From 27a2575852f32d957d49ae645fda4661791a3307 Mon Sep 17 00:00:00 2001 From: Orka Arnest CRUZE Date: Wed, 20 Nov 2024 11:59:02 +0100 Subject: [PATCH] =?UTF-8?q?feat:=20d=C3=A9sactiver=20login=20iam=20via=20u?= =?UTF-8?q?ne=20variable=20d'environnement=20#559?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .env | 1 + assets/i18n/i18n.ts | 3 +- assets/i18n/languages/en.tsx | 2 ++ assets/i18n/languages/fr.tsx | 2 ++ assets/pages/LoginDisabled.tsx | 42 +++++++++++++++++++++++++++ assets/router/RouterRenderer.tsx | 3 ++ assets/router/router.ts | 6 ++-- config/parameters.yaml | 1 + src/Controller/SecurityController.php | 10 +++++-- 9 files changed, 65 insertions(+), 5 deletions(-) create mode 100644 assets/pages/LoginDisabled.tsx diff --git a/.env b/.env index ccac282a..f93476da 100644 --- a/.env +++ b/.env @@ -16,6 +16,7 @@ IAM_URL=https://url.to/openid-connect-endpoint IAM_REALM= IAM_CLIENT_ID=registered_app_name IAM_CLIENT_SECRET= +IAM_LOGIN_DISABLED=0 # chemin public du répertoire de sortie pour webpack ENCORE_PUBLIC_PATH=/build/ diff --git a/assets/i18n/i18n.ts b/assets/i18n/i18n.ts index 603425d5..25c9af7d 100644 --- a/assets/i18n/i18n.ts +++ b/assets/i18n/i18n.ts @@ -50,7 +50,8 @@ export type ComponentKey = | typeof import("../entrepot/pages/service/TableSelection").i18n | typeof import("../entrepot/pages/service/AccessRestrictions").i18n | typeof import("../entrepot/pages/service/wms-vector/UploadStyleFile").i18n - | typeof import("../espaceco/pages/communities/EspaceCoCommunitiesTr").i18n; + | typeof import("../espaceco/pages/communities/EspaceCoCommunitiesTr").i18n + | typeof import("../pages/LoginDisabled").i18n; export type Translations = GenericTranslations; export type LocalizedString = Parameters[0]; diff --git a/assets/i18n/languages/en.tsx b/assets/i18n/languages/en.tsx index 72a3c27c..aedf8782 100644 --- a/assets/i18n/languages/en.tsx +++ b/assets/i18n/languages/en.tsx @@ -34,6 +34,7 @@ import { RightsEnTranslations } from "../Rights"; import { StyleEnTranslations } from "../Style"; import type { Translations } from "../i18n"; import { DatasheetUploadFormEnTranslations } from "../../entrepot/pages/datasheet/DatasheetNew/DatasheetUploadForm"; +import { LoginDisabledEnTranslations } from "../../pages/LoginDisabled"; export const translations: Translations<"en"> = { Common: commonEnTranslations, @@ -71,4 +72,5 @@ export const translations: Translations<"en"> = { DatasheetUploadForm: DatasheetUploadFormEnTranslations, DatasheetList: DatasheetListEnTranslations, AccessRestrictions: AccessRestrictionsEnTranslations, + LoginDisabled: LoginDisabledEnTranslations, }; diff --git a/assets/i18n/languages/fr.tsx b/assets/i18n/languages/fr.tsx index 3ace06bb..bc727cf4 100644 --- a/assets/i18n/languages/fr.tsx +++ b/assets/i18n/languages/fr.tsx @@ -34,6 +34,7 @@ import { BreadcrumbFrTranslations } from "../Breadcrumb"; import { RightsFrTranslations } from "../Rights"; import { StyleFrTranslations } from "../Style"; import type { Translations } from "../i18n"; +import { LoginDisabledFrTranslations } from "../../pages/LoginDisabled"; export const translations: Translations<"fr"> = { Common: commonFrTranslations, @@ -71,4 +72,5 @@ export const translations: Translations<"fr"> = { DatasheetUploadForm: DatasheetUploadFormFrTranslations, DatasheetList: DatasheetListFrTranslations, AccessRestrictions: AccessRestrictionsFrTranslations, + LoginDisabled: LoginDisabledFrTranslations, }; diff --git a/assets/pages/LoginDisabled.tsx b/assets/pages/LoginDisabled.tsx new file mode 100644 index 00000000..2656a97b --- /dev/null +++ b/assets/pages/LoginDisabled.tsx @@ -0,0 +1,42 @@ +import { fr } from "@codegouvfr/react-dsfr"; +import Alert from "@codegouvfr/react-dsfr/Alert"; +import Button from "@codegouvfr/react-dsfr/Button"; + +import AppLayout from "../components/Layout/AppLayout"; +import { declareComponentKeys, Translations, useTranslation } from "../i18n/i18n"; +import { routes } from "../router/router"; + +const LoginDisabled = () => { + const { t } = useTranslation("LoginDisabled"); + + return ( + +

{t("title")}

+ + + + +
