[Admin] adjust esCadre auth url for impersonified admin

parti-renaissance · Sep 20, 2024 · b6ac7b6 · b6ac7b6
1 parent 4393393
commit b6ac7b6
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 2 deletions.
diff --git a/features/api/user.feature b/features/api/user.feature
@@ -66,7 +66,7 @@ Feature:
         },
         "tags": [],
         "cadre_access": true,
-        "cadre_auth_path": "/oauth/v2/auth?scope=jemengage_admin&response_type=code&client_id=4498e44f-f214-110d-8b76-98a83f9d2b0c"
+        "cadre_auth_url": "http://test.renaissance.code/oauth/v2/auth?scope=jemengage_admin&response_type=code&client_id=4498e44f-f214-110d-8b76-98a83f9d2b0c"
     }
     """
 

diff --git a/src/Normalizer/JecouteAdherentNormalizer.php b/src/Normalizer/JecouteAdherentNormalizer.php
@@ -7,6 +7,7 @@
 use App\Repository\Jecoute\DataSurveyRepository;
 use App\Repository\OAuth\ClientRepository;
 use App\Security\Voter\DataCornerVoter;
+use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
 use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
 use Symfony\Component\Serializer\Normalizer\NormalizerAwareTrait;
 
@@ -20,6 +21,9 @@ public function __construct(
         private readonly DataSurveyRepository $dataSurveyRepository,
         private readonly AuthorizationCheckerInterface $authorizationChecker,
         private readonly ClientRepository $clientRepository,
+        private readonly UrlGeneratorInterface $urlGenerator,
+        private readonly string $adminRenaissanceHost,
+        private readonly string $userVoxHost,
     ) {
     }
 
@@ -33,7 +37,12 @@ public function normalize($object, $format = null, array $context = [])
         ];
 
         if ($data['cadre_access'] = $this->authorizationChecker->isGranted(DataCornerVoter::DATA_CORNER, $object)) {
-            $data['cadre_auth_path'] = '/oauth/v2/auth?scope='.Scope::JEMENGAGE_ADMIN.'&response_type=code&client_id='.$this->clientRepository->findOneBy(['code' => AppCodeEnum::JEMENGAGE_WEB])->getUuid();
+            $data['cadre_auth_url'] = $this->urlGenerator->generate('app_front_oauth_authorize', [
+                'app_domain' => $this->authorizationChecker->isGranted('ROLE_PREVIOUS_ADMIN') ? $this->adminRenaissanceHost : $this->userVoxHost,
+                'scope' => Scope::JEMENGAGE_ADMIN,
+                'response_type' => 'code',
+                'client_id' => $this->clientRepository->findOneBy(['code' => AppCodeEnum::JEMENGAGE_WEB])->getUuid(),
+            ], UrlGeneratorInterface::ABSOLUTE_URL);
         }
 
         return $data;