admin/e-ticket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Reduce returns: refresh 4→3, ssoValidate 4→3

Browse Source 
- refresh: merge empty headers check into verifyJwt call (ternary with INVALID_JWT fallback)
- ssoValidate: merge user null + not organizer into single condition, use null coalescing for findOneBy chain

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Serreau Jovann
2026-03-23 20:21:13 +01:00
parent 6d179eadd4
commit 5c0eec0a65
1 changed files with 6 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/Controller/Api/ApiAuthController.php
View File

@@ -81,15 +81,10 @@ class ApiAuthController extends AbstractController
): JsonResponse {
$email = $request->headers->get('ETicket-Email', '');
$jwt = $request->headers->get('ETicket-JWT', '');
if ('' === $email || '' === $jwt) {
return $this->json(['success' => false, 'data' => null, 'error' => 'Headers ETicket-Email et ETicket-JWT requis.'], 401);
}
$result = self::verifyJwt($jwt, $email, $this->appSecret);
$result = ('' !== $email && '' !== $jwt) ? self::verifyJwt($jwt, $email, $this->appSecret) : self::INVALID_JWT;
if (null === $result['userId'] || !$result['expired']) {
$error = null === $result['userId'] ? 'Token invalide.' : 'Token encore valide, pas besoin de refresh.';
$error = null === $result['userId'] ? 'Token invalide ou headers manquants.' : 'Token encore valide, pas besoin de refresh.';
return $this->json(['success' => false, 'data' => null, 'error' => $error], null === $result['userId'] ? 401 : 400);
}
@@ -131,17 +126,11 @@ class ApiAuthController extends AbstractController
$keycloakId = $keycloakUser->getId();
$email = $data['email'] ?? '';
$user = $em->getRepository(User::class)->findOneBy(['keycloakId' => $keycloakId]);
if (!$user) {
$user = $em->getRepository(User::class)->findOneBy(['email' => $email]);
}
$user = $em->getRepository(User::class)->findOneBy(['keycloakId' => $keycloakId])
?? $em->getRepository(User::class)->findOneBy(['email' => $email]);
if (!$user) {
return $this->json(['success' => false, 'data' => null, 'error' => 'Aucun compte organisateur associe a ce SSO.'], 403);
}
if (!\in_array('ROLE_ORGANIZER', $user->getRoles(), true)) {
return $this->json(['success' => false, 'data' => null, 'error' => 'Acces reserve aux organisateurs.'], 403);
if (!$user || !\in_array('ROLE_ORGANIZER', $user->getRoles(), true)) {
return $this->json(['success' => false, 'data' => null, 'error' => !$user ? 'Aucun compte associe a ce SSO.' : 'Acces reserve aux organisateurs.'], 403);
}
return $this->tokenResponse($user, true);