Donne moi du cache

betagouv · Jan 16, 2025 · f1e3686 · f1e3686
1 parent d9f416d
commit f1e3686
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 8 deletions.
diff --git a/.env.dist b/.env.dist
@@ -39,3 +39,8 @@ SCW_DEFAULT_PROJECT_ID=changeme
 
 # Uniquement requis en environnement de test
 MAILPIT_URL=http://mailpit:8025
+
+# ProConnect (OIDC connect)
+PRO_CONNECT_WELL_KNOWN_URL=https://example/api/v2/.well-known/config.json
+PRO_CONNECT_CLIENT_ID=<client-id>
+PRO_CONNECT_CLIENT_SECRET=<client-secret>
diff --git a/config/packages/cache.yaml b/config/packages/cache.yaml
@@ -2,3 +2,6 @@ framework:
     cache:
         app: cache.adapter.filesystem
         system: cache.adapter.system
+        pools:
+            oidc:
+                adapter: cache.adapter.filesystem
diff --git a/src/Security/Oidc/OidcClient.php b/src/Security/Oidc/OidcClient.php
@@ -2,14 +2,22 @@
 
 namespace MonIndemnisationJustice\Security\Oidc;
 
-use Firebase\JWT\JWT;
 use GuzzleHttp\Client as HttpClient;
 use GuzzleHttp\Exception\GuzzleException;
 use GuzzleHttp\Exception\RequestException;
 use Ramsey\Uuid\Uuid;
+use Symfony\Component\DependencyInjection\Attribute\Target;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Contracts\Cache\CacheInterface;
+
+final class OidcConnectionContext
+{
+    public string $code;
+    public string $nonce;
+    public ?string $token;
+}
 
 class OidcClient
 {
@@ -22,20 +30,23 @@ public function __construct(
         protected readonly string $clientSecret,
         protected readonly string $loginCheckRoute,
         protected readonly UrlGeneratorInterface $urlGenerator,
+        #[Target('oidc')] protected readonly CacheInterface $cache,
     ) {
         $this->client = new HttpClient([]);
     }
 
     protected function configure(): void
     {
         if (null === $this->configuration) {
-            $response = $this->client->get($this->wellKnownUrl);
-
-            if (200 !== $response->getStatusCode()) {
-                throw new AuthenticationException('Fetch of OIDC server well known configuration failed.');
-            }
-
-            $this->configuration = json_decode($response->getBody()->getContents(), true);
+            $this->configuration = $this->cache->get('oidc_well_known_configuration', function () {
+                try {
+                    $response = $this->client->get($this->wellKnownUrl);
+
+                    return json_decode($response->getBody()->getContents(), true);
+                } catch (GuzzleException $e) {
+                    throw new AuthenticationException('Fetch of OIDC server well known configuration failed.');
+                }
+            });
         }
     }