Skip to content

Commit ecbece8

Browse files
julien-ncjulien-nc
committed
feat(list-command): include client secret
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
1 parent f9e518e commit ecbece8

1 file changed

Lines changed: 22 additions & 10 deletions

File tree

lib/Command/ListProviders.php

Lines changed: 22 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -9,43 +9,55 @@
99
namespace OCA\UserOIDC\Command;
1010

1111
use OC\Core\Command\Base;
12+
use OCA\UserOIDC\Db\ProviderMapper;
1213
use OCA\UserOIDC\Service\ProviderService;
14+
use OCP\Security\ICrypto;
1315
use Symfony\Component\Console\Input\InputInterface;
1416
use Symfony\Component\Console\Input\InputOption;
1517
use Symfony\Component\Console\Output\OutputInterface;
1618

1719
class ListProviders extends Base {
1820

1921
public function __construct(
22+
private ProviderMapper $providerMapper,
2023
private ProviderService $providerService,
24+
private ICrypto $crypto,
2125
) {
2226
parent::__construct();
2327
}
2428

2529
protected function configure() {
2630
$this
2731
->setName('user_oidc:providers')
28-
->setDescription('List all providers')
32+
->setDescription('List all providers and print their configuration')
2933
->addOption('sensitive', 's', InputOption::VALUE_NONE, 'Obfuscate sensitive values like the client ID and the discovery endpoint domain name');
3034
$this->defaultOutputFormat = self::OUTPUT_FORMAT_JSON_PRETTY;
3135
parent::configure();
3236
}
3337

3438
protected function execute(InputInterface $input, OutputInterface $output) {
3539
$outputFormat = $input->getOption('output') ?? 'json_pretty';
40+
$sensitive = $input->getOption('sensitive');
3641

37-
$providersWithSettings = $this->providerService->getProvidersWithSettings();
38-
if ($input->getOption('sensitive')) {
39-
$providersWithSettings = array_map(function ($provider) {
40-
$provider['clientId'] = '********';
42+
$providers = $this->providerMapper->getProviders();
43+
44+
$providersWithSettings = array_map(function ($provider) use ($sensitive) {
45+
$providerSettings = $this->providerService->getSettings($provider->getId());
46+
$serializedProvider = $provider->jsonSerialize();
47+
if ($sensitive) {
48+
$serializedProvider['clientId'] = '********';
49+
$serializedProvider['clientSecret'] = '********';
4150
try {
42-
$discoveryDomainName = parse_url($provider['discoveryEndpoint'], PHP_URL_HOST);
43-
$provider['discoveryEndpoint'] = str_replace($discoveryDomainName, '********', $provider['discoveryEndpoint']);
51+
$discoveryDomainName = parse_url($serializedProvider['discoveryEndpoint'], PHP_URL_HOST);
52+
$serializedProvider['discoveryEndpoint'] = str_replace($discoveryDomainName, '********', $serializedProvider['discoveryEndpoint']);
4453
} catch (\Exception|\Throwable) {
4554
}
46-
return $provider;
47-
}, $providersWithSettings);
48-
}
55+
} else {
56+
$serializedProvider['clientSecret'] = $this->crypto->decrypt($provider->getClientSecret());
57+
}
58+
return array_merge($serializedProvider, ['settings' => $providerSettings]);
59+
}, $providers);
60+
4961
if ($outputFormat === 'json') {
5062
foreach ($providersWithSettings as $provider) {
5163
$output->writeln(json_encode($provider, JSON_THROW_ON_ERROR));

0 commit comments

Comments
 (0)