refactor: remove OpenAM logic

composer.json

@@ -34,7 +34,7 @@
         "laminas/laminas-view": "^2.5",
         "lm-commons/lmc-rbac-mvc": "^3.0",
         "firebase/php-jwt": "^6.0",
-        "olcs/olcs-auth": "^6.0.0",
+        "olcs/olcs-auth": "^7.0",
         "olcs/olcs-common": "^6.0.0",
         "olcs/olcs-logging": "^6.0.0",
         "olcs/olcs-transfer": "^6.0.0",

config/autoload/config.global.php

@@ -76,14 +76,6 @@
     // Asset path, URI to olcs-static (CSS, JS, etc] *Environment specific*
     'asset_path' => '/static/public',
 
-    'openam' => [
-        'url' => 'http://iuauth.%domain%:8080/secure/',
-        'realm' => 'internal',
-        'cookie' => [
-            'domain' => '%olcs_iu_cookie%',
-        ]
-    ],
-
     /**
      * Configure the location of the application log
      */

module/Olcs/config/submission/submission.config.php

@@ -1,4 +1,5 @@
 <?php
+
 return [
     'mandatory-sections' => [
         'case-summary',

module/Olcs/src/Controller/AbstractInternalController.php

@@ -49,7 +49,7 @@
  * @method Response handleQuery(QueryInterface $query)
  * @method Response handleCommand(CommandInterface $query)
  * @method Redirect redirect()
- * @method Plugin\Confirm confirm(string $string, bool $setTerminal, string|null $custom, string $customConfirmBtn , string $customCancelBtn)
+ * @method Plugin\Confirm confirm(string $label, bool $setTerminal = false, string $custom = '', string $confirmBtnLabel = 'Continue', string $cancelBtnLabel = 'Cancel') Invokes a confirmation dialog with optional parameters for customization.
  */
 abstract class AbstractInternalController extends AbstractOlcsController
 {

module/Olcs/src/Controller/Auth/LoginController.php

@@ -8,7 +8,6 @@
 use Common\Controller\Plugin\Redirect;
 use Common\Service\Helper\FormHelperService;
 use Dvsa\Olcs\Auth\Container\AuthChallengeContainer;
-use Dvsa\Olcs\Auth\Service\Auth\CookieService;
 use Laminas\Authentication\Adapter\ValidatableAdapterInterface;
 use Laminas\Authentication\Result;
 use Laminas\EventManager\Event;
@@ -23,7 +22,6 @@
 use Laminas\Router\Http\RouteMatch;
 use Laminas\View\Model\ViewModel;
 use Olcs\Form\Model\Form\Auth\Login;
-use Olcs\Form\Model\Form\Auth\LoginForm;
 
 class LoginController implements InjectApplicationEventInterface
 {
@@ -38,7 +36,6 @@ class LoginController implements InjectApplicationEventInterface
     public const ROUTE_AUTH_EXPIRED_PASSWORD = 'auth/expired-password';
     public const ROUTE_AUTH_LOGIN_GET = 'auth/login/GET';
     public const ROUTE_DASHBOARD = 'dashboard';
-    public const DVSA_OLCS_AUTH_CLIENT_OPENAM = 'Dvsa\Olcs\Auth\Client\OpenAm';
     public const CHALLENGE_NEW_PASSWORD_REQUIRED = 'NEW_PASSWORD_REQUIRED';
     public const DVSA_OLCS_AUTH_CLIENT_COGNITO = 'Dvsa\Olcs\Auth\Client\CognitoAdapter';
 
@@ -50,11 +47,6 @@ class LoginController implements InjectApplicationEventInterface
     /** @var AuthenticationServiceInterface */
     protected $authenticationService;
 
