You are here

Home » API reference » OpenID Connect / OAuth client 8 » OpenIDConnectSettingsForm.php

class OpenIDConnectSettingsForm in OpenID Connect / OAuth client 8

Same name and namespace in other branches
  1. 2.x src/Form/OpenIDConnectSettingsForm.php \Drupal\openid_connect\Form\OpenIDConnectSettingsForm

Provides the OpenID Connect settings form.

@package Drupal\openid_connect\Form

Hierarchy

Expanded class hierarchy of OpenIDConnectSettingsForm

1 string reference to 'OpenIDConnectSettingsForm'
openid_connect.routing.yml in ./openid_connect.routing.yml
openid_connect.routing.yml

File

src/Form/OpenIDConnectSettingsForm.php, line 21

Namespace

Drupal\openid_connect\Form
View source 
class OpenIDConnectSettingsForm extends ConfigFormBase implements ContainerInjectionInterface {

  /**
   * The OpenID Connect service.
   *
   * @var \Drupal\openid_connect\OpenIDConnect
   */
  protected $openIDConnect;

  /**
   * Drupal\openid_connect\Plugin\OpenIDConnectClientManager definition.
   *
   * @var \Drupal\openid_connect\Plugin\OpenIDConnectClientManager
   */
  protected $pluginManager;

  /**
   * The entity manager.
   *
   * @var \Drupal\Core\Entity\EntityFieldManagerInterface
   */
  protected $entityFieldManager;

  /**
   * The OpenID Connect claims.
   *
   * @var \Drupal\openid_connect\OpenIDConnectClaims
   */
  protected $claims;

  /**
   * OpenID Connect client plugins.
   *
   * @var \Drupal\openid_connect\Plugin\OpenIDConnectClientInterface[]
   */
  protected static $clients;

  /**
   * The constructor.
   *
   * @param \Drupal\Core\Config\ConfigFactoryInterface $config_factory
   *   The config factory.
   * @param \Drupal\openid_connect\OpenIDConnect $openid_connect
   *   The OpenID Connect service.
   * @param \Drupal\openid_connect\Plugin\OpenIDConnectClientManager $plugin_manager
   *   The plugin manager.
   * @param \Drupal\Core\Entity\EntityFieldManagerInterface $entity_field_manager
   *   The entity field manager.
   * @param \Drupal\openid_connect\OpenIDConnectClaims $claims
   *   The claims.
   */
  public function __construct(ConfigFactoryInterface $config_factory, OpenIDConnect $openid_connect, OpenIDConnectClientManager $plugin_manager, EntityFieldManagerInterface $entity_field_manager, OpenIDConnectClaims $claims) {
    parent::__construct($config_factory);
    $this->openIDConnect = $openid_connect;
    $this->pluginManager = $plugin_manager;
    $this->entityFieldManager = $entity_field_manager;
    $this->claims = $claims;
  }

  /**
   * {@inheritdoc}
   */
  public static function create(ContainerInterface $container) {
    return new static($container
      ->get('config.factory'), $container
      ->get('openid_connect.openid_connect'), $container
      ->get('plugin.manager.openid_connect_client'), $container
      ->get('entity_field.manager'), $container
      ->get('openid_connect.claims'));
  }

  /**
   * {@inheritdoc}
   */
  protected function getEditableConfigNames() {
    return [
      'openid_connect.settings',
    ];
  }

  /**
   * {@inheritdoc}
   */
  public function getFormId() {
    return 'openid_connect_admin_settings';
  }

