Merge branch 'develop'

Author: tuj

CHANGELOG.md

@@ -4,7 +4,19 @@ All notable changes to this project will be documented in this file.
 
 ## [Unreleased]
 
+## [1.5.0] - 2023-10-26
+
+- [#167](https://github.com/os2display/display-api-service/pull/167)
+  - Removed references to non-existing exception.
+- [#166](https://github.com/os2display/display-api-service/pull/166)
+  - Wrapped feeds in try-catch to avoid throwing errors.
+  - Added unpublished flow to EventDatabase feed when occurrence returns 404.
+  - Fixed EventDatabase feed poster subscription parameters not being applied when calling getData().
+- [#163](https://github.com/os2display/display-api-service/pull/163)
+  - Upgraded `itk-dev/openid-connect-bundle` to use code authorization flow. Updated OpenAPI spec accordingly.
+
 ## [1.4.0] - 2023-09-14
+
 - [#160](https://github.com/os2display/display-api-service/pull/160)
   Added app:feed:list-feed-source command. Removed listing from app:feed:remove-feed-source command.
 - [#159](https://github.com/os2display/display-api-service/pull/159)

README.md

@@ -61,7 +61,7 @@ You can now obtain a token by sending a `POST` request to the
 
 ```curl
 curl -X 'POST' \
-  'http://displayapiservice.local.itkdev.dk/authentication/token' \
+  'http://displayapiservice.local.itkdev.dk/v1/authentication/token' \
   -H 'accept: application/json' \
   -H 'Content-Type: application/json' \
   -d '{
@@ -159,4 +159,4 @@ act -P ubuntu-latest=shivammathur/node:latest pull_request
 
 We use [SemVer](http://semver.org/) for versioning.
 For the versions available, see the
-[tags on this repository](https://github.com/itk-dev/openid-connect/tags).
+[tags on this repository](https://github.com/os2display/display-api-service/tags).

composer.json

@@ -17,7 +17,7 @@
         "doctrine/doctrine-migrations-bundle": "^3.1",
         "doctrine/orm": "^2.9",
         "gesdinet/jwt-refresh-token-bundle": "^1.0",
-        "itk-dev/openid-connect-bundle": "^2.0",
+        "itk-dev/openid-connect-bundle": "^3.0",
         "justinrainbow/json-schema": "^5.2",
         "kubawerlos/php-cs-fixer-custom-fixers": "^3.11",
         "lexik/jwt-authentication-bundle": "^2.14",

composer.lock

@@ -2,7 +2,7 @@ itkdev_openid_connect:
     cache_options:
         cache_pool: 'cache.app' # Cache item pool for caching discovery document and CLI login tokens
     cli_login_options:
-        cli_redirect: '%env(CLI_REDIRECT)%' # Redirect route for CLI login
+        route: '%env(CLI_REDIRECT)%' # Redirect route for CLI login
     openid_providers:
         # Define one or more providers
         # [providerKey]:

config/packages/itkdev_openid_connect.yaml

@@ -23,7 +23,7 @@
                 ],
                 "responses": {
                     "200": {
-                        "description": "Get JWT token from OIDC token",
+                        "description": "Get JWT token from OIDC code",
                         "content": {
                             "application/json": {
                                 "schema": {
@@ -33,7 +33,7 @@
                         }
                     }
                 },
-                "summary": "Get JWT token to login from OIDC token",
+                "summary": "Get JWT token to login from OIDC code",
                 "description": "",
                 "parameters": [
                     {
@@ -47,8 +47,8 @@
                         }
                     },
                     {
-                        "name": "id_token",
-                        "description": "OIDC id token",
+                        "name": "code",
+                        "description": "OIDC code",
                         "in": "query",
                         "required": false,
                         "example": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",

public/api-spec-v1.json

@@ -17,12 +17,12 @@ paths:
         - Authentication
       responses:
         200:
-          description: 'Get JWT token from OIDC token'
+          description: 'Get JWT token from OIDC code'
           content:
             application/json:
               schema:
                 $ref: '#/components/schemas/Token'
-      summary: 'Get JWT token to login from OIDC token'
+      summary: 'Get JWT token to login from OIDC code'
       description: ''
       parameters:
         -
@@ -34,8 +34,8 @@ paths:
           schema:
             type: string
         -
-          name: id_token
-          description: 'OIDC id token'
+          name: code
+          description: 'OIDC code'
           in: query
           required: false
           example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

