OXDEV-9889 Add provider getter

Author: NikolaIvanovski

src/Authentication/OAuth2/Controller/OAuthController.php

@@ -0,0 +1,74 @@
+<?php
+
+namespace OxidEsales\SecurityModule\Authentication\OAuth2\Controller;
+
+use OxidEsales\Eshop\Application\Controller\FrontendController;
+use OxidEsales\Eshop\Core\Registry;
+use League\OAuth2\Client\Token\AccessTokenInterface;
+use OxidEsales\SecurityModule\Authentication\OAuth2\Service\ProviderCollectorInterface;
+
+class OAuthController extends FrontendController
+{
+    public function redirect()
+    {
+        $providerName = Registry::getRequest()->getRequestEscapedParameter('provider');
+        $collector = $this->getService(ProviderCollectorInterface::class);
+        $provider = $collector->getProvider($providerName);
+
+        if (!$provider) {
+            Registry::getUtilsView()->addErrorToDisplay("Unknown provider: $providerName");
+            return;
+        }
+
+        $state = bin2hex(random_bytes(16));
+        $_SESSION['oauth_state'] = $state;
+
+        $authUrl = $provider->getAuthorizationUrl($state);
+        Registry::getUtils()->redirect($authUrl);
+    }
+
+    public function callback()
+    {
+        $providerName = Registry::getRequest()->getRequestEscapedParameter('provider');
+        $collector = $this->getService(ProviderCollectorInterface::class);
+        $provider = $collector->getProvider($providerName);
+
+        if (!$provider) {
+            Registry::getUtilsView()->addErrorToDisplay("Unknown provider: $providerName");
+            return;
+        }
+
+        $state = Registry::getRequest()->getRequestEscapedParameter('state');
+        if ($state !== ($_SESSION['oauth_state'] ?? null)) {
+            Registry::getUtilsView()->addErrorToDisplay('Invalid OAuth state');
+            return;
+        }
+
+        try {
+            $code = Registry::getRequest()->getRequestEscapedParameter('code');
+            $token = $provider->getAccessToken($code);
+
+            if (!$provider->validateToken($token)) {
+                throw new \RuntimeException('Token invalid or expired');
+            }
+
+            $userInfo = $provider->getUserInfo($token);
+
+            // Now handle login or registration (customize this part)
+            $this->handleUserLogin($providerName, $userInfo);
+
+            Registry::getUtils()->redirect('index.php?cl=account');
+
+        } catch (\Throwable $e) {
+            Registry::getLogger()->error('OAuth callback error: ' . $e->getMessage());
+            Registry::getUtilsView()->addErrorToDisplay('OAuth login failed. Please try again.');
+            Registry::getUtils()->redirect('index.php?cl=login');
+        }
+    }
+
+    protected function handleUserLogin(string $providerName, array $userInfo): void
+    {
+        // TODO: check if user exists by provider ID or email, then log in or create
+        // Example: $userService->loginOrRegisterViaOAuth($providerName, $userInfo);
+    }
+}

src/Authentication/OAuth2/Service/ProviderCollector.php

@@ -16,8 +16,30 @@ public function __construct(
     ) {
     }
 
-    public function getProviders(): iterable
+    /**
+     * @return array<ProviderInterface>
+     */
+    public function getProviders(): array
     {
-        return $this->providers;
+        $result = [];
+
+        foreach ($this->providers as $provider) {
+            $result[$provider->getName()] = $provider;
+        }
+
+        ksort($result);
+
+        return $result;
+    }
+
+    public function getProvider(string $name): ProviderInterface
+    {
+        $providers = $this->getProviders();
+
+        if (!isset($providers[$name])) {
+            throw new ProviderNotFound();
+        }
+
+        return $providers[$name];
     }
 }

src/Authentication/OAuth2/Service/ProviderCollectorInterface.php

@@ -9,5 +9,7 @@
 
 interface ProviderCollectorInterface
 {
-    public function getProviders(): iterable;
+    public function getProviders(): array;
+
+    public function getProvider(string $name): ProviderInterface;
 }

…2/Service/Provider/ProviderInterface.php …ion/OAuth2/Service/ProviderInterface.phpsrc/Authentication/OAuth2/Service/Provider/ProviderInterface.php renamed to src/Authentication/OAuth2/Service/ProviderInterface.php src/Authentication/OAuth2/Service/Provider/ProviderInterface.php renamed to src/Authentication/OAuth2/Service/ProviderInterface.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace OxidEsales\SecurityModule\Authentication\OAuth2\Service\Provider;
+namespace OxidEsales\SecurityModule\Authentication\OAuth2\Service;
 
 use League\OAuth2\Client\Provider\AbstractProvider;
 use League\OAuth2\Client\Token\AccessTokenInterface;
@@ -20,10 +20,8 @@ public function getClient(): AbstractProvider;
 
     /**
      * Get the authorization URL to redirect the user for login/consent.
-     *
-     * @param string $state Random CSRF prevention token.
      */
-    public function getAuthorizationUrl(string $state): string;
+    public function getAuthorizationUrl(): string;
 
     /**
      * Exchange the authorization code for an access token.

src/Authentication/OAuth2/Service/ProviderNotFound.php

@@ -0,0 +1,14 @@
+<?php
+
+/**
+ * Copyright © OXID eSales AG. All rights reserved.
+ * See LICENSE file for license details.
+ */
+
+declare(strict_types=1);
+
+namespace OxidEsales\SecurityModule\Authentication\OAuth2\Service;
+
+class ProviderNotFound extends \Exception
+{
+}

tests/Unit/Authentication/OAuth2/Service/ProviderCollectorTest.php

@@ -9,7 +9,8 @@
 
 namespace Authentication\OAuth2\Service;
 
-use OxidEsales\SecurityModule\Authentication\OAuth2\Service\Provider\ProviderInterface;
+use OxidEsales\SecurityModule\Authentication\OAuth2\Service\ProviderInterface;
+use OxidEsales\SecurityModule\Authentication\OAuth2\Service\ProviderNotFound;
 use OxidEsales\SecurityModule\Authentication\OAuth2\Service\ProviderCollector;
 use PHPUnit\Framework\TestCase;
 
@@ -26,12 +27,29 @@ public function testGetProviders(): void
                 'provider 2',
                 'provider 3'
             ],
-            array_map(fn($provider) => $provider->getName(), $result)
+            array_keys($result)
         );
 
         $this->assertContainsOnlyInstancesOf(ProviderInterface::class, $result);
     }
 
+    public function testGetExistingProvider()
+    {
+        $sut = new ProviderCollector($this->getProviders());
+        $result = $sut->getProvider('provider 2');
+
+        $this->assertInstanceOf(ProviderInterface::class, $result);
+        $this->assertSame('provider 2', $result->getName());
+    }
+
+    public function testGetNotExistingProvider()
+    {
+        $this->expectException(ProviderNotFound::class);
+
+        $sut = new ProviderCollector($this->getProviders());
+        $sut->getProvider('provider 9');
+    }
+
     private function getProviders(): array
     {
         $provider1 = $this->createConfiguredMock(ProviderInterface::class, [