MDL-59115 auth_oauth2: Set all mapped field of user

On account creation by Oauth2 all configured mapped user
fields are now saved in the user profile on user creation.

Co-Authored-By: SKOLL Learning Technologies

auth/oauth2/classes/api.php

@@ -252,18 +252,19 @@ public static function create_new_confirmed_account($userinfo, $issuer) {
         require_once($CFG->dirroot.'/user/lib.php');
 
         $user = new stdClass();
-        $user->username = $userinfo['username'];
-        $user->email = $userinfo['email'];
         $user->auth = 'oauth2';
         $user->mnethostid = $CFG->mnet_localhost_id;
-        $user->lastname = isset($userinfo['lastname']) ? $userinfo['lastname'] : '';
-        $user->firstname = isset($userinfo['firstname']) ? $userinfo['firstname'] : '';
-        $user->alternatename = isset($userinfo['alternatename']) ? $userinfo['alternatename'] : '';
         $user->secret = random_string(15);
-
         $user->password = '';
-        // This user is confirmed.
-        $user->confirmed = 1;
+        $user->confirmed = 1;  // Set the user to confirmed.
+
+        // Map supplied issuer user info to Moodle user fields.
+        $userfieldmapping = new \core\oauth2\user_field_mapping();
+        foreach ($userfieldmapping->get_internalfield_list() as $field) {
+            if (isset($userinfo[$field]) && $userinfo[$field]) {
+                $user->$field = $userinfo[$field];
+            }
+        }
 
         $user->id = user_create_user($user, false, true);
 
@@ -300,18 +301,19 @@ public static function send_confirm_account_email($userinfo, $issuer) {
         }
 
         $user = new stdClass();
-        $user->username = $userinfo['username'];
-        $user->email = $userinfo['email'];
         $user->auth = 'oauth2';
         $user->mnethostid = $CFG->mnet_localhost_id;
-        $user->lastname = isset($userinfo['lastname']) ? $userinfo['lastname'] : '';
-        $user->firstname = isset($userinfo['firstname']) ? $userinfo['firstname'] : '';
-        $user->alternatename = isset($userinfo['alternatename']) ? $userinfo['alternatename'] : '';
         $user->secret = random_string(15);
-
         $user->password = '';
-        // This user is not confirmed.
-        $user->confirmed = 0;
+        $user->confirmed = 0;  // The user is not yet confirmed.
+
+        // Map supplied issuer user info to Moodle user fields.
+        $userfieldmapping = new \core\oauth2\user_field_mapping();
+        foreach ($userfieldmapping->get_internalfield_list() as $field) {
+            if (isset($userinfo[$field]) && $userinfo[$field]) {
+                $user->$field = $userinfo[$field];
+            }
+        }
 
         $user->id = user_create_user($user, false, true);
 

auth/oauth2/tests/api_test.php

@@ -98,6 +98,45 @@ public function test_clean_orphaned_linked_logins_with_issuer_id() {
         $this->assertCount(1, $linkedlogins);
     }
 
+    /**
+     * Test creating a new confirmed account.
+     * Including testing that user profile fields are correctly set.
+     *
+     * @covers \auth_oauth2\api::create_new_confirmed_account
+     */
+    public function test_create_new_confirmed_account() {
+        global $DB;
+        $this->resetAfterTest();
+        $this->setAdminUser();
+
+        $issuer = \core\oauth2\api::create_standard_issuer('microsoft');
+
+        $info = [];
+        $info['username'] = 'apple';
+        $info['email'] = '[email protected]';
+        $info['firstname'] = 'Apple';
+        $info['lastname'] = 'Fruit';
+        $info['alternatename'] = 'Beatles';
+        $info['idnumber'] = '123456';
+        $info['city'] = 'Melbourne';
+        $info['country'] = 'AU';
+        $info['institution'] = 'ACME Inc';
+        $info['department'] = 'Misc Explosives';
+
+        $createduser = \auth_oauth2\api::create_new_confirmed_account($info, $issuer);
+
+        // Get actual user record from DB to check.
+        $userdata = $DB->get_record('user', ['id' => $createduser->id]);
+
+        // Confirm each value supplied from issuers is saved into the user record.
+        foreach ($info as $key => $value) {
+            $this->assertEquals($value, $userdata->$key);
+        }
+
+        // Explicitly test the user is confirmed.
+        $this->assertEquals(1, $userdata->confirmed);
+    }
+
     /**
      * Test auto-confirming linked logins.
      */
@@ -159,4 +198,43 @@ public function test_is_enabled_disabled() {
         set_config('auth', 'manual');
         $this->assertFalse(\auth_oauth2\api::is_enabled());
     }
+
+    /**
+     * Test creating a user via the send confirm account email method.
+     * Including testing that user profile fields are correctly set.
+     *
+     * @covers \auth_oauth2\api::send_confirm_account_email
+     */
+    public function test_send_confirm_account_email() {
+        global $DB;
+        $this->resetAfterTest();
+        $this->setAdminUser();
+
+        $issuer = \core\oauth2\api::create_standard_issuer('microsoft');
+
+        $info = [];
+        $info['username'] = 'apple';
+        $info['email'] = '[email protected]';
+        $info['firstname'] = 'Apple';
+        $info['lastname'] = 'Fruit';
+        $info['alternatename'] = 'Beatles';
+        $info['idnumber'] = '123456';
+        $info['city'] = 'Melbourne';
+        $info['country'] = 'AU';
+        $info['institution'] = 'ACME Inc';
+        $info['department'] = 'Misc Explosives';
+
+        $createduser = \auth_oauth2\api::send_confirm_account_email($info, $issuer);
+
+        // Get actual user record from DB to check.
+        $userdata = $DB->get_record('user', ['id' => $createduser->id]);
+
+        // Confirm each value supplied from issuers is saved into the user record.
+        foreach ($info as $key => $value) {
+            $this->assertEquals($value, $userdata->$key);
+        }
+
+        // Explicitly test the user is not yet confirmed.
+        $this->assertEquals(0, $userdata->confirmed);
+    }
 }