From d0a46e8f81f0b936f2bc7cfb3881cd9fd18a75e0 Mon Sep 17 00:00:00 2001
From: Lasse Mammen <lkm@bookboon.com>
Date: Wed, 28 Feb 2024 14:37:39 +0000
Subject: [PATCH] chore: remove authenticator

Tested-by: marge-bot <https://bookbooncloud.com/internal/oauth2-client-php/-/merge_requests/10>
Part-of: <https://bookbooncloud.com/internal/oauth2-client-php/-/merge_requests/10>
---
 src/Authenticator.php                   | 133 ------------------------
 src/Event/BookboonOauthOptionsEvent.php |  47 ---------
 src/Event/BookboonOauthUserEvent.php    |  84 ---------------
 3 files changed, 264 deletions(-)
 delete mode 100644 src/Authenticator.php
 delete mode 100644 src/Event/BookboonOauthOptionsEvent.php
 delete mode 100644 src/Event/BookboonOauthUserEvent.php

diff --git a/src/Authenticator.php b/src/Authenticator.php
deleted file mode 100644
index cf296a3..0000000
--- a/src/Authenticator.php
+++ /dev/null
@@ -1,133 +0,0 @@
-<?php
-
-namespace Bookboon\OauthClient;
-
-use Bookboon\OauthClient\Event\BookboonOauthOptionsEvent;
-use Bookboon\OauthClient\Event\BookboonOauthUserEvent;
-use KnpU\OAuth2ClientBundle\Client\ClientRegistry;
-use KnpU\OAuth2ClientBundle\Security\Authenticator\OAuth2Authenticator;
-use RuntimeException;
-use Symfony\Component\EventDispatcher\EventDispatcherInterface;
-use Symfony\Component\HttpFoundation\JsonResponse;
-use Symfony\Component\HttpFoundation\RedirectResponse;
-use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\HttpFoundation\Response;
-use Symfony\Component\Routing\RouterInterface;
-use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
-use Symfony\Component\Security\Core\Exception\AuthenticationException;
-use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
-use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
-use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
-use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
-
-class Authenticator extends OAuth2Authenticator implements AuthenticationEntryPointInterface
-{
-    public const AUTH_PROVIDER = 'auth-service';
-    public const FIRST_REFERER = 'first_referer';
-    public const REMEMBERED_REDIRECT = 'remembered_redirect';
-    public const ERROR_MESSAGE_KEY = 'error_message';
-
-    public function __construct(
-        protected ClientRegistry $_clientRegistry,
-        protected RouterInterface $_router,
-        protected EventDispatcherInterface $_dispatcher,
-        protected string $rejectionRoute = '',
-        protected string $acceptanceRoute = '',
-    ) {
-    }
-
-    public function supports(Request $request): ?bool
-    {
-        return $request->attributes->get('_route') == 'auth_check';
-    }
-
-    public function authenticate(Request $request): Passport
-    {
-        $client = $this->_clientRegistry->getClient(self::AUTH_PROVIDER);
-        $accessToken = $this->fetchAccessToken($client);
-        /** @var BookboonResourceOwner $resourceOwner */
-        $resourceOwner = $client->fetchUserFromToken($accessToken);
-
-        return new SelfValidatingPassport(
-            new UserBadge($accessToken->getToken(), function () use ($accessToken, $resourceOwner, $request) {
-                $event = new BookboonOauthUserEvent($request, $resourceOwner, $accessToken);
-                $this->_dispatcher->dispatch($event);
-                $user = $event->getUser();
-
-                if ($user === null) {
-                    $user = (new AuthServiceUser())
-                        ->setUserId($resourceOwner->getId())
-                        ->setUsername($resourceOwner->getName())
-                        ->setApplicationId($resourceOwner->getApplicationId())
-                        ->setOrganisationId($resourceOwner->getOrganisationId())
-                        ->setBlobId($resourceOwner->getBlobId())
-                        ->setRoles($resourceOwner->getRoles())
-                        ->setEmail($resourceOwner->getEmail())
-                        ->setAccessToken($accessToken);
-                }
-
-                return $user;
-            })
-        );
-    }
-
-    public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
-    {
-        $rememberedRedirect = $request->getSession()->get(self::REMEMBERED_REDIRECT);
-
-        if ($rememberedRedirect) {
-            return new RedirectResponse($rememberedRedirect);
-        }
-
-        $url = '/';
-
-        if ($this->acceptanceRoute !== '') {
-            $url = $this->_router->generate($this->acceptanceRoute);
-        }
-
-        return new RedirectResponse($url);
-    }
-
-    public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
-    {
-        if ($this->rejectionRoute !== '') {
