.editorconfig

@@ -0,0 +1,16 @@
+[*]
+end_of_line = lf
+insert_final_newline = false
+charset = utf-8
+
+[*.php]
+indent_style = space
+indent_size = 4
+
+[Makefile]
+indent_style = tab
+indent_size = 4
+
+[*.{html,js,json}]
+indent_style = space
+indent_size = 2

.php-cs-fixer.dist.php

@@ -0,0 +1,92 @@
+<?php
+
+$finder = PhpCsFixer\Finder::create()
+    ->in(__DIR__)
+    ->name('*.php')
+    ->exclude('vendor')
+    ->exclude('cache')
+    ->exclude('node_modules');
+
+$rules = [
+    '@PSR12' => true, // Start with PSR-12 rules
+    '@Symfony' => true, // Add Symfony rules for more comprehensive formatting
+    // Additional custom rules
+    // https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/blob/master/doc/rules/index.rst
+    'array_indentation' => true,
+    'array_syntax' => ['syntax' => 'short'],
+    'binary_operator_spaces' => [
+        'default' => 'single_space',
+    ],
+    'yoda_style' => false,
+    'blank_line_after_namespace' => true,
+    'blank_line_after_opening_tag' => true,
+    'increment_style' => ['style' => 'post'],
+    'blank_line_before_statement' => [
+        'statements' => ['return'],
+    ],
+    'cast_spaces' => ['space' => 'none'],
+    'class_attributes_separation' => [
+        'elements' => ['method' => 'one'],
+    ],
+    'concat_space' => ['spacing' => 'one'],
+    'declare_equal_normalize' => ['space' => 'none'],
+    'function_declaration' => ['closure_function_spacing' => 'one'],
+    'include' => true,
+    'indentation_type' => true,
+    'lowercase_cast' => true,
+    'method_argument_space' => ['on_multiline' => 'ensure_fully_multiline'],
+    'new_with_braces' => true,
+    'no_blank_lines_after_class_opening' => true,
+    'no_blank_lines_after_phpdoc' => true,
+    'no_empty_statement' => true,
+    'no_extra_blank_lines' => [
+        'tokens' => [
+            'extra',
+            'throw',
+            'use',
+            'use_trait',
+            'curly_brace_block',
+            'parenthesis_brace_block',
+            'square_brace_block',
+            'switch',
+            'case',
+            'default',
+        ],
+    ],
+    'no_leading_import_slash' => true,
+    'no_leading_namespace_whitespace' => true,
+    'no_mixed_echo_print' => ['use' => 'echo'],
+    'no_multiline_whitespace_around_double_arrow' => true,
+    'no_short_bool_cast' => true,
+    'no_singleline_whitespace_before_semicolons' => true,
+    'no_spaces_around_offset' => ['positions' => ['inside', 'outside']],
+    'no_trailing_comma_in_singleline_array' => true,
+    'no_trailing_whitespace' => true,
+    'no_trailing_whitespace_in_comment' => true,
+    'no_unused_imports' => true,
+    'no_whitespace_before_comma_in_array' => true,
+    'no_whitespace_in_blank_line' => true,
+    'normalize_index_brace' => true,
+    'object_operator_without_whitespace' => true,
+    'ordered_imports' => ['sort_algorithm' => 'alpha'],
+    'semicolon_after_instruction' => true,
+    'short_scalar_cast' => true,
+    'single_blank_line_at_eof' => true,
+    'single_class_element_per_statement' => ['elements' => ['property']],
+    'single_import_per_statement' => true,
+    'single_line_after_imports' => true,
+    'single_quote' => true,
+    'space_after_semicolon' => ['remove_in_empty_for_expressions' => true],
+    'standardize_not_equals' => true,
+    'switch_case_semicolon_to_colon' => true,
+    'switch_case_space' => true,
+    'trailing_comma_in_multiline' => ['elements' => ['arrays']],
+    'trim_array_spaces' => true,
+    'unary_operator_spaces' => true,
+    'whitespace_after_comma_in_array' => true,
+];
+
+return (new PhpCsFixer\Config())
+    ->setRules($rules)
+    ->setFinder($finder)
+    ->setUsingCache(false); // Adjust cache settings as needed

CHANGELOG.md

@@ -1,8 +1,22 @@
 # Changelog
 
+## V1.1.4
+
+add custom scope option
+
+## V1.1.3
+
+Fix typo in documentation
+Improve error handling on 
+
+## V1.1.2
+
+Allow initial for username generation when username in PascalCase or camelCase
+
 ## V1.1.1
 
 Allow display initials instead of username on login modal
+Fix group config invalid on user group suppression
 
