FEATURES/143970

+        '143970' =>
+            ['Label' => $this->_('Récupération des prêts PNB avec Baobab (drm LCP)'),
+             'Desc' => 'Synchronisation des prêts PNB avec Baobab',
+             'Image' => '',
+             'Video' => '',
+             'Category' => '',
+             'Right' => function($feature_description, $user) {return true;},
+             'Wiki' => 'https://wiki.bokeh-library-portal.org/index.php?title=PNB_Baobab',
+             'Test' => '',
+             'Date' => '2022-06-23'],
\ No newline at end of file

VERSIONS_HOTLINE/164279

+ - correctif #164279 : Recherche : correction des libellés des facettes de domaines.
\ No newline at end of file

VERSIONS_WIP/143970

+ - fonctionnalité #143970 : Implémentation de l'API-APP de Dilicom permettant de consulter ses  prêts PNB sur l'appi Baobab, uniformisation et configuration des clients OAuth. Administration: journalisation des authentifications CAS et OAuth
\ No newline at end of file

application/modules/admin/controllers/IdentityClientsController.php

+<?php
+/**
+ * Copyright (c) 2012-2017, Agence Française Informatique (AFI). All rights reserved.
+ *
+ * BOKEH is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE as published by
+ * the Free Software Foundation.
+ *
+ * There are special exceptions to the terms and conditions of the AGPL as it
+ * is applied to this software (see README file).
+ *
+ * BOKEH is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * along with BOKEH; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA
+ */
+
+
+class Admin_IdentityClientsController extends ZendAfi_Controller_Action {
+  public function getPlugins() {
+    return [ZendAfi_Controller_Plugin_ResourceDefinition_IdentityClient::class,
+            ZendAfi_Controller_Plugin_Manager_IdentityClient::class];
+  }
+
+  public function indexAction() {
+    parent::indexAction();
+
+    $this->view->titre = $this->_('Clients d\'identité');
+  }
+}
+?>

application/modules/admin/controllers/IdentityProvidersController.php

@@ -30,5 +30,10 @@ class Admin_IdentityProvidersController extends ZendAfi_Controller_Action {
     parent::indexAction();
     $this->view->titre = $this->_('Fournisseurs d\'identité');
   }
+
+  public function federationAction() {
+    parent::indexAction();
+    $this->view->titre =  $this->_('Fédération d\'identités');
+  }
 }
-?>
\ No newline at end of file
+?>

application/modules/admin/controllers/IndexController.php

@@ -91,6 +91,24 @@ class Admin_IndexController extends ZendAfi_Controller_Action {
   }
 
 
+  public function adminvarSetAction() {
+    if(!$id = $this->_getParam('cle')) {
+      $this->_helper->notify($this->_('Veuillez renseigner le paramètre "cle".'));
+      return $this->_redirectClose($this->_getReferer());
+    }
+
+    if(!$var = Class_AdminVar::find($id)) {
+      $this->_helper->notify($this->_('La clé "%s" n\'existe pas.', $id));
+      return $this->_redirectClose($this->_getReferer());
+    }
+
+    $this->_saveVariable($var,  $this->_getParam('valeur'));
+
+    $this->view->admin_var = $var;
+    $this->_redirect($this->_getReferer());
+  }
+
+
   protected function _saveVariable($var, $new_value) {
     $var->setValeur($new_value);
     $id = $var->getId();
@@ -101,7 +119,6 @@ class Admin_IndexController extends ZendAfi_Controller_Action {
         ? $this->_redirect($url)
         : $this->_redirectClose($url);
     }
-
     $this->view->form->getElement('valeur')->addErrors($var->getErrors());
     $this->_helper
       ->notify($this->_('Erreur(s) : %s, variable %s NON sauvegardée',