  /**
   * {@inheritdoc}
   */
  public function buildForm(array $form, FormStateInterface $form_state) {
    $settings = $this
      ->configFactory()
      ->getEditable('openid_connect.settings');
    $form['#tree'] = TRUE;
    $form['clients_enabled'] = [
      '#title' => $this
        ->t('Enabled OpenID Connect clients'),
      '#description' => $this
        ->t('Choose enabled OpenID Connect clients.'),
      '#type' => 'checkboxes',
    ];
    $clients = $this
      ->getClients();
    $options = [];
    $clients_enabled = [];
    foreach ($clients as $client_plugin) {
      $plugin_definition = $client_plugin
        ->getPluginDefinition();
      $plugin_id = $plugin_definition['id'];
      $plugin_label = $plugin_definition['label'];
      $options[$plugin_id] = $plugin_label;
      $enabled = $this
        ->configFactory()
        ->getEditable('openid_connect.settings.' . $plugin_id)
        ->get('enabled');
      $clients_enabled[$plugin_id] = (bool) $enabled ? $plugin_id : 0;
      $element = 'clients_enabled[' . $plugin_id . ']';
      $form['clients'][$plugin_id] = [
        '#title' => $plugin_label,
        '#type' => 'fieldset',
        '#tree' => TRUE,
        '#states' => [
          'visible' => [
            ':input[name="' . $element . '"]' => [
              'checked' => TRUE,
            ],
          ],
        ],
      ];
      $form['clients'][$plugin_id]['settings'] = [];
      $subform_state = SubformState::createForSubform($form['clients'][$plugin_id]['settings'], $form, $form_state);
      $form['clients'][$plugin_id]['settings'] += $client_plugin
        ->buildConfigurationForm($form['clients'][$plugin_id]['settings'], $subform_state);
    }
    $form['clients_enabled']['#options'] = $options;
    $form['clients_enabled']['#default_value'] = $clients_enabled;
    $form['override_registration_settings'] = [
      '#type' => 'checkbox',
      '#title' => $this
        ->t('Override registration settings'),
      '#description' => $this
        ->t('If enabled, a user will be registered even if registration is set to "Administrators only".'),
      '#default_value' => $settings
        ->get('override_registration_settings'),
    ];
    $form['always_save_userinfo'] = [
      '#type' => 'checkbox',
      '#title' => $this
        ->t('Save user claims on every login'),
      '#description' => $this
        ->t('If disabled, user claims will only be saved when the account is first created.'),
      '#default_value' => $settings
        ->get('always_save_userinfo'),
    ];
    $form['connect_existing_users'] = [
      '#type' => 'checkbox',
      '#title' => $this
        ->t('Automatically connect existing users'),
      '#description' => $this
        ->t('If disabled, authentication will fail for existing email addresses.'),
      '#default_value' => $settings
        ->get('connect_existing_users'),
    ];
    $form['user_login_display'] = [
      '#type' => 'radios',
      '#title' => $this
        ->t('OpenID buttons display in user login form'),
      '#options' => [
        'hidden' => $this
          ->t('Hidden'),
        'above' => $this
          ->t('Above'),
        'below' => $this
          ->t('Below'),
        'replace' => $this
          ->t('Replace'),
      ],
      '#description' => $this
        ->t("Modify the user login form to show the the OpenID login buttons. If the 'Replace' option is selected, only the OpenID buttons will be displayed. In this case, pass the 'showcore' URL parameter to return to a password-based login form."),
      '#default_value' => $settings
        ->get('user_login_display'),
    ];
    $form['userinfo_mappings'] = [
      '#title' => $this
        ->t('User claims mapping'),
      '#type' => 'fieldset',
    ];
    $form['override_registration_settings'] = [
      '#type' => 'checkbox',
      '#title' => $this
        ->t('Override registration settings'),
      '#description' => $this
        ->t('If enabled, user creation will always be allowed, even if the registration setting is set to require admin approval, or only allowing admins to create users.'),
      '#default_value' => $settings
        ->get('override_registration_settings'),
    ];
    $properties = $this->entityFieldManager
      ->getFieldDefinitions('user', 'user');
    $properties_skip = $this->openIDConnect
      ->userPropertiesIgnore();
    $claims = $this->claims
      ->getOptions();
    $mappings = $settings
      ->get('userinfo_mappings');
    foreach ($properties as $property_name => $property) {
      if (isset($properties_skip[$property_name])) {
        continue;
      }

      // Always map the timezone.
      $default_value = '';
      if ($property_name == 'timezone') {
        $default_value = 'zoneinfo';
      }
      $form['userinfo_mappings'][$property_name] = [
        '#type' => 'select',
        '#title' => $property
          ->getLabel(),
        '#description' => $property
          ->getDescription(),
        '#options' => (array) $claims,
        '#empty_value' => '',
        '#empty_option' => $this
          ->t('- No mapping -'),
        '#default_value' => isset($mappings[$property_name]) ? $mappings[$property_name] : $default_value,
      ];
    }
    return parent::buildForm($form, $form_state);
  }

