94 Commits

Author SHA1 Message Date
=
0b77f69818 Feat: Add modular OIDC app creation with logo support
- Introduced new components and services for OIDC app creation, enabling dynamic handling of app types, URIs, and user roles.
- Added support for uploading and managing logos for connected apps.
- Implemented `ClientCreationFactory` and related factories for modular OIDC client generation.
- Updated UI to enhance app creation flow with post-creation credential display and improved validations.
- Refactored backend with `OidcService` for streamlined OIDC app creation and management.
2026-06-18 13:35:23 +00:00
=
fb7b1e3721 Feat: Configure Laravel Passport for API authentication
- Added `PassportServiceProvider` to configure token expiration intervals.
- Updated `User` model with `HasApiTokens` trait and `OAuthenticatable` interface for Passport support.
- Registered `PassportServiceProvider` in `bootstrap/providers.php`.
2026-06-18 10:33:58 +00:00
=
e791c08ce1 Feat: (UI) Replace connected-app creation with modular OIDC service and components
- Removed the old `connected-apps.create` implementation and components, simplifying the codebase.
- Introduced modular OIDC integration using reusable components and traits, such as `WithSearchableChoices` and `WithRepeaterFields`.
- Added `StoreOIDCAppForm` for handling OpenID Connect app-specific fields and validation.
- Updated `choices.blade.php` and related components to leverage configuration-driven, dynamic multi-select functionality.
- Updated routes to support new OIDC app creation under distinct connection protocol namespaces.
- Enhanced app creation flow with support for dynamic fields like URIs (`repeater-input`) and scoped user roles.
2026-06-18 09:48:07 +00:00
=
05c4e5eab7 Deps: Update composer dependencies to latest versions
- Upgraded `brick/math` to v0.17.2, `guzzlehttp/guzzle` to v7.12.0, `nesbot/carbon` to v3.12.3, and several others for improved performance and bug fixes.
- Updated middleware in `bootstrap/app.php` to render JSON for API exception routes.
2026-06-18 04:54:29 +00:00
=
a04bb5d7d1 Feat: Add modular application types, connection protocols, and dynamic app creation modal
- Introduced `ApplicationTypeEnum` and updated `ConnectionProtocolEnum` with labeled options, hints, and implementations for enhanced flexibility.
- Modularized the `apps` routes into a separate file for improved structure and maintainability.
- Added `CreateAppSelectionForm` Livewire component to handle app creation flows with dynamic protocol and type selection.
- Enhanced `connected-apps` UI with a modal-based app creation mechanism.
2026-06-17 12:46:25 +00:00
=
0921535ae2 Feat: Enhance OIDC nonce handling with middleware and session support
- Introduced `CaptureOidcNonce` middleware to capture and store nonce in session during GET requests.
- Updated `CustomAuthCodeRepository` to resolve nonce from session if not present in POST requests, ensuring seamless handling.
- Registered middleware in `bootstrap/app.php` for web routes.
- Adjusted `LoginResponse` to use `redirect()->intended` for improved redirection logic.
- Added comprehensive feature tests to validate nonce capture, session storage, and cache resolution workflows.
2026-06-17 09:17:06 +00:00
=
2682a234d4 Feat: Introduce custom OIDC client to enforce authorization prompts
- Created `CustomOidcClient` to override default `OidcClient` behavior, ensuring authorization prompts are always displayed.
- Updated `oidc-server.php` configuration to use the custom client model.
2026-06-17 08:45:11 +00:00
=
02455fc71c Feat: Implement OpenID Connect nonce handling
- Added `CustomAuthCodeRepository` to cache and store nonces during authorization.
- Introduced `CustomTokenResponseType` to resolve cached nonces during token exchange.
- Created `oidc-server.php` configuration for OpenID Connect support, including scopes, claims, and token lifetimes.
- Registered custom implementations in `AppServiceProvider` with bindings for `AuthCodeRepository` and `TokenResponseType`.
