<?phpnamespace App\Listener;use App\Constants\AppConstants;use App\Exception\Heimdall\ContractNotFoundException;use App\Exception\UserNotFoundException;use App\Helper\Heimdall\HeimdallHelper;use App\Manager\OrganizationManagerInterface;use App\Manager\ServiceManagerInterface;use App\Manager\UserManagerInterface;use App\Manager\UserProfileManagerInterface;use Lexik\Bundle\JWTAuthenticationBundle\Event\JWTCreatedEvent;use Symfony\Component\Security\Core\User\UserInterface;/** * Class JWTListener. */class JWTListener{ protected OrganizationManagerInterface $organizationManager; private ServiceManagerInterface $serviceManager; protected UserManagerInterface $userManager; protected UserProfileManagerInterface $userProfileManager; public function __construct( OrganizationManagerInterface $organizationManager, ServiceManagerInterface $serviceManager, UserManagerInterface $userManager, UserProfileManagerInterface $userProfileManager ) { $this->organizationManager = $organizationManager; $this->serviceManager = $serviceManager; $this->userManager = $userManager; $this->userProfileManager = $userProfileManager; } /** * Hook for when JWT is created: let's customize the payload. * * @see https://github.com/lexik/LexikJWTAuthenticationBundle/blob/master/Resources/doc/2-data-customization.md * * @return void */ public function onJWTCreated(JWTCreatedEvent $event): void { $eventUser = $event->getUser(); $payload = $event->getData(); $payload['id'] = $eventUser->getId(); $payload['heimdallId'] = $this->getUserHeimdallId($eventUser); $payload['email'] = $eventUser->getEmail(); $payload['firstName'] = $eventUser->getFirstName(); $payload['lastName'] = $eventUser->getLastName(); $payload['ldapUuid'] = $eventUser->getLdapUuid(); $payload['currentContract'] = $this->getCurrentContract($eventUser); $payload['roles'] = $this->getUserRoles($eventUser); $event->setData($payload); } /** * Computes user roles based on which services are activate foreach contract. * * @todo: Documentation on dynamic user ROLE_ voters */ protected function getUserRoles(UserInterface $user): array { $heimdallUser = $this->userManager->findUser($user->getEmail()); $userProfiles = $this->userProfileManager->getUserProfiles($heimdallUser); $rolesUserProfiles = HeimdallHelper::getRolesFromUserProfiles($userProfiles); $user->setHeimdallId($heimdallUser->getId()); $organizationContractServices = $this->organizationManager->getUserOrganizationContractServices($user, false); $services = $this->serviceManager->getServicesByOrganizationContractServices( $organizationContractServices ); $rolesOrganizationContractService = HeimdallHelper::getRolesFromServices($services); return array_merge( [AppConstants::USER_PORTAL_ZEUS], $rolesUserProfiles, $rolesOrganizationContractService ); } /** * Computes user roles based on which services are activate foreach contract. */ protected function getUserHeimdallId(UserInterface $user): ?string { try { $userHeimdall = $this->userManager->findUser($user->getEmail()); } catch (UserNotFoundException $e) { return null; } return $userHeimdall->getId(); } protected function getCurrentContract(UserInterface $user): array { $contract = $user->getCurrentContract(); return [ 'id' => $contract->getId(), 'label' => $contract->getLabel(), 'status' => $contract->getStatus(), 'contractMetadatas' => $contract->getContractMetadatas() ]; }}