new: [user enrollment] send keycloak welcome email to users when enrolled

2022-10-25 10:57:18 +02:00 · 2022-10-25 10:57:18 +02:00 · 84537c52f9
parent b555aed178
commit 84537c52f9
2 changed files with 20 additions and 4 deletions
--- a/src/Model/Behavior/AuthKeycloakBehavior.php
+++ b/src/Model/Behavior/AuthKeycloakBehavior.php
@ -115,7 +115,8 @@ class AuthKeycloakBehavior extends Behavior
        foreach ($roles as $role) {
            $rolesParsed[$role['name']] = $role['id'];
        }
-        if (!$this->createUser($user, $clientId, $rolesParsed)) {
+        $newUserId = $this->createUser($user, $clientId, $rolesParsed);
+        if (!$newUserId) {
            $logChange = [
                'username' => $user['username'],
                'individual_id' => $user['individual']['id'],
@ -141,6 +142,21 @@ class AuthKeycloakBehavior extends Behavior
                'model_title' => __('Successful Keycloak enrollment for user {0}', $user['username']),
                'changed' => $logChange
            ]);
+            $response = $this->restApiRequest(
+                '%s/admin/realms/%s/users/' . urlencode($newUserId) . '/execute-actions-email',
+                ['UPDATE_PASSWORD'],
+                'put'
+            );
+            if (!$response->isOk()) {
+                $responseBody = json_decode($response->getStringBody(), true);
+                $this->_table->auditLogs()->insert([
+                    'request_action' => 'keycloakWelcomeEmail',
+                    'model' => 'User',
+                    'model_id' => 0,
+                    'model_title' => __('Failed to send welcome mail to user ({0}) in keycloak', $user['username']),
+                    'changed' => ['error' => empty($responseBody['errorMessage']) ? 'Unknown error.' : $responseBody['errorMessage']]
+                ]);
+            }
        }
        return true;
    }
@ -373,7 +389,7 @@ class AuthKeycloakBehavior extends Behavior
        return false;
    }

-    private function createUser(array $user, string $clientId, array $rolesParsed): bool
+    private function createUser(array $user, string $clientId, array $rolesParsed): string|bool
    {
        $newUser = [
            'username' => $user['username'],
@ -409,7 +425,7 @@ class AuthKeycloakBehavior extends Behavior
        }
        $user['id'] = $users[0]['id'];
        $this->assignRolesToUser($user, $rolesParsed, $clientId);
-        return true;
+        return $user['id'];
    }

    private function assignRolesToUser(array $user, array $rolesParsed, string $clientId): bool
--- a/src/Model/Table/UsersTable.php
+++ b/src/Model/Table/UsersTable.php
@ -221,7 +221,7 @@ class UsersTable extends AppTable
    {
        if (!empty(Configure::read('keycloak'))) {
            $success = $this->handleUserUpdate($user);
-            return $success;
+            //return $success !== false;
        }
        return true;
    }