Add support for OIDC picture

2024-11-25 17:57:28 +08:00 · 2024-08-24 10:17:09 -04:00 · 2024-08-24 10:17:09 -04:00 · 67e435b2fe
commit 67e435b2fe
parent fa6d66db49
5 changed files with 16 additions and 13 deletions
--- a/app/Access/Oidc/OidcService.php
+++ b/app/Access/Oidc/OidcService.php
@ -214,7 +214,8 @@ class OidcService
            $user = $this->registrationService->findOrRegister(
                $userDetails->name,
                $userDetails->email,
-                $userDetails->externalId
+                $userDetails->externalId,
                $userDetails->picture,
            );
        } catch (UserRegistrationException $exception) {
            throw new OidcException($exception->getMessage());
--- a/app/Access/Oidc/OidcUserDetails.php
+++ b/app/Access/Oidc/OidcUserDetails.php
@ -11,6 +11,7 @@ class OidcUserDetails
        public ?string $email = null,
        public ?string $name = null,
        public ?array $groups = null,
        public ?string $picture = null,
    ) {
    }
@ -40,6 +41,7 @@ class OidcUserDetails
        $this->email = $claims->getClaim('email') ?? $this->email;
        $this->name = static::getUserDisplayName($displayNameClaims, $claims) ?? $this->name;
        $this->groups = static::getUserGroups($groupsClaim, $claims) ?? $this->groups;
        $this->picture = $claims->getClaim('picture') ?? $this->picture;
    }
    protected static function getUserDisplayName(string $displayNameClaims, ProvidesClaims $token): string
--- a/app/Access/RegistrationService.php
+++ b/app/Access/RegistrationService.php
@ -50,7 +50,7 @@ class RegistrationService
     *
     * @throws UserRegistrationException
     */
-    public function findOrRegister(string $name, string $email, string $externalId): User
+    public function findOrRegister(string $name, string $email, string $externalId, string $picture = null): User
    {
        $user = User::query()
            ->where('external_auth_id', '=', $externalId)
@ -64,7 +64,7 @@ class RegistrationService
                'external_auth_id' => $externalId,
            ];
-            $user = $this->registerUser($userData, null, false);
+            $user = $this->registerUser($userData, null, false, $picture);
        }
        return $user;
@ -75,7 +75,7 @@ class RegistrationService
     *
     * @throws UserRegistrationException
     */
-    public function registerUser(array $userData, ?SocialAccount $socialAccount = null, bool $emailConfirmed = false): User
+    public function registerUser(array $userData, ?SocialAccount $socialAccount = null, bool $emailConfirmed = false, string $picture = null): User
    {
        $userEmail = $userData['email'];
        $authSystem = $socialAccount ? $socialAccount->driver : auth()->getDefaultDriver();
@ -96,7 +96,7 @@ class RegistrationService
        }
        // Create the user
-        $newUser = $this->userRepo->createWithoutActivity($userData, $emailConfirmed);
+        $newUser = $this->userRepo->createWithoutActivity($userData, $emailConfirmed, $picture);
        $newUser->attachDefaultRole();
        // Assign social account if given
--- a/app/Uploads/UserAvatars.php
+++ b/app/Uploads/UserAvatars.php
@ -22,7 +22,7 @@ class UserAvatars
    /**
     * Fetch and assign an avatar image to the given user.
     */
-    public function fetchAndAssignToUser(User $user): void
+    public function fetchAndAssignToUser(User $user, string $picture = null): void
    {
        if (!$this->avatarFetchEnabled()) {
            return;
@ -30,7 +30,7 @@ class UserAvatars
        try {
            $this->destroyAllForUser($user);
-            $avatar = $this->saveAvatarImage($user);
+            $avatar = $this->saveAvatarImage($user, 500, $picture);
            $user->avatar()->associate($avatar);
            $user->save();
        } catch (Exception $e) {
@ -72,9 +72,9 @@ class UserAvatars
     *
     * @throws HttpFetchException
     */
-    protected function saveAvatarImage(User $user, int $size = 500): Image
+    protected function saveAvatarImage(User $user, int $size = 500, string $picture = null): Image
    {
-        $avatarUrl = $this->getAvatarUrl();
+        $avatarUrl = $picture ?: $this->getAvatarUrl();
        $email = strtolower(trim($user->email));
        $replacements = [
--- a/app/Users/UserRepo.php
+++ b/app/Users/UserRepo.php
@ -54,7 +54,7 @@ class UserRepo
     *
     * @param array{name: string, email: string, password: ?string, external_auth_id: ?string, language: ?string, roles: ?array} $data
     */
-    public function createWithoutActivity(array $data, bool $emailConfirmed = false): User
+    public function createWithoutActivity(array $data, bool $emailConfirmed = false, string $picture = null): User
    {
        $user = new User();
        $user->name = $data['name'];
@ -74,7 +74,7 @@ class UserRepo
            $this->setUserRoles($user, $data['roles']);
        }
-        $this->downloadAndAssignUserAvatar($user);
+        $this->downloadAndAssignUserAvatar($user, $picture);
        return $user;
    }
@ -199,10 +199,10 @@ class UserRepo
     * Get an avatar image for a user and set it as their avatar.
     * Returns early if avatars disabled or not set in config.
     */
-    protected function downloadAndAssignUserAvatar(User $user): void
+    protected function downloadAndAssignUserAvatar(User $user, string $picture = null): void
    {
        try {
-            $this->userAvatar->fetchAndAssignToUser($user);
+            $this->userAvatar->fetchAndAssignToUser($user, $picture);
        } catch (Exception $e) {
            Log::error('Failed to save user avatar image');
        }