web-base/Core/Objects/DatabaseEntity/SsoProvider.class.php

<?php

namespace Core\Objects\DatabaseEntity;

use Core\Objects\Context;
use Core\Objects\DatabaseEntity\Attribute\ExtendingEnum;
use Core\Objects\DatabaseEntity\Attribute\MaxLength;
use Core\Objects\DatabaseEntity\Attribute\Unique;
use Core\Objects\DatabaseEntity\Controller\DatabaseEntity;
use Core\Objects\SSO\SSOProviderOAuth2;
use Core\Objects\SSO\SSOProviderOIDC;
use Core\Objects\SSO\SSOProviderSAML;

abstract class SsoProvider extends DatabaseEntity {

  const PROTOCOLS = [
    "oidc" => SSOProviderOIDC::class,
    "oauth2" => SSOProviderOAuth2::class,
    "saml" => SSOProviderSAML::class,
  ];

  #[MaxLength(64)]
  private string $name;

  #[MaxLength(36)]
  #[Unique]
  private string $identifier;

  private bool $active;

  #[ExtendingEnum(self::PROTOCOLS)]
  private string $protocol;

  protected string $ssoUrl;

  public function __construct(string $protocol, ?int $id = null) {
    parent::__construct($id);
    $this->protocol = $protocol;
  }

  public static function newInstance(\ReflectionClass $reflectionClass, array $row) {
    $type = $row["protocol"] ?? null;
    if ($type === "saml") {
      return (new \ReflectionClass(SSOProviderSAML::class))->newInstanceWithoutConstructor();
    } else if ($type === "oauth2") {
      return (new \ReflectionClass(SSOProviderOAuth2::class))->newInstanceWithoutConstructor();
    } else if ($type === "oidc") {
      return (new \ReflectionClass(SSOProviderOIDC::class))->newInstanceWithoutConstructor();
    } else {
      return parent::newInstance($reflectionClass, $row);
    }
  }

  protected function buildUrl(string $url, array $params): ?string {
    $parts = parse_url($url);
    if ($parts === false || !isset($parts["host"])) {
      return null;
    }

    if (!isset($parts["query"])) {
      $parts["query"] = http_build_query($params);
    } else {
      $parts["query"] .= "&" . http_build_query($params);
    }

    $parts["scheme"] = $parts["scheme"] ?? "https";
    return unparse_url($parts);
  }

  public function getIdentifier(): string {
    return $this->identifier;
  }

  public abstract function login(Context $context, ?string $redirectUrl);
}
Dev SSO: Tables, SAML 2024-12-30 09:44:47 +01:00			`<?php`

			`namespace Core\Objects\DatabaseEntity;`

			`use Core\Objects\Context;`
			`use Core\Objects\DatabaseEntity\Attribute\ExtendingEnum;`
			`use Core\Objects\DatabaseEntity\Attribute\MaxLength;`
			`use Core\Objects\DatabaseEntity\Attribute\Unique;`
			`use Core\Objects\DatabaseEntity\Controller\DatabaseEntity;`
			`use Core\Objects\SSO\SSOProviderOAuth2;`
			`use Core\Objects\SSO\SSOProviderOIDC;`
			`use Core\Objects\SSO\SSOProviderSAML;`

			`abstract class SsoProvider extends DatabaseEntity {`

			`const PROTOCOLS = [`
			`"oidc" => SSOProviderOIDC::class,`
			`"oauth2" => SSOProviderOAuth2::class,`
			`"saml" => SSOProviderSAML::class,`
			`];`

			`#[MaxLength(64)]`
			`private string $name;`

			`#[MaxLength(36)]`
			`#[Unique]`
			`private string $identifier;`

			`private bool $active;`

			`#[ExtendingEnum(self::PROTOCOLS)]`
			`private string $protocol;`

			`protected string $ssoUrl;`

			`public function __construct(string $protocol, ?int $id = null) {`
			`parent::__construct($id);`
			`$this->protocol = $protocol;`
			`}`

			`public static function newInstance(\ReflectionClass $reflectionClass, array $row) {`
			`$type = $row["protocol"] ?? null;`
			`if ($type === "saml") {`
			`return (new \ReflectionClass(SSOProviderSAML::class))->newInstanceWithoutConstructor();`
			`} else if ($type === "oauth2") {`
			`return (new \ReflectionClass(SSOProviderOAuth2::class))->newInstanceWithoutConstructor();`
			`} else if ($type === "oidc") {`
			`return (new \ReflectionClass(SSOProviderOIDC::class))->newInstanceWithoutConstructor();`
			`} else {`
			`return parent::newInstance($reflectionClass, $row);`
			`}`
			`}`

			`protected function buildUrl(string $url, array $params): ?string {`
			`$parts = parse_url($url);`
			`if ($parts === false \|\| !isset($parts["host"])) {`
			`return null;`
			`}`

			`if (!isset($parts["query"])) {`
			`$parts["query"] = http_build_query($params);`
			`} else {`
			`$parts["query"] .= "&" . http_build_query($params);`
			`}`

			`$parts["scheme"] = $parts["scheme"] ?? "https";`
			`return unparse_url($parts);`
			`}`

			`public function getIdentifier(): string {`
			`return $this->identifier;`
			`}`

			`public abstract function login(Context $context, ?string $redirectUrl);`
			`}`