public/api-spec-v1.yaml

@@ -111,11 +111,11 @@ protected function initialize(InputInterface $input, OutputInterface $output): v
      */
     protected function interact(InputInterface $input, OutputInterface $output): void
     {
-        if (null !== $input->getArgument('email') &&
-            null !== $input->getArgument('password') &&
-            null !== $input->getArgument('full-name') &&
-            null !== $input->getArgument('role') &&
-            null !== $input->getArgument('tenant-keys')
+        if (null !== $input->getArgument('email')
+            && null !== $input->getArgument('password')
+            && null !== $input->getArgument('full-name')
+            && null !== $input->getArgument('role')
+            && null !== $input->getArgument('tenant-keys')
         ) {
             return;
         }

src/Command/User/AddUserCommand.php

@@ -32,7 +32,7 @@ public function __construct(
     #[Route('/v1/authentication/oidc/token', name: 'authentication_oidc_token', methods: ['GET'])]
     public function getToken(Request $request): Response
     {
-        if ($request->query->has('state') && $request->query->has('id_token')) {
+        if ($request->query->has('state') && $request->query->has('code')) {
             try {
                 $passport = $this->oidcAuthenticator->authenticate($request);
 
@@ -71,7 +71,12 @@ public function getUrls(Request $request, SessionInterface $session): Response
             $session->set('oauth2nonce', $nonce);
 
             $data = [
-                'authorizationUrl' => $provider->getAuthorizationUrl(['state' => $state, 'nonce' => $nonce]),
+                'authorizationUrl' => $provider->getAuthorizationUrl([
+                    'state' => $state,
+                    'nonce' => $nonce,
+                    'response_type' => 'code',
+                    'scope' => 'openid email profile',
+                ]),
                 'endSessionUrl' => $provider->getEndSessionUrl(),
             ];
 

src/Controller/AuthOidcController.php

@@ -7,7 +7,6 @@
 use ApiPlatform\Core\DataProvider\RestrictedDataProviderInterface;
 use App\Entity\Tenant\Feed;
 use App\Entity\User;
-use App\Exceptions\MissingFeedConfigurationException;
 use App\Repository\FeedRepository;
 use App\Repository\PlaylistSlideRepository;
 use App\Service\FeedService;
@@ -19,7 +18,6 @@
 use Symfony\Contracts\HttpClient\Exception\ClientExceptionInterface;
 use Symfony\Contracts\HttpClient\Exception\RedirectionExceptionInterface;
 use Symfony\Contracts\HttpClient\Exception\ServerExceptionInterface;
-use Symfony\Contracts\HttpClient\Exception\TransportExceptionInterface;
 
 final class FeedDataProvider implements ItemDataProviderInterface, RestrictedDataProviderInterface
 {
@@ -58,7 +56,7 @@ public function getItem(string $resourceClass, $id, string $operationName = null
         // Get result. If there is a result this is returned.
         try {
             $feed = $queryBuilder->getQuery()->getOneOrNullResult();
-        } catch (NonUniqueResultException $exception) {
+        } catch (NonUniqueResultException) {
             return null;
         }
 
@@ -91,12 +89,10 @@ public function getItem(string $resourceClass, $id, string $operationName = null
                 if ('get' === $operationName || 'get_feed_data' === $operationName) {
                     return new JsonResponse($this->feedService->getData($feed), 200);
                 }
-            } catch (MissingFeedConfigurationException $e) {
-                $this->logger->error(sprintf('Missing configuration for feed with id "%s" with message "%s"', $feed->getId()->jsonSerialize(), $e->getMessage()));
-            } catch (\JsonException $e) {
-                $this->logger->error(sprintf('JSON decode for feed with id "%s" with error "%s"', $feed->getId()->jsonSerialize(), $e->getMessage()));
-            } catch (ClientExceptionInterface|RedirectionExceptionInterface|ServerExceptionInterface|TransportExceptionInterface $e) {
+            } catch (ClientExceptionInterface|RedirectionExceptionInterface|ServerExceptionInterface $e) {
                 $this->logger->error(sprintf('Communication error "%s"', $e->getMessage()));
+            } catch (\Throwable $e) {
+                $this->logger->error(sprintf('Feed data error. ID: %s, MESSAGE: %s', $feed->getId()->jsonSerialize(), $e->getMessage()));
             }
         }
 

src/DataProvider/FeedDataProvider.php

@@ -138,7 +138,7 @@ public function setSha(string $sha): self
         return $this;
     }
 
-    public function setFile(?File $file = null): self
+    public function setFile(File $file = null): self
     {
         $this->file = $file;