-            return new RedirectResponse($this->_router->generate($this->rejectionRoute, [self::ERROR_MESSAGE_KEY => $exception->getMessage()]));
-        }
-
-        return new Response("access denied", 401);
-    }
-
-    public function start(Request $request, AuthenticationException $authException = null): Response
-    {
-        if ($request->isXmlHttpRequest()) {
-            return new JsonResponse(
-                [
-                    'status' => Response::HTTP_FORBIDDEN,
-                    'message' => 'Unauthorized, needs to revalidate',
-                    'command' => 'refresh'
-                ],
-                403
-            );
-        }
-
-        $event = new BookboonOauthOptionsEvent($request, []);
-        $this->_dispatcher->dispatch($event);
-        $options = $event->getOptions();
-
-        if (str_starts_with($request->getRequestUri(), '/reader/data')) {
-            return new Response('', Response::HTTP_FORBIDDEN);
-        }
-
-        $request->getSession()->set(self::REMEMBERED_REDIRECT, $request->getRequestUri());
-        $request->getSession()->set(self::FIRST_REFERER, $request->headers->get('referer'));
-
-        $retryCounter = (int) $request->query->get('retry', -1);
-        $options['retry'] = ++$retryCounter;
-
-        if ($options['retry'] > 3) {
-            throw new RuntimeException("retries have been exhausted");
-        }
-
-        return $this->_clientRegistry->getClient("auth-service")->redirect([], $options);
-    }
-}
diff --git a/src/Event/BookboonOauthOptionsEvent.php b/src/Event/BookboonOauthOptionsEvent.php
deleted file mode 100644
index 6094d7f..0000000
--- a/src/Event/BookboonOauthOptionsEvent.php
+++ /dev/null
@@ -1,47 +0,0 @@
-<?php
-
-namespace Bookboon\OauthClient\Event;
-
-use Symfony\Component\HttpFoundation\Request;
-
-class BookboonOauthOptionsEvent
-{
-    public function __construct(
-        protected Request $request,
-        protected ?array $options = null
-    )
-    {
-    }
-
-    /**
-     * @return Request
-     */
-    public function getRequest(): Request
-    {
-        return $this->request;
-    }
-
-    /**
-     * @param Request $request
-     */
-    public function setRequest(Request $request): void
-    {
-        $this->request = $request;
-    }
-
-    /**
-     * @return array|null
-     */
-    public function getOptions(): ?array
-    {
-        return $this->options;
-    }
-
-    /**
-     * @param array|null $options
-     */
-    public function setOptions(?array $options): void
-    {
-        $this->options = $options;
-    }
-}
diff --git a/src/Event/BookboonOauthUserEvent.php b/src/Event/BookboonOauthUserEvent.php
deleted file mode 100644
index b67293c..0000000
--- a/src/Event/BookboonOauthUserEvent.php
+++ /dev/null
@@ -1,84 +0,0 @@
-<?php
-
-namespace Bookboon\OauthClient\Event;
-
-use Bookboon\OauthClient\BookboonResourceOwner;
-use League\OAuth2\Client\Token\AccessToken;
-use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\Security\Core\User\UserInterface;
-
-class BookboonOauthUserEvent
-{
-    public function __construct(
-        protected Request $request,
-        protected BookboonResourceOwner $resourceOwner,
-        protected AccessToken $accessToken,
-        protected ?UserInterface $user = null,
-    )
-    {
-    }
-
-    /**
-     * @return Request
-     */
-    public function getRequest(): Request
-    {
-        return $this->request;
-    }
-
-    /**
-     * @param Request $request
-     */
-    public function setRequest(Request $request): void
-    {
-        $this->request = $request;
-    }
-
-    /**
-     * @return BookboonResourceOwner
-     */
-    public function getResourceOwner(): BookboonResourceOwner
-    {
-        return $this->resourceOwner;
-    }
-
-    /**
-     * @param BookboonResourceOwner $resourceOwner
-     */
-    public function setResourceOwner(BookboonResourceOwner $resourceOwner): void
-    {
-        $this->resourceOwner = $resourceOwner;
-    }
-
-    /**
-     * @return AccessToken
-     */
-    public function getAccessToken(): AccessToken
-    {
-        return $this->accessToken;
-    }
-
-    /**
-     * @param AccessToken $accessToken
-     */
-    public function setAccessToken(AccessToken $accessToken): void
-    {
-        $this->accessToken = $accessToken;
-    }
-
-    /**
-     * @return UserInterface|null
-     */
-    public function getUser(): ?UserInterface
-    {
-        return $this->user;
-    }
-
-    /**
-     * @param UserInterface|null $user
-     */
-    public function setUser(?UserInterface $user): void
-    {
-        $this->user = $user;
-    }
-}