- Added feature tests to validate nonce caching and resolution logic.
2026-06-17 07:22:26 +00:00
=
9c44d65f94 Deps: Add admin9/laravel-oidc-server 2026-06-16 12:15:56 +00:00
=
ce209cd14d Deps: Add passport 2026-06-16 11:47:58 +00:00
=
dfb47f7d19 Feat: Add unlimited flag to app roles and enhance Keka integration
- Introduced `is_unlimited` field in `app_roles` table to support roles with unlimited duration.
- Enhanced front-end and back-end implementations to manage unlimited roles, including UI updates and validation.
- Refactored `KekaOutlookController` and `KekaOutlookService` for streamlined exception handling and code consistency.
- Applied linting and formatting improvements across updated files.
2026-06-15 12:59:30 +00:00
=
14a3339b3c Merge branch 'feature/integrate-keka-via-azure' into subhajit_keka_chnages 2026-06-15 08:20:27 +00:00
5ebda68b68 keka intregation 2026-06-15 13:25:39 +05:30
cb86f8e362 update 2026-06-12 18:22:10 +05:30
=
c4e2cfc4bb Feat: Modularize Keka HR integration with services
- Introduced `KekaAccessGuard`, `KekaConfigResolver`, `KekaIntegrationService`, `KekaTokenService`, and `KekaUrlBuilder` to streamline Keka HR functionality.
- Refactored `KekaController` to delegate key operations to modular services, improving maintainability.
- Updated dashboard UI to ensure alignment with the new service-based architecture.
- Enhanced error handling, logging, and code reusability for Keka integration workflows.
2026-06-12 11:55:12 +00:00
=
b90dd5c092 Feat: Add Keka HR integration for OAuth and user token management
- Implemented `KekaController` to manage OAuth flows for Keka HR, including connection, callback, and disconnection.
- Added required routes, middleware updates, and session handling for Keka integration.
- Enhanced dashboard UI to display Keka connection status and provide seamless connect/disconnect options.
- Included validation and configuration for Keka Portal URL in connected apps.
- Developed feature tests to ensure reliable authentication and token handling workflows for Keka.
2026-06-11 13:40:52 +00:00
=
66ae0bad37 Refactor: UI Changes in App services
- make the button bigger and active color
- remove unnecessary info from UI
- Removed redundant validation calls and improved permission handling for `ConnectApps`.
2026-06-11 10:17:59 +00:00
=
688b0307b8 Merge remote-tracking branch 'origin/feature/integrate-outlook-via-browser-session' into feature/integrate-outlook-via-browser-session 2026-06-10 13:20:49 +00:00
=
ef04126f6c Chore: pint fixes 2026-06-10 13:18:46 +00:00
=
82d1cdb204 Refactor: Replace Outlook integration with Entra ID federation
- Removed legacy Outlook integration, including views, controllers, and models.
- Introduced Microsoft Entra ID OAuth flows with enhanced permission checks and token management.
- Migrated database structure: replaced `outlook_tokens` table with `oauth_tokens` table for multi-provider support.
- Added comprehensive tests for Entra ID federation, including connection flow, token refresh, and permission checks.
- Standardized OAuth implementation using `EntraController` and consolidated token models into `OauthToken`.
2026-06-10 13:16:34 +00:00
d1637c5a35 implement outlook login 2026-06-10 14:31:36 +05:30
=
2140c12b10 WIP: Improve SAML response generation and attribute mapping
- Refactored `SamlIdpService` to enhance SAML NameID handling, adding support for configurable formats and sources with `SamlNameIdFormatEnum`.
- Enabled custom attribute mapping with dynamic claims resolution, supporting app-level configurations.
- Standardized SAML namespace usage across all element creation methods to ensure compliance with SAML 2.0 specifications.
- Improved cryptographic signature handling with Exclusive Canonicalization (C14N) and proper DOM node positioning.
- Added new unit tests to verify SAML responses and cryptographic signature validation.