application/modules/admin/controllers/UserApiTokensController.php

+<?php
+/**
+ * Copyright (c) 2012, Agence Française Informatique (AFI). All rights reserved.
+ *
+ * BOKEH is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE as published by
+ * the Free Software Foundation.
+ *
+ * There are special exceptions to the terms and conditions of the AGPL as it
+ * is applied to this software (see README file).
+ *
+ * BOKEH is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * along with BOKEH; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA
+ */
+
+
+class Admin_UserApiTokensController extends ZendAfi_Controller_Action {
+  public function getPlugins() {
+    return [ZendAfi_Controller_Plugin_ResourceDefinition_UserApiTokens::class,
+            ZendAfi_Controller_Plugin_Manager_UserApiTokens::class];
+  }
+
+
+  public function showAction() {
+    $this->view->tokens = Class_User_ApiToken::findAllBy([ 'client_id' => $this->_getParam('client_id', 0)]);
+  }
+
+
+  public function indexAction() {
+    $this->view->tokens = Class_User_ApiToken::findAllBy([ 'order' => 'id desc' , 'limit' => 200 ]);
+  }
+
+
+  public function deleteAllAction() {
+    Class_User_ApiToken::deleteBy(['client_id' =>$this->_getParam('client_id')]);
+    $this->_redirectToIndex();
+  }
+}

application/modules/admin/views/scripts/identity-clients/add.phtml

+<?php echo $this->renderForm($this->form); ?>

application/modules/admin/views/scripts/identity-clients/edit.phtml

+<?php echo $this->renderForm($this->form); ?>

application/modules/admin/views/scripts/identity-clients/index.phtml

+<?php
+
+echo $this->Button_New((new Class_Button)
+                       ->setText($this->_('Ajouter un client d\'identité')));
+
+
+echo $this->Button((new Class_Button)
+                   ->setText($this->_('Voir les fournisseurs d\'identité'))
+                   ->setUrl($this->url(['controller' =>'identity-providers','action' => 'index'])));
+
+
+echo  $this->Button_ActivationLog();
+
+if ( Class_AdminVar::get( 'ACTIVATE_AUTH_LOG'))
+  echo $this->button((new Class_Button)
+                     ->setText('Voir logs d\'authentification')
+                     ->setUrl($this->url(['controller' =>'journal','action' => 'index',
+                                          'order' => 'created_at+desc',
+                                          'search_type'  =>
+                                          Class_Journal_OauthRequestType::MY_TYPE])));
+
+echo $this
+  ->renderTable((new Class_TableDescription('servers'))
+                ->addColumn($this->_('Libellé'), ['attribute' => 'label'])
+                ->addColumn($this->_('Actif ?'),
+                            function($model)
+                            {
+                              return $model->getActive()
+                                ? $this->_('Oui')
+                                : $this->_('Non');
+                            })
+                ->addRowAction(function($model) { return $this->renderPluginsActions($model); }),
+                $this->servers);

application/modules/admin/views/scripts/identity-providers/index.phtml

@@ -3,6 +3,17 @@
 echo $this->Button_New((new Class_Button)
                        ->setText($this->_('Ajouter un fournisseur d\'identité')));
 
+echo $this->Button((new Class_Button)
+                   ->setText($this->_('Voir les clients d\'identité'))
+                   ->setUrl($this->url(['controller' =>'identity-clients','action' => 'index'])));
+
+echo $this->button((new Class_Button)
+                   ->setText('Voir logs d\'authentification')
+                   ->setUrl($this->url(['controller' =>'journal','action' => 'index',
+                                        'order' => 'created_at+desc',
+                                        'search_type'  =>
+                                       Class_Journal_CasRequestType::MY_TYPE])));
+
 echo $this
   ->renderTable((new Class_TableDescription('providers'))
                 ->addColumn($this->_('Libellé'), ['attribute' => 'label'])

application/modules/admin/views/scripts/journal/index.phtml

 <?php
+
+echo  $this->Button_ActivationLog();
+
 echo $this->searchJournal($this->search);

application/modules/admin/views/scripts/user-api-tokens/index.phtml

+<?php
+
+
+echo $this->button((new Class_Button)
+                   ->setText('Voir logs d\'authentification')
+                   ->setUrl($this->url(['controller' =>'user-api-tokens','action' => 'logs'])));
+
+echo $this
+  ->renderTable((new Class_TableDescription('providers'))
+                ->addColumn($this->_('User'), ['attribute' => 'user_name'])
+                ->addColumn($this->_('Créé le'), ['attribute' => 'created_at'])
+                ->addColumn($this->_('Token'), ['attribute' => 'token'])
+                ->addColumn($this->_('Date d\'expiration'), ['attribute' => 'expired_at'])
+                ->addColumn($this->_('Refresh token'), ['attribute' => 'refresh_token'])
+                ->addRowAction(function($model) { return $this->renderPluginsActions($model); }),
+                $this->tokens);

