You are here

private function WindowsAad::buildUserinfo in OpenID Connect Microsoft Azure Active Directory client 8

Same name and namespace in other branches
  1. 2.0.x src/Plugin/OpenIDConnectClient/WindowsAad.php \Drupal\openid_connect_windows_aad\Plugin\OpenIDConnectClient\WindowsAad::buildUserinfo()

Helper function to do the call to the endpoint and build userinfo array.

Parameters

string $access_token: The access token.

string $url: The endpoint we want to send the request to.

string $upn: The name of the property that holds the Azure username.

string $name: The name of the property we want to map to Drupal username.

Return value

array The userinfo array. Empty array if unsuccessful.

1 call to WindowsAad::buildUserinfo()
WindowsAad::retrieveUserInfo in src/Plugin/OpenIDConnectClient/WindowsAad.php
Implements OpenIDConnectClientInterface::retrieveUserInfo().

File

src/Plugin/OpenIDConnectClient/WindowsAad.php, line 303

Class

WindowsAad
Generic OpenID Connect client.

Namespace

Drupal\openid_connect_windows_aad\Plugin\OpenIDConnectClient

Code

private function buildUserinfo($access_token, $url, $upn, $name) {
  $profile_data = [];

  // Perform the request.
  $options = [
    'method' => 'GET',
    'headers' => [
      'Content-Type' => 'application/json',
      'Authorization' => 'Bearer ' . $access_token,
    ],
  ];
  $client = $this->httpClient;
  try {
    $response = $client
      ->get($url, $options);
    $response_data = (string) $response
      ->getBody();

    // Profile Information.
    $profile_data = json_decode($response_data, TRUE);
    $profile_data['name'] = $profile_data[$name];

    // Azure provides 'mail' for userinfo vs email.
    if (!isset($profile_data['mail'])) {

      // See if we have the Graph otherMails property and use it if available,
      // if not, add the principal name as email instead, so Drupal still will
      // create the user anyway.
      if ($this->configuration['userinfo_graph_api_use_other_mails'] == 1) {
        if (!empty($profile_data['otherMails'])) {

          // Use first occurrence of otherMails attribute.
          $profile_data['email'] = current($profile_data['otherMails']);
        }
      }
      else {

        // Show message to user.
        if ($this->configuration['hide_email_address_warning'] != 1) {
          \Drupal::messenger()
            ->addWarning(t('Email address not found in UserInfo. Used username instead, please check this in your profile.'));
        }

        // Write watchdog warning.
        $variables = [
          '@user' => $profile_data[$upn],
        ];
        $this->loggerFactory
          ->get('openid_connect_windows_aad')
          ->warning('Email address of user @user not found in UserInfo. Used username instead, please check.', $variables);
        $profile_data['email'] = $profile_data[$upn];
      }
    }
    else {

      // OpenID Connect module expects the 'email' token for userinfo.
      $profile_data['email'] = $profile_data['mail'];
    }
  } catch (RequestException $e) {
    $variables = [
      '@error_message' => $e
        ->getMessage(),
    ];
    $this->loggerFactory
      ->get('openid_connect_windows_aad')
      ->error('Could not retrieve user profile information. Details: @error_message', $variables);
  }
  return $profile_data;
}