topcoder-platform · jmgasper · Dec 8, 2022 · Dec 7, 2022
diff --git a/Topcoder/class.topcoder.plugin.php b/Topcoder/class.topcoder.plugin.php
@@ -219,6 +219,10 @@ public function settingsController_topcoder_create($sender) {
             'Plugins.Topcoder.SSO.CookieName' => ['Control' => 'TextBox', 'Default' => '', 'Description' => 'Topcoder Cookie Name'],
             'Plugins.Topcoder.SSO.TopcoderHS256.UsernameClaim' => ['Control' => 'TextBox', 'Default' => '', 'Description' => 'Topcoder Username Claim for HS256 JWT'],
             'Plugins.Topcoder.SSO.TopcoderRS256.UsernameClaim' => ['Control' => 'TextBox', 'Default' => '', 'Description' => 'Topcoder Username Claim for RS256 JWT'],
+            'Plugins.Topcoder.SSO.TopcoderHS256.UserIDClaim' => ['Control' => 'TextBox', 'Default' => '', 'Description' => 'Topcoder User ID Claim for HS256 JWT'],
+            'Plugins.Topcoder.SSO.TopcoderRS256.UserIDClaim' => ['Control' => 'TextBox', 'Default' => '', 'Description' => 'Topcoder User ID Claim for RS256 JWT'],
+            'Plugins.Topcoder.SSO.TopcoderHS256.PhotoUrlClaim' => ['Control' => 'TextBox', 'Default' => '', 'Description' => 'Topcoder Photo URL Claim for HS256 JWT'],
+            'Plugins.Topcoder.SSO.TopcoderRS256.PhotoUrlClaim' => ['Control' => 'TextBox', 'Default' => '', 'Description' => 'Topcoder Photo URL Claim for RS256 JWT'],
         ]);
 
         $cf->renderAll();
@@ -373,16 +377,22 @@ public function gdn_auth_startAuthenticator_handler() {
 
             $AUTH0_AUDIENCE = null;
             $USERNAME_CLAIM = null;
+            $PHOTOURL_CLAIM = null;
+            $USERID_CLAIM = null;
             if ($decodedToken->getHeader('alg') === 'RS256') {
                 $AUTH0_AUDIENCE = c('Plugins.Topcoder.SSO.TopcoderRS256.ID');
                 $USERNAME_CLAIM = c('Plugins.Topcoder.SSO.TopcoderRS256.UsernameClaim');
+                $USERID_CLAIM = c('Plugins.Topcoder.SSO.TopcoderRS256.UserIDClaim');
+                $PHOTOURL_CLAIM = c('Plugins.Topcoder.SSO.TopcoderRS256.PhotoUrlClaim');
                 $jwksUri = $issuer . '.well-known/jwks.json';
                 $jwksHttpOptions = ['base_uri' => $jwksUri];
                 $jwksFetcher = new JWKFetcher($this->cacheHandler, $jwksHttpOptions);
                 $signatureVerifier = new AsymmetricVerifier($jwksFetcher);
 
             } else if ($decodedToken->getHeader('alg') === 'HS256') {
                 $USERNAME_CLAIM = c('Plugins.Topcoder.SSO.TopcoderHS256.UsernameClaim');
+                $USERID_CLAIM = c('Plugins.Topcoder.SSO.TopcoderHS256.UserIDClaim');
+                $PHOTOURL_CLAIM = c('Plugins.Topcoder.SSO.TopcoderHS256.PhotoUrlClaim');
                 $AUTH0_AUDIENCE = c('Plugins.Topcoder.SSO.TopcoderHS256.ID');
                 $CLIENT_H256SECRET = c('Plugins.Topcoder.SSO.TopcoderHS256.Secret');
                 $signatureVerifier = new SymmetricVerifier($CLIENT_H256SECRET);
@@ -450,8 +460,11 @@ public function gdn_auth_startAuthenticator_handler() {
             $this->checkTopcoderRoles($topcoderRoles);
 
             $topcoderUserName = $decodedToken->getClaim($USERNAME_CLAIM);
+            $topcoderPhotoUrl = $decodedToken->getClaim($PHOTOURL_CLAIM);
+            $topcoderUserID = $decodedToken->getClaim($USERID_CLAIM);
+
             if ($topcoderUserName) {
-               self::log('Trying to signIn ...', ['username' => $topcoderUserName]);
+               self::log('Trying to signIn ...', ['username' => $topcoderUserName, 'topcoderId'=> $topcoderUserID ,  'photoUrl' => $topcoderPhotoUrl, ]);
 
                 $userModel = new UserModel();
                 $user = $userModel->getByUsername($topcoderUserName, false);
@@ -515,6 +528,10 @@ public function gdn_auth_startAuthenticator_handler() {
                        self::log('The session could not be started.', []);
                         throw new ClientException('The session could not be started.', 401);
                     }
+
+                    Gdn::userModel()->saveAttribute(
+                        Gdn::session()->UserID,
+                        ['TopcoderUserID' => $topcoderUserID, 'TopcoderPhotoUrl' => $topcoderPhotoUrl]);
                 } else {
                    self::log('Go with the next Vanilla Authenticator', []);
                 }