xo::Authorize method perform_login (public)

 <instance of xo::Authorize[i]> perform_login [ -token token ] \
    [ -state state ]

Defined in packages/xooauth/tcl/authorize-procs.tcl

Get the provided claims from the identity provider and perform an OpenACS login, when the user exists. In case the user does not exist, create it optionally (when "create_not_registered_users" is activated. When the user is created, and dotlrn is installed, the new user might be added optionally as a dotlrn user with the role as specified in "create_with_dotlrn_role".

Switches:
-token
(optional)
-state
(optional)

Partial Call Graph (max 5 caller/called nodes):
%3 ad_user_login ad_user_login (public) xo::Authorize instproc perform_login xo::Authorize instproc perform_login xo::Authorize instproc perform_login->ad_user_login

Testcases:
No testcase defined.
Source code:
set data [:get_user_data -token $token]
if {[dict exists $data error]} {
    #
    # There was already an error in the steps leading to
    # this.
    #
    ns_log warning "[self] OAuth login failed:"  [dict get $data error] "\n$data"

} elseif {![dict exists $data email]} {
    #
    # No error and no email in result... actually, this
    # should not happen.
    #
    dict set data error oacs-no_email_in_result
    ns_log warning "OAuth login failed strangely: "  [dict get $data error] "\n$data"

} else {
    dict set data decoded_state [:decoded_state $state]
    set user_id [:lookup_user_id -email [dict get $data email]]
    if {!${:debug}
        && $user_id == 0
        && ${:create_not_registered_users}
    } {
        try {
            :register_new_user  -first_names [dict get $data given_name]  -last_name [dict get $data family_name]  -email [dict get $data email]
        } on ok {result} {
            set user_id $result
        } on error {errorMsg} {
            dict set data error oacs-register_failed
            dict set data error_description $errorMsg
        }
    }
    dict set data user_id $user_id
    if {$user_id != 0} {
        #
        # The lookup of the user_id was successful. We can
        # login as this user.... but only, when no "debug"
        # is activated.
        #
        if {!${:debug}} {
            ad_user_login -external_registry [self$user_id
        }
    } else {
        #
        # For the time being, just report data back to the
        # calling script.
        #
        dict set data error "oacs-no_such_user"
    }
}
return $data
XQL Not present:
Generic, PostgreSQL, Oracle
[ hide source ] | [ make this the default ]
Show another procedure: