From a76cfe2af80bb255b227de5985bd7a06757ed75d Mon Sep 17 00:00:00 2001
From: srosse <none@none>
Date: Tue, 18 Jul 2017 16:24:31 +0200
Subject: [PATCH] CL-732: add a hook to create user after an Oauth login
 without user interaction

---
 .../java/org/olat/ldap/LDAPLoginManager.java  |  3 ++
 .../ldap/manager/LDAPLoginManagerImpl.java    | 18 +++++++++
 .../org/olat/login/oauth/OAuthDispatcher.java |  8 ++++
 .../olat/login/oauth/OAuthUserCreator.java    | 38 +++++++++++++++++++
 4 files changed, 67 insertions(+)
 create mode 100644 src/main/java/org/olat/login/oauth/OAuthUserCreator.java

diff --git a/src/main/java/org/olat/ldap/LDAPLoginManager.java b/src/main/java/org/olat/ldap/LDAPLoginManager.java
index e3e58f7fb55..cd9514479f1 100644
--- a/src/main/java/org/olat/ldap/LDAPLoginManager.java
+++ b/src/main/java/org/olat/ldap/LDAPLoginManager.java
@@ -43,6 +43,9 @@ public interface LDAPLoginManager {
 
 	public boolean changePassword(Identity identity, String pwd, LDAPError errors);
 	
+
+	public Identity createAndPersistUser(String uid);
+	
 	public Identity createAndPersistUser(Attributes userAttributes);
 	
 	public Map<String,String> prepareUserPropertyForSync(Attributes attributes, Identity identity);
diff --git a/src/main/java/org/olat/ldap/manager/LDAPLoginManagerImpl.java b/src/main/java/org/olat/ldap/manager/LDAPLoginManagerImpl.java
index b0995f1e2d1..ec69dea6b8b 100644
--- a/src/main/java/org/olat/ldap/manager/LDAPLoginManagerImpl.java
+++ b/src/main/java/org/olat/ldap/manager/LDAPLoginManagerImpl.java
@@ -483,6 +483,24 @@ public class LDAPLoginManagerImpl implements LDAPLoginManager, GenericEventListe
 		userManager.updateUser(user);
 	}
 
+	@Override
+	public Identity createAndPersistUser(String uid) {
+		String ldapUserIDAttribute = syncConfiguration.getOlatPropertyToLdapAttribute(LDAPConstants.LDAP_USER_IDENTIFYER);
+		String filter = ldapDao.buildSearchUserFilter(ldapUserIDAttribute, uid);
+		LdapContext ctx = bindSystem();
+		String userDN = ldapDao.searchUserDNByUid(uid, ctx);
+		LDAPUserVisitor visitor = new LDAPUserVisitor(syncConfiguration);	
+		ldapDao.search(visitor, userDN, filter, syncConfiguration.getUserAttributes(), ctx);
+
+		Identity newIdentity = null;
+		List<LDAPUser> ldapUser = visitor.getLdapUserList();
+		if(ldapUser != null && ldapUser.size() > 0) {
+			Attributes userAttributes = ldapUser.get(0).getAttributes();
+			newIdentity = createAndPersistUser(userAttributes);
+		}
+		return newIdentity;
+	}
+
 	/**
 	 * Creates User in OLAT and ads user to LDAP securityGroup Required Attributes
 	 * have to be checked before this method.
diff --git a/src/main/java/org/olat/login/oauth/OAuthDispatcher.java b/src/main/java/org/olat/login/oauth/OAuthDispatcher.java
index beb09fceab7..c8c2f65e072 100644
--- a/src/main/java/org/olat/login/oauth/OAuthDispatcher.java
+++ b/src/main/java/org/olat/login/oauth/OAuthDispatcher.java
@@ -149,6 +149,14 @@ public class OAuthDispatcher implements Dispatcher {
 
 			OAuthRegistration registration = new OAuthRegistration(provider.getProviderName(), infos);
 			login(infos, registration);
+
+			if(registration.getIdentity() == null && provider instanceof OAuthUserCreator) {
+				OAuthUserCreator userCreator = (OAuthUserCreator)provider;
+				Identity newIdentity = userCreator.createUser(infos);
+				if(newIdentity != null) {
+					registration.setIdentity(newIdentity);
+				}
+			}
 			
 			if(registration.getIdentity() == null) {
 				if(CoreSpringFactory.getImpl(OAuthLoginModule.class).isAllowUserCreation()) {
diff --git a/src/main/java/org/olat/login/oauth/OAuthUserCreator.java b/src/main/java/org/olat/login/oauth/OAuthUserCreator.java
new file mode 100644
index 00000000000..a5002ec4051
--- /dev/null
+++ b/src/main/java/org/olat/login/oauth/OAuthUserCreator.java
@@ -0,0 +1,38 @@
+/**
+ * <a href="http://www.openolat.org">
+ * OpenOLAT - Online Learning and Training</a><br>
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License"); <br>
+ * you may not use this file except in compliance with the License.<br>
+ * You may obtain a copy of the License at the
+ * <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache homepage</a>
+ * <p>
+ * Unless required by applicable law or agreed to in writing,<br>
+ * software distributed under the License is distributed on an "AS IS" BASIS, <br>
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. <br>
+ * See the License for the specific language governing permissions and <br>
+ * limitations under the License.
+ * <p>
+ * Initial code contributed and copyrighted by<br>
+ * frentix GmbH, http://www.frentix.com
+ * <p>
+ */
+package org.olat.login.oauth;
+
+import org.olat.core.id.Identity;
+import org.olat.login.oauth.model.OAuthUser;
+
+/**
+ * 
+ * Implement this interface if your service provider can
+ * automatically create the user without user interaction.
+ * 
+ * Initial date: 18 juil. 2017<br>
+ * @author srosse, stephane.rosse@frentix.com, http://www.frentix.com
+ *
+ */
+public interface OAuthUserCreator extends OAuthSPI {
+	
+	public Identity createUser(OAuthUser user);
+
+}
-- 
GitLab