diff --git a/main/auth/external_login/login.oauth2.php b/main/auth/external_login/login.oauth2.php index 04f8b9082f..3a1ef64c09 100644 --- a/main/auth/external_login/login.oauth2.php +++ b/main/auth/external_login/login.oauth2.php @@ -23,11 +23,16 @@ if ('oauth2' === $uData['auth_source']) { $provider = $plugin->getProvider(); + // Redirect to OAuth2 login. $authUrl = $provider->getAuthorizationUrl(); ChamiloSession::write('oauth2state', $provider->getState()); - // Redirect to OAuth2 login. + if (OAuth2::isFirstLoginAfterAuthSource($uData['user_id'])) { + ChamiloSession::write('aouth2_authorization_url', $authUrl); + $authUrl = api_get_path(WEB_PLUGIN_PATH).'oauth2/redirect_info.php'; + } + header('Location: '.$authUrl); // Avoid execution from here in local.inc.php script. exit; diff --git a/plugin/oauth2/lang/english.php b/plugin/oauth2/lang/english.php index f9c85b3597..6d780b444e 100644 --- a/plugin/oauth2/lang/english.php +++ b/plugin/oauth2/lang/english.php @@ -130,3 +130,5 @@ $strings['UserNotAllowedOnThisPortal'] = 'This user account is not enabled on th $strings['WrongResponseResourceOwnerId'] = 'OAuth2 resource owner identifier value not found at the configured key'; $strings['IssuerNotFound'] = 'Issuer not found'; $strings['AuthorizeUrlNotAllowed'] = 'Authorize URL not allowed'; + +$strings['MessageInfoAboutRedirectToProvider'] = 'You are getting redirected to the common authentication system. Your credentials there are the ones that you typically use for other applications of your organisation. These might be different from the ones you used here previously.'; diff --git a/plugin/oauth2/redirect_info.php b/plugin/oauth2/redirect_info.php new file mode 100644 index 0000000000..4518c6fa57 --- /dev/null +++ b/plugin/oauth2/redirect_info.php @@ -0,0 +1,37 @@ +get(OAuth2::SETTING_ENABLE) + || !ChamiloSession::has('oauth2state') + || !ChamiloSession::has('aouth2_authorization_url') +) { + api_not_allowed(true); +} + +$oauth2authorizationUrl = ChamiloSession::read('aouth2_authorization_url'); + +$htmlHeadXtra[] = ''; + +ChamiloSession::erase('aouth2_authorization_url'); + +$content = '
+
+
+ + '.$plugin->get_lang('MessageInfoAboutRedirectToProvider').' +
+ '.$plugin->get_lang('PleaseWaitThisCouldTakeAWhile').' + +
+
+
+'; + +$template = new Template(); +$template->assign('content', $content); +$template->display_one_col_template(); \ No newline at end of file diff --git a/plugin/oauth2/src/OAuth2.php b/plugin/oauth2/src/OAuth2.php index a1788cbd40..cbbf891b81 100644 --- a/plugin/oauth2/src/OAuth2.php +++ b/plugin/oauth2/src/OAuth2.php @@ -1,6 +1,8 @@ getRepository(TrackELogin::class) + ->findOneBy( + ['loginUserId' => $userId], + ['loginDate' => 'DESC'] + ) + ; + + if (!$lastLogin) { + return false; + } + + $objExtraField = new ExtraField('user'); + $field = $objExtraField->getHandlerEntityByFieldVariable(self::EXTRA_FIELD_OAUTH2_ID); + + $fieldValue = $em + ->getRepository(ExtraFieldValues::class) + ->findOneBy( + ['itemId' => $userId, 'field' => $field] + ) + ; + + if (!$fieldValue) { + return false; + } + + return $fieldValue->getCreatedAt() >= $lastLogin->getLoginDate(); + } }