From 2464df72d922402f2dd0a31cd177c55ad9f53293 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Gu=C3=A9rin?= <sebastien@bird.eu>
Date: Sun, 10 Nov 2024 00:13:56 +0000
Subject: [PATCH] feat(wip): adds handling of token on login

---
 Api/AuthenticatorInterface.php | 14 ++++++++
 Model/Authenticator.php        | 50 ++++++++++++++++++++++++++++
 Observer/AdminLoginCookie.php  | 61 ++++++++++++++++++++++++++++++++++
 etc/config.xml                 |  3 ++
 etc/di.xml                     |  2 +-
 etc/events.xml                 |  8 +++++
 etc/webapi.xml                 |  6 ++++
 7 files changed, 143 insertions(+), 1 deletion(-)
 create mode 100644 Api/AuthenticatorInterface.php
 create mode 100644 Model/Authenticator.php
 create mode 100644 Observer/AdminLoginCookie.php
 create mode 100644 etc/events.xml

diff --git a/Api/AuthenticatorInterface.php b/Api/AuthenticatorInterface.php
new file mode 100644
index 0000000..a58c74a
--- /dev/null
+++ b/Api/AuthenticatorInterface.php
@@ -0,0 +1,14 @@
+<?php
+
+namespace Opengento\BetterBo\Api;
+
+use Magento\Framework\Exception\AuthenticationException;
+
+interface AuthenticatorInterface
+{
+    /**
+     * @return string
+     * @throws AuthenticationException
+     */
+    public function authenticate(): string;
+}
diff --git a/Model/Authenticator.php b/Model/Authenticator.php
new file mode 100644
index 0000000..45514ef
--- /dev/null
+++ b/Model/Authenticator.php
@@ -0,0 +1,50 @@
+<?php
+
+/**
+ * Authenticator
+ *
+ * @copyright Copyright © 2024 Blackbird Agency. All rights reserved.
+ * @author    sebastien@bird.eu
+ */
+
+declare(strict_types=1);
+
+namespace Opengento\BetterBo\Model;
+
+use Magento\Framework\App\Config\ScopeConfigInterface;
+use Magento\Framework\Data\Form\FormKey\Validator;
+use Magento\Framework\Exception\AuthorizationException;
+use Magento\Framework\Webapi\Request;
+use Opengento\BetterBo\Api\AuthenticatorInterface;
+
+class Authenticator implements AuthenticatorInterface
+{
+    public function __construct(
+        protected Validator $validator,
+        protected Request $request,
+        protected ScopeConfigInterface $scopeConfig
+    ) {
+    }
+
+    /**
+     * @throws AuthorizationException
+     */
+    public function authenticate(): string
+    {
+        if (!$this->validator->validate($this->request)) {
+            throw new AuthorizationException(
+                __(
+                    "The consumer isn't authorized to access %resources.",
+                    ['resources' => '']
+                )
+            );
+        }
+
+        return $this->getAppToken();
+    }
+
+    private function getAppToken(): string
+    {
+        return $this->scopeConfig->getValue('better_bo/integration/token');
+    }
+}
diff --git a/Observer/AdminLoginCookie.php b/Observer/AdminLoginCookie.php
new file mode 100644
index 0000000..788722f
--- /dev/null
+++ b/Observer/AdminLoginCookie.php
@@ -0,0 +1,61 @@
+<?php
+
+/**
+ * AdminLoginCookie
+ *
+ * @copyright Copyright © 2024 Blackbird Agency. All rights reserved.
+ * @author    sebastien@bird.eu
+ */
+
+declare(strict_types=1);
+
+namespace Opengento\BetterBo\Observer;
+
+use Magento\Framework\App\Config\ScopeConfigInterface;
+use Magento\Framework\Event\Observer;
+use Magento\Framework\Event\ObserverInterface;
+use Magento\Integration\Model\CustomUserContext;
+use Magento\Integration\Model\UserToken\UserTokenParametersFactory;
+
+class AdminLoginCookie implements ObserverInterface
+{
+    public function __construct(
+        protected ScopeConfigInterface $scopeConfig,
+        protected \Magento\Framework\Stdlib\CookieManagerInterface $customCookieManager,
+        protected \Magento\Framework\Stdlib\Cookie\CookieMetadataFactory $customCookieMetadataFactory,
+        protected \Magento\Integration\Api\UserTokenIssuerInterface $tokenIssuer,
+        protected UserTokenParametersFactory $tokenParametersFactory,
+    ) {}
+    /**
+     * @inheritDoc
+     */
+    public function execute(Observer $observer)
+    {
+        $event = $observer->getEvent();
+        $user = $event->getUser();
+
+        $context = new CustomUserContext(
+            (int) $user->getId(),
+            CustomUserContext::USER_TYPE_ADMIN
+        );
+        $params = $this->tokenParametersFactory->create();
+
+        $token = $this->tokenIssuer->create($context, $params);
+        $this->createAdminCookie($token);
+    }
+
+    protected function createAdminCookie(string $token): void
+    {
+        $ttl = $this->scopeConfig->getValue('admin/security/session_lifetime');
+        $customCookieMetadata = $this->customCookieMetadataFactory->createPublicCookieMetadata();
+        $customCookieMetadata->setDuration($ttl);
+        $customCookieMetadata->setPath('/admin');
+        $customCookieMetadata->setHttpOnly(false);
+
+        $this->customCookieManager->setPublicCookie(
+            'betterbo_token',
+            $token,
+            $customCookieMetadata
+        );
+    }
+}
diff --git a/etc/config.xml b/etc/config.xml
index 73b18db..5ed5deb 100644
--- a/etc/config.xml
+++ b/etc/config.xml
@@ -5,6 +5,9 @@
             <general>
                 <attributes_fields_type>text,select</attributes_fields_type>
             </general>
+            <integration>
+                <token>12345</token>
+            </integration>
         </better_bo>
     </default>
 </config>
diff --git a/etc/di.xml b/etc/di.xml
index 0847f65..fb4f5b0 100644
--- a/etc/di.xml
+++ b/etc/di.xml
@@ -19,5 +19,5 @@
 
