fix: Anonymous user type does not work correctly for LTI

oat-sa · Apr 22, 2024 · 891b6bd · 891b6bd
1 parent 147b66c
commit 891b6bd
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 8 deletions.
diff --git a/models/classes/Platform/Service/Oidc/Lti1p3UserAuthenticator.php b/models/classes/Platform/Service/Oidc/Lti1p3UserAuthenticator.php
@@ -41,10 +41,6 @@ public function authenticate(
         string $loginHint
     ): UserAuthenticationResultInterface {
         try {
-            if ($loginHint === '') {
-                return new UserAuthenticationResult(true);
-            }
-
             return new UserAuthenticationResult(true, $this->getUserIdentity($loginHint));
         } catch (Throwable $exception) {
             return new UserAuthenticationResult(false);
@@ -54,8 +50,13 @@ public function authenticate(
     /**
      * @throws ErrorException
      */
-    private function getUserIdentity(string $userId): UserIdentity
+    private function getUserIdentity(string $userId): ?UserIdentity
     {
+        // anonymous user without login data
+        if ($userId === '') {
+            return null;
+        }
+
         $user = $this->getUserService()
             ->getUser($userId);
 

diff --git a/test/unit/models/classes/Platform/Service/Oidc/Lti1p3UserAuthenticatorTest.php b/test/unit/models/classes/Platform/Service/Oidc/Lti1p3UserAuthenticatorTest.php
@@ -37,6 +37,8 @@ class Lti1p3UserAuthenticatorTest extends TestCase
 {
     use ServiceManagerMockTrait;
 
+    const LOGINHINT = 'userId#123456';
+
     /** @var Lti1p3UserAuthenticator */
     private $subject;
 
@@ -85,7 +87,7 @@ public function testAuthenticateUser(): void
                     'en-US'
                 )
             ),
-            $this->subject->authenticate($registration, 'userId#123456')
+            $this->subject->authenticate($registration, self::LOGINHINT)
         );
     }
 
@@ -104,12 +106,32 @@ public function testAnonymousOrGuestUser(): void
             new UserAuthenticationResult(
                 true,
                 new UserIdentity(
-                    'userId#123456',
+                    self::LOGINHINT,
                     '',
                     ''
                 )
             ),
-            $this->subject->authenticate($registration, 'userId#123456')
+            $this->subject->authenticate($registration, self::LOGINHINT)
+        );
+    }
+
+    public function testAnonymousWithoutLoginHintData(): void
+    {
+        $this->expectAnonymousUser(
+            [
+                'role'
+            ]
+        );
+
+        /** @var RegistrationInterface|MockObject $registration */
+        $registration = $this->createMock(RegistrationInterface::class);
+
+        $this->assertEquals(
+            new UserAuthenticationResult(
+                true,
+                null
+            ),
+            $this->subject->authenticate($registration, '')
         );
     }