refactor command to acquire admin consent

src/Bundle/ChillCalendarBundle/Command/AzureGrantAdminConsentAndAcquireToken.php

@@ -14,13 +14,13 @@ namespace Chill\CalendarBundle\Command;
 use Chill\CalendarBundle\RemoteCalendar\Connector\MSGraph\MachineTokenStorage;
 use KnpU\OAuth2ClientBundle\Client\ClientRegistry;
 use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Helper\FormatterHelper;
 use Symfony\Component\Console\Input\InputInterface;
 use Symfony\Component\Console\Output\OutputInterface;
-use Symfony\Component\Console\Question\Question;
+use Symfony\Component\Console\Question\ConfirmationQuestion;
 use TheNetworg\OAuth2\Client\Provider\Azure;
-use const PHP_URL_QUERY;
 
-class AzureGetMachineAccessTokenCommand extends Command
+class AzureGrantAdminConsentAndAcquireToken extends Command
 {
     private Azure $azure;
 
@@ -30,51 +30,47 @@ class AzureGetMachineAccessTokenCommand extends Command
 
     public function __construct(Azure $azure, ClientRegistry $clientRegistry, MachineTokenStorage $machineTokenStorage)
     {
-        parent::__construct('chill:calendar:get-access-token');
+        parent::__construct('chill:calendar:msgraph-grant-admin-consent');
 
         $this->azure = $azure;
         $this->clientRegistry = $clientRegistry;
         $this->machineTokenStorage = $machineTokenStorage;
     }
 
-    protected function configure()
-    {
-    }
-
     protected function execute(InputInterface $input, OutputInterface $output)
     {
+        /** @var FormatterHelper $formatter */
+        $formatter = $this->getHelper('formatter');
         $this->azure->scope = ['https://graph.microsoft.com/.default'];
-        $authorizationUrl = explode('?', $this->azure->getAuthorizationUrl(['prompt' => 'consent']));
+        $authorizationUrl = explode('?', $this->azure->getAuthorizationUrl(['prompt' => 'admin_consent']));
+
         // replace the first part by the admin consent authorization url
         $authorizationUrl[0] = strtr('https://login.microsoftonline.com/{tenant}/adminconsent', ['{tenant}' => $this->azure->tenant]);
 
         $output->writeln('Go to the url');
         $output->writeln(implode('?', $authorizationUrl));
-        $output->writeln('Authenticate as admin, and copy-paste the url you will reach');
+        $output->writeln('Authenticate as admin, and grant admin consent');
 
         // not necessary ?
         $helper = $this->getHelper('question');
-        $question = new Question('Paste here the return url after you completed the admin consent');
+        $question = new ConfirmationQuestion('Access granted ?');
 
-        $returnUrl = $helper->ask($input, $output, $question);
+        if (!$helper->ask($input, $output, $question)) {
+            $messages = ['No problem, we will wait for you', 'Grant access and come back here'];
+            $output->writeln($formatter->formatBlock($messages, 'warning'));
 
-        $keyValues = explode('&', parse_url($returnUrl, PHP_URL_QUERY));
-        $params = [];
-
-        foreach ($keyValues as $str) {
-            $strs = explode('=', $str);
-            $params[$strs[0]] = $strs[1];
+            return 0;
         }
 
-        dump($params);
+        $token = $this->machineTokenStorage->getToken();
 
-        $token = $this->azure->getAccessToken('client_credentials', [
-            'scope' => $this->azure->scope,
-        ]);
+        $messages = ['Token acquired!', 'We could acquire a machine token successfully'];
+        $output->writeln($formatter->formatBlock($messages, 'success'));
 
-        $this->machineTokenStorage->storeToken($token);
-
-        $output->writeln('machine access token acquired and saved!');
+        $output->writeln('Token information:');
+        $output->writeln($token->getToken());
+        $output->writeln('Expires at: ' . $token->getExpires());
+        $output->writeln('To inspect the token content, go to https://jwt.ms/#access_token=' . urlencode($token->getToken()));
 
         return 0;
     }