  /**
   * {@inheritdoc}
   */
  public function validateForm(array &$form, FormStateInterface $form_state) {
    parent::validateForm($form, $form_state);

    // Get clients' enabled status.
    $clients_enabled = $form_state
      ->getValue('clients_enabled');

    // Get client plugins.
    $clients = $this
      ->getClients();

    // Trigger validation for enabled clients.
    foreach ($clients_enabled as $plugin_id => $status) {

      // Whether the client is not enabled.
      if (!(bool) $status) {
        continue;
      }

      // Get subform and subform state.
      $subform = $form['clients'][$plugin_id]['settings'];
      $subform_state = SubformState::createForSubform($subform, $form, $form_state);

      // Let the plugin validate its form.
      $clients[$plugin_id]
        ->validateConfigurationForm($subform, $subform_state);
    }
  }

  /**
   * {@inheritdoc}
   */
  public function submitForm(array &$form, FormStateInterface $form_state) {
    parent::submitForm($form, $form_state);
    $this
      ->config('openid_connect.settings')
      ->set('always_save_userinfo', $form_state
      ->getValue('always_save_userinfo'))
      ->set('connect_existing_users', $form_state
      ->getValue('connect_existing_users'))
      ->set('override_registration_settings', $form_state
      ->getValue('override_registration_settings'))
      ->set('userinfo_mappings', array_filter($form_state
      ->getValue('userinfo_mappings')))
      ->set('user_login_display', $form_state
      ->getValue('user_login_display'))
      ->save();

    // Get clients' enabled status.
    $clients_enabled = $form_state
      ->getValue('clients_enabled');

    // Get client plugins.
    $clients = $this
      ->getClients();

    // Save client settings.
    foreach ($clients_enabled as $plugin_id => $status) {
      $this
        ->configFactory()
        ->getEditable('openid_connect.settings.' . $plugin_id)
        ->set('enabled', (bool) $status)
        ->save();

      // Whether the client is not enabled.
      if (!(bool) $status) {
        continue;
      }

      // Get subform and subform state.
      $subform = $form['clients'][$plugin_id]['settings'];
      $subform_state = SubformState::createForSubform($subform, $form, $form_state);

      // Let the plugin preprocess submitted values.
      $clients[$plugin_id]
        ->submitConfigurationForm($subform, $subform_state);

      // Save plugin settings.
      $this
        ->configFactory()
        ->getEditable('openid_connect.settings.' . $plugin_id)
        ->set('settings', $subform_state
        ->getValues())
        ->save();
    }
  }

  /**
   * Return array of OpenID Connect client plugins.
   *
   * As the list of clients is used several times during form submission,
   * we are using this little helper method and a static collection of
   * initialized client plugins for this form.
   *
   * @return \Drupal\openid_connect\Plugin\OpenIDConnectClientInterface[]
   *   Associative array of OpenID Connect client plugins with client IDs
   *   as keys and the corresponding initialized client plugins as values.
   *
   * @throws \Drupal\Component\Plugin\Exception\PluginException
   */
  protected function getClients() {
    if (!isset(self::$clients)) {
      $clients = [];
      $definitions = $this->pluginManager
        ->getDefinitions();
      ksort($definitions);
      foreach ($definitions as $client_name => $client_plugin) {
        $configuration = $this
          ->configFactory()
          ->getEditable('openid_connect.settings.' . $client_name)
          ->get('settings');

        /** @var \Drupal\openid_connect\Plugin\OpenIDConnectClientInterface $client */
        $client = $this->pluginManager
          ->createInstance($client_name, $configuration ?: []);
        $clients[$client_name] = $client;
      }
      self::$clients = $clients;
    }
    return self::$clients;
  }