application/modules/admin/views/scripts/user-api-tokens/logs.phtml

+<?php
+$val = '1';
+$text = $this->_( 'Activer les logs');
+
+if ( Class_AdminVar::get( 'ACTIVATE_AUTH_LOG')) {
+$val = '0';
+$text = $this->_( 'Desactiver les logs');
+}
+
+echo $this->button((new Class_Button)
+  ->setText($text)
+  ->setUrl($this->url(['module' => 'admin',
+                         'controller' => 'index',
+                         'action' => 'adminvar_set',
+                         'cle' => 'ACTIVATE_AUTH_LOG',
+                         'valeur'  => $val,
+                         'redirect'  =>'/admin/user-api-tokens/logs'])));
+
+
+echo $this->button((new Class_Button)
+  ->setText( $this->_( 'Supprimer les logs'))
+  ->setUrl($this->url(['do' => 'clean'])));
+echo '<br/>';
+
+echo '<code>'. $this->log.'</code>';

application/modules/admin/views/scripts/user-api-tokens/show.phtml

+<?php
+
+
+echo $this->button((new Class_Button)
+                   ->setText('Voir logs d\'authentification')
+                   ->setUrl($this->url(['controller' =>'journal','action' => 'index',
+                                        'order' => 'created_at+desc',
+                                        'search_type'  =>
+                                        Class_Journal_CasRequestType::MY_TYPE])));
+echo $this
+  ->renderTable((new Class_TableDescription('providers'))
+                ->addColumn($this->_('User'), ['attribute' => 'user_name'])
+                ->addColumn($this->_('Créé le'), ['attribute' => 'created_at'])
+                ->addColumn($this->_('Token'), ['attribute' => 'token'])
+                ->addColumn($this->_('Date d\'expiration'), ['attribute' => 'expired_at'])
+                ->addColumn($this->_('Refresh token'), ['attribute' => 'refresh_token'])
+                ->addRowAction(function($model) { return $this->renderPluginsActions($model); }),
+                $this->tokens);

application/modules/api/controllers/CatalogController.php

@@ -21,6 +21,20 @@
 
 
 class Api_CatalogController extends ZendAfi_Controller_Action {
+
+  public function discoverAction() {
+    $this->_helper->json([
+                          'infos' => [ 'mail' => 'dev-opac@afi-sa.fr',
+                                      'company' => 'AFI'],
+                          'authentication' => [
+                                               'get_token' => Class_Url::absolute('/auth/oauth'),
+                                               'refresh_token'  => Class_Url::absolute('/auth/refresh')],
+                          'resources' => [['code'=> 'loans',
+                                           'endpoint' => Class_Url::absolute('/api/user/pnbloans'),
+                                           'version' =>'1']]]);
+  }
+
+
   public function itemAction() {
     if (!$barcode = $this->_getParam('barcode'))
       return $this->_helper->throwHTTPError($this->_('Paramètre barcode obligatoire'), 403);
@@ -31,4 +45,4 @@ class Api_CatalogController extends ZendAfi_Controller_Action {
 
     return $this->_helper->json($this->view->item($item));
   }
-}
\ No newline at end of file
+}

application/modules/api/controllers/ErrorController.php

@@ -22,10 +22,13 @@
 class Api_ErrorController extends Zend_Controller_Action {
   public function errorAction() {
     $errors = $this->_getParam('error_handler');
+    $json =['error'   => 'invalid_request',
+            'message' => $errors->exception->getMessage(),
+            'error_description' => $errors->exception->getMessage()
+    ];
 
-    $this->_helper->json(['error'   => 'invalid_request',
-                          'message' => $errors->exception->getMessage()]);
-
+    $this->_helper->json($json);
+    Class_Journal_RequestType::createWith( $this, json_encode($json), $errors->exception->getCode());
     $this->_response->setHttpResponseCode($errors->exception->getCode());
   }
 }

application/modules/api/controllers/UserController.php

@@ -23,6 +23,7 @@
 class Api_UserController extends ZendAfi_Controller_Action {
   public function preDispatch() {
     parent::preDispatch();
+
     if (!Class_Users::hasIdentity())
       $this->_authenticate();
   }
@@ -30,23 +31,49 @@ class Api_UserController extends ZendAfi_Controller_Action {
 
