feat: authProcFilter for creating member, new page for checking result, new AdapterRpc methods

PerunCreateMember auth proc filter creates member in configured Vo (if does not exist) then
redirects user to page showing the result.

dictionaries/perun.definition.json

@@ -178,5 +178,17 @@
   "403_is_eligible_default_contact": {
     "en": "If you think you have used an account which meets the criteria, and you are still prevented from logging in to the service, please contact us at",
     "cs": "Pokud si myslíte, že používáte správný účet a přístup je Vám odmítnut neprávem, prosíme kontakujte nás na"
+  },
+  "create_member_exception_text": {
+    "en": "Error occured when activating account. Please try again later.",
+    "cs": "Při aktivování účtu se objevila chyba. Zkuste to prosím za chvíli."
+  },
+  "create_member_success_text": {
+    "en": "Your account was successfully activated. Changes should be noticeable within 5-10 minutes.",
+    "cs": "Váš účet byl úspěšně aktivován. Změny by se měly projevit do 5-10 minut."
+  },
+  "create_member_button": {
+    "en": "Continue",
+    "cs": "Pokračovat"
   }
 }

lib/AdapterRpc.php

@@ -844,6 +844,24 @@ class AdapterRpc extends Adapter
         return $facilitiesWithAttributes;
     }
 
+    public function getExtSourceByName(string $extSourceName)
+    {
+        return $this->connector->get(
+            'extSourcesManager',
+            'getExtSourceByName',
+            ['name' => $extSourceName]
+        );
+    }
+
+    public function createMember(int $voId, int $extSourceId, string $extLogin)
+    {
+        $this->connector->post(
+            'membersManager',
+            'createMember',
+            ['vo' => $voId, 'extSource' => $extSourceId, "login" => $extLogin]
+        );
+    }
+
     private function getAttributes($perunAttrs, $attrNamesMap)
     {
         $attributes = [];

lib/Auth/Process/PerunCreateMember.php

+<?php
+
+namespace SimpleSAML\Module\perun\Auth\Process;
+
+use SimpleSAML\Auth\State;
+use SimpleSAML\Configuration;
+use SimpleSAML\Auth\ProcessingFilter;
+use SimpleSAML\Error\Exception;
+use SimpleSAML\Module;
+use SimpleSAML\Module\perun\AdapterRpc;
+use SimpleSAML\Module\perun\Exception as PerunException;
+use SimpleSAML\Module\perun\PerunConstants;
+use SimpleSAML\Utils\HTTP;
+
+class PerunCreateMember extends ProcessingFilter
+{
+    public const TEMPLATE_URL = 'perun:perun-create-member-tpl.php';
+
+    public const REDIRECT_URL = 'perun/perun_create_member.php';
+
+    public const CALLBACK_URL = 'perun/perun_create_member_callback.php';
+
+    public const STAGE = 'perun:PerunCreateMember';
+
+    public const PARAM_WAS_EXCEPTION = 'was_exception';
+
+    public const PARAM_STATE_ID = PerunConstants::STATE_ID;
+
+    public const PARAM_CALLBACK = 'callback';
+
+    public const DEBUG_PREFIX = self::STAGE . ' - ';
+
+    public const UID_ATTR = 'uid_attr';
+
+    public const IDP_ENTITY_ID = 'idp_entity_id';
+
+    public const VO_SHORT_NAME = 'vo_short_name';
+
+    private $config;
+
+    private $userIdAttr;
+
+    private $adapter;
+
+    private $idpEntityId;
+
+    private $voShortName;
+
+    public function __construct($config = null, $reserved = null)
+    {
+        if ($config) {
+            parent::__construct($config, $reserved);
+        }
+        $this->config = Configuration::loadFromArray($config);
+        $this->userIdAttr = $this->config->getString(self::UID_ATTR, null);
+        $this->voShortName = $this->config->getString(self::VO_SHORT_NAME, null);
+        $this->idpEntityId = $this->config->getString(self::IDP_ENTITY_ID, null);
+
+        $this->adapter = new AdapterRpc();
+
+        if (empty($this->userIdAttr)) {
+            throw new Exception(
+                self::DEBUG_PREFIX .
+                'Invalid configuration: no attribute configured for extracting UID. Use option \'' . self::UID_ATTR .
+                '\' to configure list of attributes, that should be considered as IDs for a user'
+            );
+        }
+
+        if (empty($this->voShortName)) {
+            throw new Exception(
+                self::DEBUG_PREFIX .
+                'Invalid configuration: no vo_short_name configured. Use option \'' . self::VO_SHORT_NAME .
+                '\' to configure VO in which member should be created.'
+            );
+        }
+
+        if (empty($this->idpEntityId)) {
+            throw new Exception(
+                self::DEBUG_PREFIX .
+                'Invalid configuration: no idp_entity_id configured. Use option \'' . self::IDP_ENTITY_ID .
+                '\' to configure idp for which this filter will be performed.'
+            );
+        }
+    }
+
+    public function process(&$request)
+    {
+
+        if (isset($request[PerunConstants::ATTRIBUTES][$this->userIdAttr[0]])) {
+            $uid = $request[PerunConstants::ATTRIBUTES][$this->userIdAttr[0]];
+        } else {
+            throw new Exception(
+                self::DEBUG_PREFIX . 'missing user id attribute in request.'
+            );
+        }
+
+        $alreadyMember = false;
+        $wasException = false;
+        try {
+            $extSource = $this->adapter->getExtSourceByName($this->idpEntityId);
+            $vo = $this->adapter->getVoByShortName($this->voShortName);
+            $this->adapter->createMember($vo->getId(), $extSource["id"], $uid);
+        } catch (PerunException $e) {
+            if ($e->getName() === 'AlreadyMemberException') {
+                $alreadyMember = true;
+            } else {
+                $wasException = true;
+            }
+        }
+        if ($alreadyMember) {
+            return;
+        }
+
+        $stateId = State::saveState($request, self::STAGE);
+        $url = Module::getModuleURL(self::REDIRECT_URL);
+
+        $params = [];
+        $params[self::PARAM_WAS_EXCEPTION] = $wasException;
+        $params[self::PARAM_CALLBACK] = Module::getModuleURL(self::CALLBACK_URL, [
+            self::PARAM_STATE_ID => $stateId,
+        ]);
+
+        HTTP::redirectTrustedURL($url, $params);
+    }
+}