     <preference for="Opengento\BetterBo\Api\ProductManagementInterface" type="Opengento\BetterBo\Model\ProductManagement" />
     <preference for="Opengento\BetterBo\Api\GetProductAttributesInterface" type="Opengento\BetterBo\Model\GetProductAttributes" />
-
+    <preference for="Opengento\BetterBo\Api\AuthenticatorInterface" type="Opengento\BetterBo\Model\Authenticator" />
 </config>
diff --git a/etc/events.xml b/etc/events.xml
new file mode 100644
index 0000000..c17af3c
--- /dev/null
+++ b/etc/events.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0"?>
+<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:noNamespaceSchemaLocation="urn:magento:framework:Event/etc/events.xsd">
+    <event name="backend_auth_user_login_success">
+        <observer name="opengento_betterbo_cookie_create"
+                  instance="Opengento\BetterBo\Observer\AdminLoginCookie"/>
+    </event>
+</config>
diff --git a/etc/webapi.xml b/etc/webapi.xml
index 8831c62..c6943bf 100644
--- a/etc/webapi.xml
+++ b/etc/webapi.xml
@@ -7,6 +7,12 @@
 -->
 <routes xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Webapi:etc/webapi.xsd">
+    <route url="/V1/betterbo/authenticate" method="GET">
+        <service class="Opengento\BetterBo\Api\AuthenticatorInterface" method="authenticate"/>
+        <resources>
+            <resource ref="anonymous" />
+        </resources>
+    </route>
 
     <!-- Get product attribute config and value -->
     <route url="/V1/betterbo/catalog/product/attributes" method="POST">