-    /**
-     * @var CookieService
-     */
-    private $cookieService;
-
     /**
      * @var event;
      */
@@ -99,7 +91,6 @@ class LoginController implements InjectApplicationEventInterface
      * LoginController constructor.
      * @param ValidatableAdapterInterface $authenticationAdapter
      * @param AuthenticationServiceInterface $authenticationService
-     * @param CookieService $cookieService
      * @param CurrentUser $currentUser
      * @param FlashMessenger $flashMessenger
      * @param FormHelperService $formHelper
@@ -111,7 +102,6 @@ class LoginController implements InjectApplicationEventInterface
     public function __construct(
         ValidatableAdapterInterface $authenticationAdapter,
         AuthenticationServiceInterface $authenticationService,
-        CookieService $cookieService,
         CurrentUser $currentUser,
         FlashMessenger $flashMessenger,
         FormHelperService $formHelper,
@@ -122,7 +112,6 @@ public function __construct(
     ) {
         $this->authenticationAdapter = $authenticationAdapter;
         $this->authenticationService = $authenticationService;
-        $this->cookieService = $cookieService;
         $this->currentUser = $currentUser;
         $this->flashMessenger = $flashMessenger;
         $this->formHelper = $formHelper;
@@ -281,45 +270,22 @@ protected function attemptAuthentication(Request $request): Result
     }
 
     /**
+     * Handles successful authentication.
+     *
      * @param Result $result
      * @param Response $response
      * @param Request $request
      * @return Response
      */
     private function handleSuccessfulAuthentication(Result $result, Response $response, Request $request)
     {
-        switch ($result->getIdentity()['provider']) {
-            case static::DVSA_OLCS_AUTH_CLIENT_OPENAM:
-                return $this->handleSuccessOpenAMResult($result->getIdentity(), $request, $response);
-            case self::DVSA_OLCS_AUTH_CLIENT_COGNITO:
-                return $this->handleSuccessCognitoResult();
-            default:
-                return $this->redirectHelper->toRoute(static::ROUTE_AUTH_LOGIN_GET);
-        }
-    }
-
-    /**
-     * @param array $identity
-     * @param Request $request
-     * @param Response $response
-     * @return Response
-     */
-    private function handleSuccessOpenAMResult(array $identity, Request $request, Response $response)
-    {
-        $gotoUrl = $request->getQuery('goto', '');
-
-        $this->cookieService->createTokenCookie($response, $identity['tokenId'], false);
+        $identityProvider = $result->getIdentity()['provider'];
 
-        // The "goto" URL added by openAm is always http, if we are running https, then need to change it
-        if ($request->getUri()->getScheme() === 'https') {
-            $gotoUrl = str_replace('http://', 'https://', $gotoUrl);
+        if ($identityProvider === self::DVSA_OLCS_AUTH_CLIENT_COGNITO) {
+            return $this->handleSuccessCognitoResult();
         }
 
-        if ($this->validateGotoUrl($gotoUrl, $request)) {
-            return $this->redirectHelper->toUrl($gotoUrl);
-        }
-
-        return $this->redirectHelper->toRoute(static::ROUTE_DASHBOARD);
+        return $this->redirectHelper->toRoute(static::ROUTE_AUTH_LOGIN_GET);
     }
 
     /**
@@ -361,10 +327,7 @@ private function handleChallengeResult(array $messages): Response
         switch ($messages['challengeName']) {
             case AuthChallengeContainer::CHALLENEGE_NEW_PASWORD_REQUIRED:
                 $this->applyAuthChallengeContainer($messages);
-                return $this->redirectHelper->toRoute(
-                    self::ROUTE_AUTH_EXPIRED_PASSWORD,
-                    $messages['challengeParameters'] // TODO: Remove passing this in once OpenAM removed
-                );
+                return $this->redirectHelper->toRoute(self::ROUTE_AUTH_EXPIRED_PASSWORD);
             default:
                 // Unsupported challenge so redirect to login page
                 return $this->redirectHelper->toRoute(self::ROUTE_AUTH_LOGIN_GET);
@@ -376,12 +339,6 @@ private function handleChallengeResult(array $messages): Response
      */
     private function applyAuthChallengeContainer(array $messages): void
     {
-        // OpenAM this key won't exist so we skip adding into session
-        // TODO: Remove this check once OpenAM is removed
-        if (!array_key_exists('USER_ID_FOR_SRP', $messages['challengeParameters'])) {
-            return;
-        }
-
         $this->authChallengeContainer
             ->setChallengeName($messages['challengeName'])
             ->setChallengeSession($messages['challengeSession'])

