From fc02f1f02a1fe76877fa2bc4497b1a5431fe133d Mon Sep 17 00:00:00 2001
From: srosse <none@none>
Date: Wed, 6 Sep 2017 15:37:16 +0200
Subject: [PATCH] no-jira: allow to update the identity authentified by OAuth
 via a secondary system

---
 .../java/org/olat/ldap/LDAPLoginManager.java  |  8 +++++
 .../ldap/manager/LDAPLoginManagerImpl.java    | 29 +++++++++++++++++++
 .../org/olat/login/oauth/OAuthDispatcher.java |  9 ++++--
 .../olat/login/oauth/OAuthUserCreator.java    |  2 ++
 4 files changed, 46 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/olat/ldap/LDAPLoginManager.java b/src/main/java/org/olat/ldap/LDAPLoginManager.java
index cd9514479f1..d4725afd800 100644
--- a/src/main/java/org/olat/ldap/LDAPLoginManager.java
+++ b/src/main/java/org/olat/ldap/LDAPLoginManager.java
@@ -69,6 +69,14 @@ public interface LDAPLoginManager {
 	public void freeSyncLock();
 	
 	public void doSyncSingleUser(Identity ident);
+	
+	/**
+	 * A filter is build from the login attribute value and the resulting
+	 * attributes are sync to the specified identity.
+	 * 
+	 * @param ident The identity to synchronize
+	 */
+	public void doSyncSingleUserWithLoginAttribute(Identity ident);
 
 	public void removeFallBackAuthentications();
 
diff --git a/src/main/java/org/olat/ldap/manager/LDAPLoginManagerImpl.java b/src/main/java/org/olat/ldap/manager/LDAPLoginManagerImpl.java
index bf2addf8bc9..f010eebf289 100644
--- a/src/main/java/org/olat/ldap/manager/LDAPLoginManagerImpl.java
+++ b/src/main/java/org/olat/ldap/manager/LDAPLoginManagerImpl.java
@@ -1430,6 +1430,35 @@ public class LDAPLoginManagerImpl implements LDAPLoginManager, GenericEventListe
 			syncUser(olatProToSync, ident);
 		}
 	}
+	
+	@Override
+	public void doSyncSingleUserWithLoginAttribute(Identity ident) {
+		LdapContext ctx = bindSystem();
+		if (ctx == null) {
+			log.error("could not bind to ldap", null);
+		}
+		
+		String ldapUserIDAttribute = syncConfiguration.getLdapUserLoginAttribute();
+		String filter = ldapDao.buildSearchUserFilter(ldapUserIDAttribute, ident.getName());
+		
+		List<Attributes> ldapUserAttrs = new ArrayList<>();
+		ldapDao.searchInLdap(new LDAPVisitor() {
+			@Override
+			public void visit(SearchResult result) {
+				ldapUserAttrs.add(result.getAttributes());
+			}
+		}, filter, syncConfiguration.getUserAttributes(), ctx);
+		
+		if(ldapUserAttrs.size() == 1) {
+			Attributes attrs = ldapUserAttrs.get(0);
+			Map<String, String> olatProToSync = prepareUserPropertyForSync(attrs, ident);
+			if (olatProToSync != null) {
+				syncUser(olatProToSync, ident);
+			}
+		} else {
+			log.error("Cannot sync the user because it was not found on LDAP server: " + ident);
+		}
+	}
 
 	/**
 	 * @see org.olat.ldap.LDAPLoginManager#getLastSyncDate()
diff --git a/src/main/java/org/olat/login/oauth/OAuthDispatcher.java b/src/main/java/org/olat/login/oauth/OAuthDispatcher.java
index c8c2f65e072..9ed4997dce0 100644
--- a/src/main/java/org/olat/login/oauth/OAuthDispatcher.java
+++ b/src/main/java/org/olat/login/oauth/OAuthDispatcher.java
@@ -150,9 +150,14 @@ public class OAuthDispatcher implements Dispatcher {
 			OAuthRegistration registration = new OAuthRegistration(provider.getProviderName(), infos);
 			login(infos, registration);
 
-			if(registration.getIdentity() == null && provider instanceof OAuthUserCreator) {
+			if(provider instanceof OAuthUserCreator) {
+				Identity newIdentity;
 				OAuthUserCreator userCreator = (OAuthUserCreator)provider;
-				Identity newIdentity = userCreator.createUser(infos);
+				if(registration.getIdentity() == null) {
+					newIdentity = userCreator.createUser(infos);
+				} else {
+					newIdentity = userCreator.updateUser(infos, registration.getIdentity());			
+				}
 				if(newIdentity != null) {
 					registration.setIdentity(newIdentity);
 				}
diff --git a/src/main/java/org/olat/login/oauth/OAuthUserCreator.java b/src/main/java/org/olat/login/oauth/OAuthUserCreator.java
index a5002ec4051..67bd052dfd7 100644
--- a/src/main/java/org/olat/login/oauth/OAuthUserCreator.java
+++ b/src/main/java/org/olat/login/oauth/OAuthUserCreator.java
@@ -34,5 +34,7 @@ import org.olat.login.oauth.model.OAuthUser;
 public interface OAuthUserCreator extends OAuthSPI {
 	
 	public Identity createUser(OAuthUser user);
+	
+	public Identity updateUser(OAuthUser user, Identity identity);
 
 }
-- 
GitLab