Activate userinfo endpoint for OAuth authentication

web/modules/interfaces/oauth_grant_remote/src/Controller/UserInfoOverwriteController.php

@@ -0,0 +1,96 @@
+<?php
+
+namespace Drupal\oauth_grant_remote\Controller;
+
+use Drupal\Core\Config\ConfigFactoryInterface;
+use Drupal\Core\DependencyInjection\ContainerInjectionInterface;
+use Drupal\Core\Session\AccountProxyInterface;
+use Drupal\simple_oauth\Authentication\TokenAuthUser;
+use Drupal\simple_oauth\Entities\UserEntityWithClaims;
+use Symfony\Component\DependencyInjection\ContainerInterface;
+use Symfony\Component\HttpFoundation\JsonResponse;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
+use Symfony\Component\Serializer\Normalizer\NormalizerInterface;
+use Symfony\Component\Serializer\SerializerInterface;
+
+/**
+ * Controller for the User Info endpoint.
+ */
+class UserInfoOverwriteController implements ContainerInjectionInterface {
+
+  /**
+   * The authenticated user.
+   *
+   * @var \Drupal\Core\Session\AccountInterface
+   */
+  private $user;
+
+  /**
+   * The serializer.
+   *
+   * @var \Symfony\Component\Serializer\SerializerInterface
+   */
+  private $serializer;
+
+  /**
+   * The configuration object.
+   *
+   * @var \Drupal\Core\Config\ImmutableConfig
+   */
+  private $config;
+
+  /**
+   * UserInfo constructor.
+   *
+   * @param \Drupal\Core\Session\AccountProxyInterface $user
+   *   The user.
+   * @param \Symfony\Component\Serializer\SerializerInterface $serializer
+   *   The serializer service.
+   * @param \Drupal\Core\Config\ConfigFactoryInterface $config_factory
+   *   The configuration factory.
+   */
+  private function __construct(AccountProxyInterface $user, SerializerInterface $serializer, ConfigFactoryInterface $config_factory) {
+    $this->user = $user->getAccount();
+    $this->serializer = $serializer;
+    $this->config = $config_factory
+      ->get('simple_oauth.settings');
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  public static function create(ContainerInterface $container) {
+    return new static(
+      $container->get('current_user'),
+      $container->get('serializer'),
+      $container->get('config.factory')
+    );
+  }
+
+  /**
+   * The controller.
+   *
+   * @return \Symfony\Component\HttpFoundation\Response
+   *   The response.
+   *
+   * @throws \Symfony\Component\Serializer\Exception\ExceptionInterface
+   */
+  public function handle() {
+    if (!$this->user instanceof TokenAuthUser) {
+      throw new AccessDeniedHttpException('This route is only available for authenticated requests using OAuth2.');
+    }
+    assert($this->serializer instanceof NormalizerInterface);
+    $identifier = $this->user->id();
+    $user_entity = new UserEntityWithClaims();
+    $user_entity->setIdentifier($identifier);
+    $data = $this->serializer
+      ->normalize($user_entity, 'json', [$identifier => $this->user]);
+    $data['profile'] = 'https://www.youvo.org/kreative/' . $identifier;
+    if ($this->user->hasField('fullname')) {
+      $data['name'] = $this->user->get('fullname')->value;
+    }
+    $data['preferred_username'] = $data['name'];
+    return JsonResponse::create($data);
+  }
+
+}

web/modules/interfaces/oauth_grant_remote/src/Routing/RouteSubscriber.php

@@ -19,6 +19,11 @@ public function alterRoutes(RouteCollection $collection) {
         '_controller' => '\Drupal\oauth_grant_remote\Controller\Oauth2AuthorizeRemoteController::authorize',
       ]);
     }
+    if ($route = $collection->get('simple_oauth.userinfo')) {
+      $route->setDefaults([
+        '_controller' => '\Drupal\oauth_grant_remote\Controller\UserInfoOverwriteController::handle',
+      ]);
+    }
   }
 
 }

web/modules/youvo/blocker_mode/src/BlockerMode.php

@@ -61,6 +61,7 @@ public function applies(Request $request, AccountInterface $account) {
       $route_name = $route_match->getRouteName();
       $allowed_routes[] = 'oauth2_token.authorize';
       $allowed_routes[] = 'oauth2_token.token';
+      $allowed_routes[] = 'simple_oauth.userinfo';
       $allowed_routes[] = 'user.login';
       $allowed_routes[] = 'user.logout';
       $allowed_routes[] = 'oauth_grant_remote.expire';