diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6bbc8178a432622a9390eaa3ab7372bbf7b4bcae..725e22f67ef35a216565dd9c1f18a0e8b61fed25 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,10 @@
CHANGELOG
=========
+3.2.2
+-----
+- L'URL de connexion accepte désormais role=ROLE_ID pour sélectionner automatiquement ce rôle une fois authentifié.
+
3.2.1
-----
- Modifications/améliorations pour faciliter le support d'autres modes d'authentification (ex: unicaen/auth-token).
diff --git a/src/UnicaenAuth/Controller/AuthController.php b/src/UnicaenAuth/Controller/AuthController.php
index ff5a73b40b59dc792473458598206c20730d20fe..94cf49315374c82f8dd9f2df97621bb23048221e 100644
--- a/src/UnicaenAuth/Controller/AuthController.php
+++ b/src/UnicaenAuth/Controller/AuthController.php
@@ -9,10 +9,12 @@ use UnicaenApp\Exception\RuntimeException;
use UnicaenAuth\Authentication\Adapter\Cas;
use UnicaenAuth\Authentication\Adapter\LocalAdapter;
use UnicaenAuth\Authentication\Adapter\Shib;
+use UnicaenAuth\Entity\Db\Role;
use UnicaenAuth\Form\LoginForm;
use UnicaenAuth\Options\Traits\ModuleOptionsAwareTrait;
use UnicaenAuth\Service\ShibService;
use UnicaenAuth\Service\Traits\ShibServiceAwareTrait;
+use UnicaenAuth\Service\Traits\UserContextServiceAwareTrait;
use UnicaenAuth\Service\Traits\UserServiceAwareTrait;
use Zend\Http\Request;
use Zend\Http\Response;
@@ -43,6 +45,7 @@ class AuthController extends AbstractActionController
use ShibServiceAwareTrait;
use UserServiceAwareTrait;
+ use UserContextServiceAwareTrait;
use ModuleOptionsAwareTrait;
/**
@@ -131,8 +134,12 @@ class AuthController extends AbstractActionController
}
$redirect = $this->getRequestedRedirect();
- $queryParams = ['query' => ($redirect ? ['redirect' => $redirect] : [])];
- $url = $this->url()->fromRoute(null, [], $queryParams, true);
+ $roleId = $this->params()->fromPost('role', $this->params()->fromQuery('role', false));
+ $queryParams = array_filter([
+ 'redirect' => $redirect ?: null,
+ 'role' => $roleId ?: null,
+ ]);
+ $url = $this->url()->fromRoute(null, [], ['query' => $queryParams], true);
$form->setAttribute('action', $url);
if (!$request->isPost()) {
@@ -232,6 +239,7 @@ class AuthController extends AbstractActionController
$type = $this->params('type');
$adapter = $this->zfcUserAuthentication()->getAuthAdapter();
$redirect = $this->params()->fromPost('redirect', $this->params()->fromQuery('redirect', false));
+ $roleId = $this->params()->fromPost('role', $this->params()->fromQuery('role', false));
$request = $this->getRequest();
$request->getPost()->set('type', $type);
@@ -244,11 +252,19 @@ class AuthController extends AbstractActionController
$auth = $this->zfcUserAuthentication()->getAuthService()->authenticate($adapter);
+ if ($roleId) {
+ $this->serviceUserContext->setNextSelectedIdentityRole($roleId);
+ }
+
if (!$auth->isValid()) {
$message = $auth->getMessages()[0] ?? $this->failedLoginMessage;
$this->flashMessenger()->setNamespace('zfcuser-login-form')->addMessage($message);
$adapter->resetAdapters();
- $url = $this->url()->fromRoute(null, [], ['query' => $redirect ? ['redirect' => $redirect] : []], true);
+ $queryParams = array_filter([
+ 'redirect' => $redirect ?: null,
+ 'role' => $roleId ?: null,
+ ]);
+ $url = $this->url()->fromRoute(null, [], ['query' => $queryParams], true);
return $this->redirect()->toUrl($url);
}
diff --git a/src/UnicaenAuth/Controller/AuthControllerFactory.php b/src/UnicaenAuth/Controller/AuthControllerFactory.php
index 35f6464a81e078c2d8f811f27cca32496fe267a7..392c03f302545dec0b5726798e455ea24cff7831 100644
--- a/src/UnicaenAuth/Controller/AuthControllerFactory.php
+++ b/src/UnicaenAuth/Controller/AuthControllerFactory.php
@@ -7,6 +7,7 @@ use UnicaenAuth\Form\LoginForm;
use UnicaenAuth\Options\ModuleOptions;
use UnicaenAuth\Service\ShibService;
use UnicaenAuth\Service\User as UserService;
+use UnicaenAuth\Service\UserContext;
use ZfcUser\Controller\RedirectCallback;
class AuthControllerFactory
@@ -23,6 +24,9 @@ class AuthControllerFactory
/* @var $userService UserService */
$userService = $container->get('unicaen-auth_user_service');
+ /* @var $userContextService UserContext */
+ $userContextService = $container->get(UserContext::class);
+
/** @var ModuleOptions $moduleOptions */
$moduleOptions = $container->get('unicaen-auth_module_options');
@@ -32,6 +36,7 @@ class AuthControllerFactory
$controller = new AuthController();
$controller->setShibService($shibService);
$controller->setUserService($userService);
+ $controller->setServiceUserContext($userContextService);
$controller->setModuleOptions($moduleOptions);
$controller->setRedirectCallback($redirectCallback);
diff --git a/src/UnicaenAuth/Service/UserContext.php b/src/UnicaenAuth/Service/UserContext.php
index 57db9048bd26c2591e3dcfbc34e108cc6a32b4ac..da6eb9914069fd76b2a4a0adb163313d2667023c 100644
--- a/src/UnicaenAuth/Service/UserContext.php
+++ b/src/UnicaenAuth/Service/UserContext.php
@@ -379,7 +379,7 @@ class UserContext extends AbstractService implements EventManagerAwareInterface
*
* NB: seul l'id du rôle est mémorisé en session ; la durée de vie du stockage est de 1 requête seulement.
*
- * @param RoleInterface|string $role
+ * @param RoleInterface|string $role Le ROLE_ID du rôle (string) ou une instance (RoleInterface)
*
* @return \UnicaenAuth\Service\UserContext
*/
@@ -396,12 +396,13 @@ class UserContext extends AbstractService implements EventManagerAwareInterface
unset($this->getSessionContainer()->nextSelectedIdentityRole);
}
- $role = $this->getSelectableIdentityRoles()[$role];
+ $role = $this->getSelectableIdentityRoles()[$role] ?? null;
if ($role instanceof AbstractRole) {
$this->saveUserLastRole($role);
}
-
- $this->triggerUserRoleSelectedEvent(UserRoleSelectedEvent::POST_SELECTION, $role);
+ if ($role) {
+ $this->triggerUserRoleSelectedEvent(UserRoleSelectedEvent::POST_SELECTION, $role);
+ }
return $this;
}