}

Members

Namesort descending Modifiers Type Description Overrides
ConfigFormBaseTrait::config protected function Retrieves a configuration object.
DependencySerializationTrait::$_entityStorages protected property An array of entity type IDs keyed by the property name of their storages.
DependencySerializationTrait::$_serviceIds protected property An array of service IDs keyed by property name used for serialization.
DependencySerializationTrait::__sleep public function 1
DependencySerializationTrait::__wakeup public function 2
FormBase::$configFactory protected property The config factory. 1
FormBase::$requestStack protected property The request stack. 1
FormBase::$routeMatch protected property The route match.
FormBase::configFactory protected function Gets the config factory for this form. 1
FormBase::container private function Returns the service container.
FormBase::currentUser protected function Gets the current user.
FormBase::getRequest protected function Gets the request object.
FormBase::getRouteMatch protected function Gets the route match.
FormBase::logger protected function Gets the logger for a specific channel.
FormBase::redirect protected function Returns a redirect response object for the specified route. Overrides UrlGeneratorTrait::redirect
FormBase::resetConfigFactory public function Resets the configuration factory.
FormBase::setConfigFactory public function Sets the config factory for this form.
FormBase::setRequestStack public function Sets the request stack object to use.
LinkGeneratorTrait::$linkGenerator protected property The link generator. 1
LinkGeneratorTrait::getLinkGenerator Deprecated protected function Returns the link generator.
LinkGeneratorTrait::l Deprecated protected function Renders a link to a route given a route name and its parameters.
LinkGeneratorTrait::setLinkGenerator Deprecated public function Sets the link generator service.
LoggerChannelTrait::$loggerFactory protected property The logger channel factory service.
LoggerChannelTrait::getLogger protected function Gets the logger for a specific channel.
LoggerChannelTrait::setLoggerFactory public function Injects the logger channel factory.
MessengerTrait::$messenger protected property The messenger. 29
MessengerTrait::messenger public function Gets the messenger. 29
MessengerTrait::setMessenger public function Sets the messenger.
OpenIDConnectSettingsForm::$claims protected property The OpenID Connect claims.
OpenIDConnectSettingsForm::$clients protected static property OpenID Connect client plugins.
OpenIDConnectSettingsForm::$entityFieldManager protected property The entity manager.
OpenIDConnectSettingsForm::$openIDConnect protected property The OpenID Connect service.
OpenIDConnectSettingsForm::$pluginManager protected property Drupal\openid_connect\Plugin\OpenIDConnectClientManager definition.
OpenIDConnectSettingsForm::buildForm public function Form constructor. Overrides ConfigFormBase::buildForm
OpenIDConnectSettingsForm::create public static function Instantiates a new instance of this class. Overrides ConfigFormBase::create
OpenIDConnectSettingsForm::getClients protected function Return array of OpenID Connect client plugins.
OpenIDConnectSettingsForm::getEditableConfigNames protected function Gets the configuration names that will be editable. Overrides ConfigFormBaseTrait::getEditableConfigNames
OpenIDConnectSettingsForm::getFormId public function Returns a unique string identifying the form. Overrides FormInterface::getFormId
OpenIDConnectSettingsForm::submitForm public function Form submission handler. Overrides ConfigFormBase::submitForm
OpenIDConnectSettingsForm::validateForm public function Form validation handler. Overrides FormBase::validateForm
OpenIDConnectSettingsForm::__construct public function The constructor. Overrides ConfigFormBase::__construct
RedirectDestinationTrait::$redirectDestination protected property The redirect destination service. 1
RedirectDestinationTrait::getDestinationArray protected function Prepares a 'destination' URL query parameter for use with \Drupal\Core\Url.
RedirectDestinationTrait::getRedirectDestination protected function Returns the redirect destination service.
RedirectDestinationTrait::setRedirectDestination public function Sets the redirect destination service.
StringTranslationTrait::$stringTranslation protected property The string translation service. 1
StringTranslationTrait::formatPlural protected function Formats a string containing a count of items.
StringTranslationTrait::getNumberOfPlurals protected function Returns the number of plurals supported by a given language.
StringTranslationTrait::getStringTranslation protected function Gets the string translation service.
StringTranslationTrait::setStringTranslation public function Sets the string translation service to use. 2
StringTranslationTrait::t protected function Translates a string to the current language or to a given language.
UrlGeneratorTrait::$urlGenerator protected property The url generator.
UrlGeneratorTrait::getUrlGenerator Deprecated protected function Returns the URL generator service.
UrlGeneratorTrait::setUrlGenerator Deprecated public function Sets the URL generator service.
UrlGeneratorTrait::url Deprecated protected function Generates a URL or path for a specific route based on the given parameters.