:sparkles: Feat(Orchestrator) - token generation logic 1 

save commit - token generation logic 1
parent dac6bab2
dev 63-orchestrator-mail-controller-format-of-mail-text-and-signature-are-not-utf8-usage-of-accents-is 70-create-unitests-for-orchestrator 73-orchestrator-create-a-librabry-in-core-orchestrator 78-redesign-audit-class 79-redesign-mail 80-redesign-notifications-class 81-redesign-reminders-class 82-redesign-lifecycle-class main revert-55863b23 1.1
2 merge requests!72Releasing Fusiondirectory Orchestrator 1.1,!61Resolve "[Orchestrator] - New endpoint for userReminder allowing to send notification to use with token to extend their account longevity"
Pipeline #30305 failed with stages
in 2 minutes and 56 seconds
Hide whitespace changes
Inline Side-by-side
Showing
with 98 additions and 4 deletions
+98 -4
plugins/tasks/Reminder.php
+ 98
4
View file @ ee575f34
......@@ -108,8 +108,18 @@ class Reminder implements EndpointInterface
// Require to be set for updating the status of the task later on and sent the email.
$reminders[$remindersMainTaskName]['subTask'][$task['cn'][0]]['dn'] = $task['dn'];
$reminders[$remindersMainTaskName]['subTask'][$task['cn'][0]]['uid'] = $task['fdtasksgranulardn'][0];
// Create timeStamp expiration for token
$tokenExpire = $this->getTokenExpiration($task['fdtasksgranularhelper'][0],
$remindersMainTask['fdtasksreminderfirstcall'][0],
$remindersMainTask['fdtasksremindersecondcall'][0]);
// Create token for SubTask
$token = $this->generateToken($task['fdtasksgranulardn'][0], $timeStamp);
// Edit the mailForm with the url link containing the token
$tokenMailTemplateForm = $this->includeTokenToMailForm($token, $mailTemplateForm);
// Recipient email form
$reminders[$remindersMainTaskName]['subTask'][$task['cn'][0]]['mail'] = $mailTemplateForm;
$reminders[$remindersMainTaskName]['subTask'][$task['cn'][0]]['mail'] = $tokenMailTemplateForm;
} else {
// Not about to expire, delete subTask
......@@ -127,6 +137,91 @@ class Reminder implements EndpointInterface
return $result;
}
private function includeTokenToMailForm($token, $mailTemplateForm) : array
{
}
/**
* @param int $subTaskCall
* @param int $firstCall
* @param int $secondCall
* @return int
* Note : Simply return the difference between first and second call. (First call can be null).
*/
private function getTokenExpiration (int $subTaskCall, int $firstCall, int $secondCall) : int
{
// if firstCall is empty, secondCall is the timestamp expiry for the token.
$result = $secondCall;
if (!empty($firstCall)) {
// Verification if the subTask is the second reminder or the first reminder.
if ($subTaskCall === $firstCall) {
$result = $firstCall - $secondCall;
}
}
return $result;
}
/**
* @param string $uid
* @return array
*/
private function generateToken (string $uid, int $timeStamp): array
{
// Salt has been generated with APG.
$salt = '8onOlEsItKond';
$payload = json_encode($uid . $salt);
// Create hmac with sha256 alg and the key provided for JWT token signature in ENV.
$token_hmac = hash_hmac("sha256", $payload, $_ENV["SECRET_KEY"], TRUE);
// We need to have a token allowed to be used within an URL.
$token = $this->base64urlEncode($token_hmac);
// Save token within LDAP
$this->saveTokenInLdap($uid, $token, $timeStamp);
exit;
}
/**
* @param string $uid
* @param string $token
* NOTE : UID is the full DN of the user. (uid=...).
* @param int $timeStamp
*/
private function saveTokenInLdap (string $uid, string $token, int $timeStamp)
{
$result = [];
// Status subject to change
$ldap_entry["fdTokenUserDN"] = $uid;
$ldap_entry["fdTokenType"] = 'reminder';
$ldap_entry["fdToken"] = $token;
$ldap_entry["fdTokenTimestamp"] = $timeStamp;
// Add status to LDAP
try {
$result = ldap_modify($this->gateway->ds, 'ou=fdTokenEntry'.$_ENV["LDAP_BASE"], $ldap_entry); // bool returned
} catch (Exception $e) {
$result = json_encode(["Ldap Error" => "$e"]); // string returned
}
return $result;
}
/**
* @param string $text
* @return string
* Note : This come from jwtToken, as it is completely private - it is cloned here for now.
*/
private function base64urlEncode (string $text): string
{
return str_replace(["+", "/", "="], ["-", "_", ""], base64_encode($text));
}
/**
* @param string $dn
* @return string
......@@ -204,7 +299,6 @@ class Reminder implements EndpointInterface
/**
* Get the monitored resources for reminder to be activated.
*
* @param array $remindersMainTask
* @return array
*/
......@@ -315,7 +409,7 @@ class Reminder implements EndpointInterface
'fdTasksReminderResource', 'fdTasksReminderState', 'fdTasksReminderPosix', 'fdTasksReminderMailTemplate',
'fdTasksReminderPPolicy', 'fdTasksReminderSupannNewEndDate', 'fdTasksReminderRecipientsMembers', 'fdTasksReminderEmailSender',
'fdTasksReminderManager', 'fdTasksReminderAccountProlongation', 'fdTasksReminderMembers', 'fdTasksReminderNextResource',
'fdTasksReminderNextState', 'fdTasksReminderNextSubState', 'fdTasksReminderSubState'], '', $mainTaskDn);
'fdTasksReminderNextState', 'fdTasksReminderNextSubState', 'fdTasksReminderSubState', 'fdTasksReminderFirstCall', 'fdTasksReminderSecondCall'], '', $mainTaskDn);
}
/**
......@@ -384,7 +478,7 @@ class Reminder implements EndpointInterface
// Each main task reminder
foreach ($reminder as $reminderItem) {
// Each subTask reminder
foreach($reminderItem as $mailDetails) {
foreach ($reminderItem as $mailDetails) {
$numberOfRecipients = count($mailDetails['mail']['recipients']);
$mail_controller = new \FusionDirectory\Mail\MailLib(
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment