chg: [behavior:keycloak] Perform case insensitive comparison

For both cerebrate and keycloak users
develop-unstable
Sami Mokaddem 2022-12-12 16:49:52 +01:00
parent e13dc152e7
commit 178a5b658f
No known key found for this signature in database
GPG Key ID: 164C473F627A06FA
1 changed files with 9 additions and 19 deletions

View File

@ -52,7 +52,7 @@ class AuthKeycloakBehavior extends Behavior
->where(['username' => $profile_payload[$fields['username']]]) ->where(['username' => $profile_payload[$fields['username']]])
->contain('Individuals') ->contain('Individuals')
->first(); ->first();
if ($existingUser['individual']['email'] !== $profile_payload[$fields['email']]) { if (mb_strtolower($existingUser['individual']['email']) !== mb_strtolower($profile_payload[$fields['email']])) {
return false; return false;
} }
return $existingUser; return $existingUser;
@ -297,7 +297,6 @@ class AuthKeycloakBehavior extends Behavior
'modified' => [], 'modified' => [],
]; ];
foreach ($users as &$user) { foreach ($users as &$user) {
$changed = false;
if (empty($keycloakUsersParsed[$user['username']])) { if (empty($keycloakUsersParsed[$user['username']])) {
if ($this->createUser($user, $clientId)) { if ($this->createUser($user, $clientId)) {
$changes['created'][] = $user['username']; $changes['created'][] = $user['username'];
@ -355,16 +354,7 @@ class AuthKeycloakBehavior extends Behavior
private function checkAndUpdateUser(array $keycloakUser, array $user): bool private function checkAndUpdateUser(array $keycloakUser, array $user): bool
{ {
if ( if ($this->checkKeycloakUserRequiresUpdate($keycloakUser, $user)) {
$keycloakUser['enabled'] == $user['disabled'] ||
$keycloakUser['firstName'] !== $user['individual']['first_name'] ||
$keycloakUser['lastName'] !== $user['individual']['last_name'] ||
$keycloakUser['email'] !== $user['individual']['email'] ||
(empty($keycloakUser['attributes']['role_name']) || $keycloakUser['attributes']['role_name'] !== $user['role']['name']) ||
(empty($keycloakUser['attributes']['role_uuid']) || $keycloakUser['attributes']['role_uuid'] !== $user['role']['uuid']) ||
(empty($keycloakUser['attributes']['org_name']) || $keycloakUser['attributes']['org_name'] !== $user['organisation']['name']) ||
(empty($keycloakUser['attributes']['org_uuid']) || $keycloakUser['attributes']['org_uuid'] !== $user['organisation']['uuid'])
) {
$change = [ $change = [
'enabled' => !$user['disabled'], 'enabled' => !$user['disabled'],
'firstName' => $user['individual']['first_name'], 'firstName' => $user['individual']['first_name'],
@ -416,13 +406,13 @@ class AuthKeycloakBehavior extends Behavior
{ {
$condEnabled = $keycloakUser['enabled'] == $user['disabled']; $condEnabled = $keycloakUser['enabled'] == $user['disabled'];
$condFirstname = $keycloakUser['firstName'] !== $user['individual']['first_name']; $condFirstname = mb_strtolower($keycloakUser['firstName']) !== mb_strtolower($user['individual']['first_name']);
$condLastname = $keycloakUser['lastName'] !== $user['individual']['last_name']; $condLastname = mb_strtolower($keycloakUser['lastName']) !== mb_strtolower($user['individual']['last_name']);
$condEmail = $keycloakUser['email'] !== $user['individual']['email']; $condEmail = mb_strtolower($keycloakUser['email']) !== mb_strtolower($user['individual']['email']);
$condRolename = (empty($keycloakUser['attributes']['role_name']) || $keycloakUser['attributes']['role_name'] !== $user['role']['name']); $condRolename = (empty($keycloakUser['attributes']['role_name']) || mb_strtolower($keycloakUser['attributes']['role_name']) !== mb_strtolower($user['role']['name']));
$condRoleuuid = (empty($keycloakUser['attributes']['role_uuid']) || $keycloakUser['attributes']['role_uuid'] !== $user['role']['uuid']); $condRoleuuid = (empty($keycloakUser['attributes']['role_uuid']) || mb_strtolower($keycloakUser['attributes']['role_uuid']) !== mb_strtolower($user['role']['uuid']));
$condOrgname = (empty($keycloakUser['attributes']['org_name']) || $keycloakUser['attributes']['org_name'] !== $user['organisation']['name']); $condOrgname = (empty($keycloakUser['attributes']['org_name']) || mb_strtolower($keycloakUser['attributes']['org_name']) !== mb_strtolower($user['organisation']['name']));
$condOrguuid = (empty($keycloakUser['attributes']['org_uuid']) || $keycloakUser['attributes']['org_uuid'] !== $user['organisation']['uuid']); $condOrguuid = (empty($keycloakUser['attributes']['org_uuid']) || mb_strtolower($keycloakUser['attributes']['org_uuid']) !== mb_strtolower($user['organisation']['uuid']));
if ($condEnabled || $condFirstname || $condLastname || $condEmail || $condRolename || $condRoleuuid || $condOrgname || $condOrguuid) { if ($condEnabled || $condFirstname || $condLastname || $condEmail || $condRolename || $condRoleuuid || $condOrgname || $condOrguuid) {
if ($condEnabled) { if ($condEnabled) {
$differences['enabled'] = ['keycloak' => $keycloakUser['enabled'], 'cerebrate' => $user['disabled']]; $differences['enabled'] = ['keycloak' => $keycloakUser['enabled'], 'cerebrate' => $user['disabled']];