 ## V1.1.0
 

README.md

@@ -27,8 +27,14 @@ After installation, you must add the following configuration in your waka.config
                 'clientId' => 'myclientid',
                 'clientSecret' => 'mysecretclientkey',
                 'urlAuthorize' => 'https:#myserver/auth/realms/master/protocol/openid-connect/auth',
-                'urlAccessToken ' => 'https:#myserver/auth/realms/master/protocol/openid-connect/token',
+                'urlAccessToken' => 'https:#myserver/auth/realms/master/protocol/openid-connect/token',
                 'urlResourceOwnerDetails' => 'https:#myserver/auth/realms/master/protocol/openid-connect/userinfo',
+                // optionnal set custom scope for openid token. Default to openid
+                'scopes' => ['openid', 'custom_scope'],
+                 // optionnal set custom scope seperator. Default to ' '
+                'scopeSeparator' => ' ',
+                // optionnal add a final equal to the redirect uri. Somme providers need it, some don't. Default to yes
+                'addFinalEqual' => true,
             ],
             // sso server fieldname used for the user id, this field links an SSO user to a yeswiki user
             'id_sso_field' => 'id',
@@ -150,7 +156,9 @@ After installation, you must add the following configuration in your waka.config
 
 You must configure the OIDC server to accept the redirection from your YesWiki instance.
 Add the following URL to the list of allowed redirections:
-`https://[wiki]/?api/auth_sso/callback=`
+
+If `addFinalEqual` is set to true or not defined, the URL must be `https://[wiki]/?api/auth_sso/callback=` otherwise it must be
+`https://[wiki]/?api/auth_sso/callback`
 
 ## TODO
 

actions/LoginAction.php

@@ -2,14 +2,9 @@
 
 namespace YesWiki\LoginSso;
 
-use Symfony\Component\HttpFoundation\Request;
-use YesWiki\LoginSso\Service\OAuth2ProviderFactory;
 use YesWiki\Core\Controller\AuthController;
-use YesWiki\Core\Service\TemplateEngine;
-use YesWiki\Core\Service\PageManager;
-use YesWiki\Core\Service\UserManager;
-use YesWiki\Login\Exception\LoginException;
 use YesWiki\Core\YesWikiAction;
+use YesWiki\LoginSso\Service\OAuth2ProviderFactory;
 
 class LoginAction extends YesWikiAction
 {
@@ -19,16 +14,18 @@ public function run()
     {
         $this->authController = $this->getService(AuthController::class);
 
-        $action = $_REQUEST["action"] ?? '';
+        $action = $_REQUEST['action'] ?? '';
         switch ($action) {
-            case "connectOAUTH":
-                $this->redirectOAuth((int) $_REQUEST["provider"]);
+            case 'connectOAUTH':
+                $this->redirectOAuth((int)$_REQUEST['provider']);
                 break;
-            case "logout":
-               $this->logout();
+            case 'logout':
+                $this->logout();
+                // no break
             default:
                 return $this->renderDefault();
         }
+
         return null;
     }
 
@@ -37,14 +34,14 @@ private function validateConfig()
         // Verification si le fichier de conf est bien renseigné dans toutes les lignes du tableau
         $allGood = true;
         $error = [];
-        foreach($this->wiki->config['sso_config']['providers'] as $id => $confEntry) {
+        foreach ($this->wiki->config['sso_config']['providers'] as $id => $confEntry) {
             if (strtolower($confEntry['auth_type']) == strtolower('oauth2')) {
                 if (
-                    empty($confEntry['auth_options']['clientId']) ||
-                    empty($confEntry['auth_options']['clientSecret']) ||
-                    empty($confEntry['auth_options']['urlAuthorize']) ||
-                    empty($confEntry['auth_options']['urlAccessToken']) ||
-                    empty($confEntry['auth_options']['urlResourceOwnerDetails'])
+                    empty($confEntry['auth_options']['clientId'])
+                    || empty($confEntry['auth_options']['clientSecret'])
+                    || empty($confEntry['auth_options']['urlAuthorize'])
+                    || empty($confEntry['auth_options']['urlAccessToken'])
+                    || empty($confEntry['auth_options']['urlResourceOwnerDetails'])
                 ) {
                     $allGood = false;
                     $error[] = 'Provider No ' . ($id + 1) . ' : ' . _t('SSO_AUTH_OPTIONS_ERROR');
@@ -56,53 +53,60 @@ private function validateConfig()
 
             if (!isset($confEntry['id_sso_field'])) {
                 $allGood = false;
-                $error[] = 'Provider No '. ($id + 1) . ' : ' . _t('SSO_USER_ID_REQUIRED');
+                $error[] = 'Provider No ' . ($id + 1) . ' : ' . _t('SSO_USER_ID_REQUIRED');
             }
 
             if (!isset($confEntry['email_sso_field'])) {
                 $allGood = false;
-                $error[] = 'Provider No '. ($id + 1) . ' : ' . _t('SSO_USER_EMAIL_REQUIRED');
+                $error[] = 'Provider No ' . ($id + 1) . ' : ' . _t('SSO_USER_EMAIL_REQUIRED');
             }
         }
         if (!$allGood) {
-            throw new \RuntimeException(
-                _t('action {{login}}') . implode(',', $error),
-            );
+            throw new \RuntimeException(_t('action {{login}}') . implode(',', $error));
         }
     }
 
     private function renderDefault(): string
     {
         $this->validateConfig();
         // classe css pour les boutons
-        $btnclass = $this->wiki->GetParameter("btnclass");
+        $btnclass = $this->wiki->GetParameter('btnclass');
         if (empty($btnclass)) {
             $btnclass = 'btn-default';
         }
 