   public function accountAction() {
     $user = Class_Users::getIdentity();
+    $json = ['account' => ['label' => $user->getNomAff(),
+                           'login' => $user->getLogin(),
+                           'card' => ['id'=> $user->getIdabon(),
+                                      'expire_at' => $user->getDateFin()]
+      ]];
+
+    Class_Journal_RequestType::createWith($this, json_encode($json));
+
     $this->_helper
-      ->json(['account' => ['label' => $user->getNomAff(),
-                            'login' => $user->getLogin(),
-                            'card' => ['id'=> $user->getIdabon(),
-                                       'expire_at' => $user->getDateFin()]
-              ]]);
+      ->json($json);
   }
 
 
   public function loansAction() {
     $this->_clearUserCache();
-    $this->view->loans = $this->_userCards()->getLoans();
+    $this->_helper->viewRenderer->setNoRender();
+    $this->getResponse()->setHeader('Content-Type', 'application/json; charset=utf-8');
+
+    $json = '{ "loans":'.$this->view->loans($this->_userCards()->getLoans()).'}';
+    Class_Journal_RequestType::createWith($this, $json);
+    $this->getResponse()->setBody($json);
+  }
+
+
+  public function pnbloansAction() {
+
+    $this->_helper->viewRenderer->setNoRender();
+    $this->getResponse()->setHeader('Content-Type', 'application/json; charset=utf-8');
+
+    $this->_clearUserCache();
+    $this->view->loans = $this->_userCards()->getPNBLoans();
+    $json='{ "loans":'.$this->view->pnbLoans($this->view->loans).'}';
+    Class_Journal_RequestType::createWith($this, $json);
+    $this->getResponse()->setBody($json);
   }
 
 
   public function holdsAction() {
-    $this->view->holds = $this->_userCards()->getHolds();
+    $this->_helper->viewRenderer->setNoRender();
+    $this->getResponse()->setHeader('Content-Type', 'application/json; charset=utf-8');
+    $json='{ "holds":'.$this->view->holds($this->_userCards()->getHolds()).'}';
+    Class_Journal_RequestType::createWith($this, $json);
+    $this->getResponse()->setBody($json);
   }
 
 
@@ -56,18 +83,23 @@ class Api_UserController extends ZendAfi_Controller_Action {
 
     $status = $cards->renewLoan($loan_id);
 
-    if ($status['statut'] == false)
-      return $this->_helper->json(['status' => 'error',
-                                   'error' => $status['erreur']]);
+    if ($status['statut'] == false){
+      $json = ['status' => 'error',
+       'error' => $status['erreur']];
+      Class_Journal_RequestType::createWith( $this, json_encode($json), '404');
 
+      return $this->_helper->json($json);
+    }
     $loan = $cards->getLoans()
                   ->detect(function($loan) use ($loan_id)
                            {
                              return $loan->getId() == $loan_id;
                            });
+    $json = ['status' => 'renewed',
+            'date_due' => $loan->getDateRetourISO8601()];
+    Class_Journal_RequestType::createWith( $this, json_encode($json));
 
-    return $this->_helper->json(['status' => 'renewed',
-                                 'date_due' => $loan->getDateRetourISO8601()]);
+    return $this->_helper->json($json);
   }
 
 
@@ -95,6 +127,7 @@ class Api_UserController extends ZendAfi_Controller_Action {
 
 
   protected function _authenticate() {
+
     if (Class_AdminVar_OAuthAcceptHTTP::shouldRejectRequest($this->_request))
       return $this->_helper->throwHTTPError($this->_('Protocole HTTPS obligatoire'), 403);
 
@@ -108,6 +141,10 @@ class Api_UserController extends ZendAfi_Controller_Action {
     if (!$token = Class_User_ApiToken::findFirstBy(['token' => $parts[1]]))
       return $this->_helper->throwHTTPError($this->_('Jeton d\'autorisation invalide'), 403);
 
+    if ($token->isExpired()) {
+      return $this->_helper->throwHTTPError(implode(',',array_unique($token->getErrors())), 403);
+    }
+
     if (!$user = $token->getUser())
       return $this->_helper->throwHTTPError($this->_('Utilisateur non trouvé'), 403);
 

application/modules/api/views/scripts/user/holds.pjson

-{
-	"holds": <?php echo $this->holds($this->holds) ?>
-}

application/modules/api/views/scripts/user/loans.pjson

-{
-	"loans": <?php echo $this->loans($this->loans) ?>
-}