module/Olcs/src/Controller/Auth/LoginControllerFactory.php

@@ -31,7 +31,6 @@ public function __invoke(ContainerInterface $container, $requestedName, array $o
         $controller = new LoginController(
             $container->get(InternalCommandAdapter::class),
             $container->get(AuthenticationServiceInterface::class),
-            $container->get('Auth\CookieService'),
             $controllerPluginManager->get(CurrentUser::class),
             $controllerPluginManager->get(FlashMessenger::class),
             $container->get(FormHelperService::class),

module/Olcs/src/Controller/Cases/Submission/SubmissionController.php

@@ -45,6 +45,8 @@ class SubmissionController extends AbstractInternalController implements Submiss
 
     protected $routeIdentifier = 'submission';
 
+    protected $sectionId;
+
     /**
      * @var array
      */

module/Olcs/src/Controller/Licence/LicenceController.php

@@ -27,6 +27,7 @@ class LicenceController extends AbstractController implements LicenceControllerI
     protected ComplaintsHelperService $complaintsHelper;
 
     protected $navigation;
+    protected $lva;
 
     protected FlashMessengerHelperService $flashMessengerHelper;
 

module/Olcs/src/Controller/Lva/Licence/TransportManagersController.php

@@ -118,14 +118,14 @@ protected function delete()
         }
 
         /**
- * @var \Laminas\Http\Request $request
-*/
+        * @var \Laminas\Http\Request $request
+        */
         $request = $this->getRequest();
 
         $formHelper = $this->formHelper;
         /**
- * @var \Common\Form\Form $form
-*/
+        * @var \Common\Form\Form $form
+        */
         $form = $formHelper->createFormWithRequest($this->getDeleteConfirmationForm(), $request);
 
         $form->setData((array)$request->getPost());

module/Olcs/src/Controller/TransportManager/TransportManagerController.php

@@ -99,8 +99,8 @@ public function mergeAction()
         $transportManagerId = (int) $this->params()->fromRoute('transportManager');
 
         /**
- * @var \Laminas\Http\Request $request
-*/
+        * @var \Laminas\Http\Request $request
+        */
         $request = $this->getRequest();
         if ($request->isPost()) {
             $data = (array)$request->getPost();

test/Admin/src/Data/Mapper/DataRetentionAssignTest.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace AdminTest\Data\Mapper;
 
 use Mockery as m;

test/Admin/src/Listener/RouteParam/IrhpPermitAdminFurnitureTest.php

@@ -5,6 +5,7 @@
  *
  * @author Scott Callaway <[email protected]>
  */
+
 namespace AdminTest\Listener\RouteParam;
 
 use Common\Exception\ResourceNotFoundException;

test/Admin/src/Navigation/UserDetailsNavigationFactoryTest.php

@@ -21,7 +21,7 @@ class UserDetailsNavigationFactoryTest extends MockeryTestCase
 {
     public function testGetName()
     {
-        $sut = new UserDetailsNavigationFactory;
+        $sut = new UserDetailsNavigationFactory();
 
         $this->assertEquals('user-details', $sut->getName());
     }

test/Olcs/src/Controller/Auth/LoginControllerFactoryTest.php

@@ -53,7 +53,6 @@ public function __invoke_ReturnsAnInstanceOfDispatcherWithLoginController()
         $sm->method('get')->willReturnMap([
             [InternalCommandAdapter::class, $this->createMock(InternalCommandAdapter::class)],
             [AuthenticationServiceInterface::class, $this->createMock(AuthenticationServiceInterface::class)],
-            ['Auth\CookieService', $this->createMock(CookieService::class)],
             [CurrentUser::class, $this->createMock(CurrentUser::class)],
             [FlashMessenger::class, $this->createMock(FlashMessenger::class)],
             [FormHelperService::class, $this->createMock(FormHelperService::class)],