+ ); +}; + +export default LoginDisabled; + +export const { i18n } = declareComponentKeys<"title" | "description" | "back_to_home">()({ + LoginDisabled, +}); + +export const LoginDisabledFrTranslations: Translations<"fr">["LoginDisabled"] = { + title: "Connexion momentanément désactivée", + description: + "L’accès à la partie connectée du site cartes.gouv.fr est temporairement indisponible en raison de travaux de maintenance de la Géoplateforme. Le reste du site reste accessible. Nous vous remercions de votre compréhension.", + back_to_home: "Revenir à l’accueil", +}; + +export const LoginDisabledEnTranslations: Translations<"en">["LoginDisabled"] = { + title: undefined, + description: undefined, + back_to_home: undefined, +}; diff --git a/assets/router/RouterRenderer.tsx b/assets/router/RouterRenderer.tsx index 42f2ba8e..8e3cdec7 100644 --- a/assets/router/RouterRenderer.tsx +++ b/assets/router/RouterRenderer.tsx @@ -24,6 +24,7 @@ const Accessibility = lazy(() => import("../pages/footer/Accessibility")); const LegalNotice = lazy(() => import("../pages/footer/LegalNotice")); const PersonalData = lazy(() => import("../pages/footer/PersonalData")); const TermsOfService = lazy(() => import("../pages/footer/TermsOfService")); +const LoginDisabled = lazy(() => import("../pages/LoginDisabled")); const Me = lazy(() => import("../entrepot/pages/users/Me")); const MyAccessKeys = lazy(() => import("../entrepot/pages/users/MyAccessKeys")); @@ -108,6 +109,8 @@ const RouterRenderer: FC = () => { return ; case "service_status": return ; + case "login_disabled": + return ; case "my_account": return ; case "my_access_keys": diff --git a/assets/router/router.ts b/assets/router/router.ts index 8a50d07f..b0063091 100644 --- a/assets/router/router.ts +++ b/assets/router/router.ts @@ -6,7 +6,7 @@ export const appRoot = SymfonyRouting.getBaseUrl(); // (document.getElementById( export const catalogueUrl = (document.getElementById("app_env") as HTMLDivElement)?.dataset?.["catalogueUrl"] ?? "/catalogue"; const routeDefs = { - // routes non protégées (doivent être listées plus bas dans publicRoutes) + // NOTE : routes non protégées (doivent être listées plus bas dans publicRoutes) home: defineRoute( { authentication_failed: param.query.optional.number, @@ -34,8 +34,9 @@ const routeDefs = { join: defineRoute(`${appRoot}/nous-rejoindre`), terms_of_service: defineRoute(`${appRoot}/cgu`), service_status: defineRoute(`${appRoot}/niveau-de-service`), + login_disabled: defineRoute(`${appRoot}/connexion-desactivee`), - // routes protégées + // NOTE : routes protégées // utilisateur my_account: defineRoute(`${appRoot}/mon-compte`), my_access_keys: defineRoute(`${appRoot}/mes-cles`), @@ -252,4 +253,5 @@ export const publicRoutes: typeof knownRoutes = [ "join", "terms_of_service", "service_status", + "login_disabled", ]; diff --git a/config/parameters.yaml b/config/parameters.yaml index beb57504..6ed7f0c1 100644 --- a/config/parameters.yaml +++ b/config/parameters.yaml @@ -9,6 +9,7 @@ parameters: iam_realm: "%env(resolve:IAM_REALM)%" iam_client_id: "%env(resolve:IAM_CLIENT_ID)%" iam_client_secret: "%env(resolve:IAM_CLIENT_SECRET)%" + iam_login_disabled: "%env(resolve:IAM_LOGIN_DISABLED)%" sandbox_service_account: client_id: "%env(resolve:SANDBOX_SERVICE_ACCOUNT_CLIENT_ID)%" diff --git a/src/Controller/SecurityController.php b/src/Controller/SecurityController.php index 0132b4cd..1dc02674 100644 --- a/src/Controller/SecurityController.php +++ b/src/Controller/SecurityController.php @@ -12,6 +12,7 @@ use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Routing\Annotation\Route; +use Symfony\Component\Routing\Generator\UrlGeneratorInterface; use Symfony\Component\Routing\RouterInterface; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; @@ -30,8 +31,13 @@ public function login( ClientRegistry $clientRegistry, ParameterBagInterface $params, TokenStorageInterface $tokenStorage, - RouterInterface $router + RouterInterface $router, ): RedirectResponse { + $iamLoginDisabled = boolval($params->get('iam_login_disabled')); + if ($iamLoginDisabled) { + return $this->redirect($this->generateUrl('cartesgouvfr_app', [], UrlGeneratorInterface::ABSOLUTE_URL).'connexion-desactivee'); + } + $referer = $request->headers->get('referer'); $request->getSession()->set('referer', $referer); @@ -84,7 +90,7 @@ public function userInfoEdit(ClientRegistry $clientRegistry): RedirectResponse private function testLogin( TokenStorageInterface $tokenStorage, Request $request, - RouterInterface $router + RouterInterface $router, ): RedirectResponse { $user = User::getTestUser();