luke-
commented
1 year ago Sounds good to me. But I am not sure if we should extend AuthClientHelpers::updateUser with this or create a new OpenId class with image sync support.
As an example, LDAP Image Sync (Professional Edition) uses a different attribute name (jpegPhoto) and no URL but a Base64 encoded value.
Here a short overview how the LDAP AuthClient extends updateUser:
class LdapAuth extends BaseLdapAuth
{
/**
* @inheritdoc
*/
public function init()
{
$this->on(self::EVENT_UPDATE_USER, [$this, 'onUpdateUser']);
$this->on(self::EVENT_CREATE_USER, [$this, 'onUpdateUser']);
// ...
parent::init();
}
/**
* Ensure group and space mapping
*
* @param \yii\web\UserEvent $event
*/
public function onUpdateUser($event)
{
/** @var User $user */
$user = $event->identity;
$attributes = $this->getUserAttributes();
// Handle Profile Images and Group/Space Mappings
}
}
What do you think?
azmeuk
My userbase is stored in an OpenID Connect server, and I would like to sync the groups defined in the OIDC server with Humhub. I looked at the code to tackle this ticket on yii2-authclient, and I noticed that AuthClientHelpers::updateUser would be a good place to update a user groups after login.
Would you be OK for a patch that would edit the
updateUsermethod, so it would read agroupsuser attribute, create groups if not existing, and assign the user to those groups?