use BookStack\Facades\Theme;
use BookStack\Http\HttpRequestService;
use BookStack\Theming\ThemeEvents;
+use BookStack\Uploads\UserAvatars;
use BookStack\Users\Models\User;
use Illuminate\Support\Facades\Cache;
use League\OAuth2\Client\OptionProvider\HttpBasicAuthOptionProvider;
protected RegistrationService $registrationService,
protected LoginService $loginService,
protected HttpRequestService $http,
- protected GroupSyncService $groupService
+ protected GroupSyncService $groupService,
+ protected UserAvatars $userAvatars
) {
}
throw new OidcException($exception->getMessage());
}
+ if ($this->config()['fetch_avatar'] && !$user->avatar()->exists() && $userDetails->picture) {
+ $this->userAvatars->assignToUserFromUrl($user, $userDetails->picture);
+ }
+
if ($this->shouldSyncGroups()) {
$detachExisting = $this->config()['remove_from_groups'];
$this->groupService->syncUserWithFoundGroups($user, $userDetails->groups ?? [], $detachExisting);
if (!$userDetails->isFullyPopulated($this->shouldSyncGroups()) && !empty($settings->userinfoEndpoint)) {
$provider = $this->getProvider($settings);
$request = $provider->getAuthenticatedRequest('GET', $settings->userinfoEndpoint, $accessToken->getToken());
- $response = new OidcUserinfoResponse($provider->getResponse($request));
+ $response = new OidcUserinfoResponse(
+ $provider->getResponse($request),
+ $settings->issuer,
+ $settings->keys,
+ );
try {
- $response->validate($idToken->getClaim('sub'));
+ $response->validate($idToken->getClaim('sub'), $settings->clientId);
} catch (OidcInvalidTokenException $exception) {
throw new OidcException("Userinfo endpoint response validation failed with error: {$exception->getMessage()}");
}
projects / bookstack / blobdiff