WP110 Refactor uib_feide_openid_connect_pre_authorize

2c1808e5 · Are Johannessen · 098faff6 · 2c1808e5
Commit 2c1808e5 authored 3 months ago by Are Johannessen
--- a/uib_feide.module
+++ b/uib_feide.module
@@ -28,40 +28,42 @@ function uib_feide_openid_connect_pre_authorize($account, array $context) : bool
  // Retrieve the 'uib_feide' settings.
  $config = Drupal::config('uib_feide.user_control_settings');

-  if ($config->get('domains_allowed') !== '') {
-    // Get the SCIM data for the user.
-    $api_service = Drupal::service('plugin.manager.api_connector');
-    $scim_connector = $api_service->createInstance('scim');
-    $scim_data = $scim_connector->fetchScimUser($context['userinfo']['email']);
-    if ($scim_data !== NULL) {
-      $roles = $scim_data->getRoles();
+  if ($config->get('domains_allowed') === '') {
+    return TRUE;
+  }

-      // Check if the user has the correct domain.
-      $domains_allowed = explode("\r", str_replace(["\r\n", "\n"], "\r", $config->get('domains_allowed') ?: ''));
-      $email_account_for_new_user = $context['userinfo']['email'];
+  // Get the SCIM data for the user.
+  $api_service = Drupal::service('plugin.manager.api_connector');
+  $scim_connector = $api_service->createInstance('scim');
+  $scim_data = $scim_connector->fetchScimUser($context['userinfo']['email']);
+  if ($scim_data === FALSE) {
+    return TRUE;
+  }
+  $roles = $scim_data->getRoles();

-      if (str_contains($email_account_for_new_user, '@')) {
-        $domain_for_new_user = explode('@', $email_account_for_new_user)[1];
-        if (in_array($domain_for_new_user, $domains_allowed)) {
-          $domain_matches = TRUE;
-        }
-      }
+  // Check if the user has the correct domain.
+  $domains_allowed = explode("\r", str_replace(["\r\n", "\n"], "\r", $config->get('domains_allowed') ?: ''));
+  $email_account_for_new_user = $context['userinfo']['email'];

-      // Check if the user has the correct variable.
-      $roles_allowed = explode("\r", str_replace(["\r\n", "\n"], "\r", $config->get('roles_allowed') ?: ''));
+  if (str_contains($email_account_for_new_user, '@')) {
+    $domain_for_new_user = explode('@', $email_account_for_new_user)[1];
+    if (in_array($domain_for_new_user, $domains_allowed)) {
+      $domain_matches = TRUE;
+    }
+  }

-      // Check each setting.
-      foreach ($roles_allowed as $role) {
-        if (in_array($role, $roles)) {
-          $role_matches = TRUE;
-          break;
-        }
-      }
+  // Check if the user has the correct variable.
+  $roles_allowed = explode("\r", str_replace(["\r\n", "\n"], "\r", $config->get('roles_allowed') ?: ''));

-      // If both the domain and role matches, then proceed to log in.
-      return $domain_matches && $role_matches;
+  // Check each setting.
+  foreach ($roles_allowed as $role) {
+    if (in_array($role, $roles)) {
+      $role_matches = TRUE;
+      break;
    }
  }

-  return TRUE;
+  // If both the domain and role matches, then proceed to log in.
+  return $domain_matches && $role_matches;
+
 }