         $user = $this->authController->getLoggedUser();
-        $username = $user["name"] ?? '';
-        if($this->wiki->config['sso_config']['login_username_initials'] ?? false) {
+        $username = $user['name'] ?? '';
+        if ($this->wiki->config['sso_config']['login_username_initials'] ?? false) {
             $username = $this->nameInitials($username);
         }
+
         return $this->render('@loginsso/modal.twig', [
-            "connected" => !empty($user),
-            "user" => $username,
-            "email" => $user["email"] ?? '',
-            "providers" => $this->wiki->config['sso_config']['providers'],
-            "incomingUrl" => $this->wiki->request->getUri(),
-            "btnClass" => $btnclass,
-            "nobtn" => $this->wiki->GetParameter("nobtn")
+            'connected' => !empty($user),
+            'user' => $username,
+            'email' => $user['email'] ?? '',
+            'providers' => $this->wiki->config['sso_config']['providers'],
+            'incomingUrl' => $this->wiki->request->getUri(),
+            'btnClass' => $btnclass,
+            'nobtn' => $this->wiki->GetParameter('nobtn'),
         ]);
     }
 
     private function nameInitials(string $name)
     {
-        $name = explode(' ', $name);
+        $nameExploded = explode(' ', $name);
+        if (count($nameExploded) === 1) {
+            $nameExploded = preg_split('/(?=[A-Z])/', $name);
+        }
+        if ($nameExploded === false) {
+            return $name;
+        }
+
         $initials = '';
-        foreach ($name as $n) {
-            $initials .= mb_strtoupper($n[0]??'') . ' ';
+        foreach ($nameExploded as $n) {
+            $initials .= mb_strtoupper($n[0] ?? '') . ' ';
         }
+
         return trim($initials);
     }
 
@@ -130,7 +134,7 @@ private function logout()
 
     /**
      * Get current url but remove all extension specific actions
-     * Used for post authentification redirection
+     * Used for post authentification redirection.
      */
     private function getIncominUriWithoutAction()
     {
@@ -140,5 +144,4 @@ private function getIncominUriWithoutAction()
 
         return $this->wiki->request->getUriForPath($this->wiki->request->getPathInfo() . '?' . http_build_query($query));
     }
-
 }

actions/linktouserprofil.php

@@ -2,23 +2,24 @@
 /**
  * linktouserprofil : action which displays for a connected user a link to his profil entry
  * The user have to be connected and the 'bazar_user_entry_id' declared in the config file
- * If no 'bazar_user_entry_id' declared the action displays nothing
+ * If no 'bazar_user_entry_id' declared the action displays nothing.
  *
  * @param dash    if dash is equal to  '1', a dash point will be insered before the link
  *
  * @category YesWiki
- * @package  loginsso
+ *
  * @author   Adrien Cheype <adrien.cheype@gmail.com>
  * @license  https://www.gnu.org/licenses/agpl-3.0.en.html AGPL 3.0
- * @link     https://yeswiki.net
+ *
+ * @see     https://yeswiki.net
  */
+
 namespace YesWiki;
 
 use function YesWiki\LoginSso\Lib\bazarUserEntryExists;
 
-
-if (!defined("WIKINI_VERSION")) {
-    die("acc&egrave;s direct interdit");
+if (!defined('WIKINI_VERSION')) {
+    exit('acc&egrave;s direct interdit');
 }
 
 // load the loginsso lib
@@ -27,11 +28,12 @@
 $user = $this->GetUser();
 
 // test if the user is connected and if the 'bazar_user_entry_id' config key is declared
-if (!empty($user) && !empty($this->config['sso_config']) && isset($this->config['sso_config']['bazar_user_entry_id'])){
+if (!empty($user) && !empty($this->config['sso_config']) && isset($this->config['sso_config']['bazar_user_entry_id'])) {
     if (bazarUserEntryExists($this->config['sso_config']['bazar_user_entry_id'], $user['name'])) {
         $content = '';
-        if ($this->GetParameter('dash') == '1')
+        if ($this->GetParameter('dash') == '1') {
             $content .= ' - ';
+        }
         $content .= '[[' . $user['name'] . ' ' . _t('SSO_SEE_USER_PROFIL') . ']]';
         echo $this->Format($content);
     }