templates/perun-create-member-tpl.php

+<?php
+
+declare(strict_types=1);
+
+use SimpleSAML\Module\perun\Auth\Process\PerunCreateMember;
+
+$this->includeAtTemplateBase('includes/header.php');
+?>
+
+  <div class="row">
+    <div>
+        <?php if ($this->data[PerunCreateMember::PARAM_WAS_EXCEPTION]) { ?>
+          <p><?php echo $this->t('{perun:perun:create_member_exception_text}'); ?></p>
+        <?php } else { ?>
+          <p><?php echo $this->t('{perun:perun:create_member_success_text}'); ?></p>
+          <a class="btn btn-lg btn-block btn-primary"
+             href="<?php echo $this->data[PerunCreateMember::PARAM_CALLBACK]; ?>">
+              <?php echo $this->t('{perun:perun:create_member_button}'); ?>
+          </a>
+        <?php } ?>
+
+    </div>
+  </div>
+
+<?php
+$this->includeAtTemplateBase('includes/footer.php');
+?>
\ No newline at end of file

www/perun_create_member.php

+<?php
+
+declare(strict_types=1);
+
+use SimpleSAML\Configuration;
+use SimpleSAML\Module\perun\Auth\Process\PerunCreateMember;
+use SimpleSAML\XHTML\Template;
+
+$config = Configuration::getInstance();
+$t = new Template($config, PerunCreateMember::TEMPLATE_URL);
+$t->data[PerunCreateMember::PARAM_CALLBACK] = $_REQUEST[PerunCreateMember::PARAM_CALLBACK];
+$t->data[PerunCreateMember::PARAM_WAS_EXCEPTION] = $_REQUEST[PerunCreateMember::PARAM_WAS_EXCEPTION];
+
+$t->show();

www/perun_create_member_callback.php

+<?php
+
+use SimpleSAML\Auth\ProcessingChain;
+use SimpleSAML\Auth\State;
+use SimpleSAML\Error\BadRequest;
+use SimpleSAML\Module\perun\Auth\Process\PerunCreateMember;
+
+if (empty($_REQUEST[PerunCreateMember::PARAM_STATE_ID])) {
+    throw new BadRequest('Missing required \'' . PerunCreateMember::PARAM_STATE_ID . '\' query parameter.');
+}
+
+$state = State::loadState($_REQUEST[PerunCreateMember::PARAM_STATE_ID], PerunCreateMember::STAGE);
+
+ProcessingChain::resumeProcessing($state);