2026-06-08 13:20:01 +00:00
=
aaa258903c Feat: Add enhanced SAML configuration and attribute mapping support
- Implemented `EnumMorphsToOptionsContract` interface to enable enums with options and labels for dropdowns.
- Created `SamlNameIdFormatEnum` and `SamlNameIdSourceEnum` for standardized SAML NameID configuration.
- Added reusable `SAML Configuration` Blade component for easier integration into connected app forms.
- Enabled custom SAML Attribute mapping with dynamic add/remove functionality and validation.
- Improved `SamlIdpController` to enforce ACS URL matching and user authorization checks.
- Refactored SAML-related tests and added scenarios for role-based SAML access and custom configurations.
2026-06-08 12:56:28 +00:00
=
215d3cad7f Refactor: Enhance Microsoft Graph Federation error handling and logging
- Improved logging for `MicrosoftGraphService` methods to provide detailed insights into federation configuration processes.
- Refactored error handling for domain federation configuration, including specific checks for authorization and resource errors.
- Streamlined federation flow logic and made it more resilient to exceptions.
- Updated UI components to handle configuration states more effectively and added button functionality for failed connections.
- Expanded test coverage for Microsoft Graph Federation scenarios, including authorization failures and domain validation.
- masked the sensitive fields
2026-06-02 12:25:57 +00:00
=
1a7134419c Refactor: Improve dependency injection for dashboard components and enhance SAML logging
- Removed inline data definitions from multiple dashboard components for roles, users, and connected apps, replacing them with service-based computed properties.
- Added comprehensive debug and error-level logging throughout `SamlIdpService` and related controllers to improve traceability of SAML flows.
- Cleaned up and centralized SAML-related logic, improving maintainability and error handling consistency.
- Deleted unused `hr-permission.blade.php` component to reduce code redundancy.
2026-06-01 13:05:59 +00:00
=
57f0a4590c Feat: Add comprehensive support for SAML SSO integration
- Introduced `ddev` configuration for Laravel-based SAML SSO setup.
- Added detailed technical specifications for SAML 2.0 integration, including endpoints, flows, and cryptographic signing.
- Created extensive unit tests to validate `SamlIdpController` and `SamlIdpService` functionalities.
- Enhanced metadata generation, SAML request parsing, and cryptographic signing of responses.
- Implemented models, services, and tests to standardize IdP interactions with Service Providers.
2026-06-01 11:04:16 +00:00
=
37f6e00fa2 Feat: make home route redirect to dashboard 2026-05-29 11:53:56 +00:00
6ff2b803bb
Merge pull request #1 from subhajit9328/feature/test-saml-integration
Feature/test saml integration
2026-05-29 11:41:02 +05:30
=
8a41ae6ac1 Feat: assigned user status change, search, pagination and notification
- Added activity logs for ticket status changes, comments, and ticket views.
- Implemented `TicketStatusChangedNotification` to notify users of status updates.
- Enhanced ticket list filtering with pagination, search, and status filters.
- Updated UI to better handle ticket assignments, status updates, and comment notifications.
- Extended tests for activity logs, unauthorized actions, status change notifications, and filtering functionalities.
2026-05-28 13:22:36 +00:00
=
df4a84b970 Feat: introduce Microsoft Entra ID federation configuration
- Added `MicrosoftGraphCredentialsData` and `FederatedIdpMfaBehaviorEnum` for managing Entra ID integration.
- Implemented `MicrosoftGraphService` to handle federation setup, domain management, and token authentication.
- Created UI for managing Microsoft Graph Federation, including connection and disconnection flows.
- Extended tests to validate Microsoft Graph Federation functionality.
2026-05-28 12:43:17 +00:00
=
f61acb8907 add email address claims in XML 2026-05-27 13:10:51 +00:00
=
a37b6a91be Feat: Show Immutable Id field if user has a SAML App
- added a ImmuatableId field in manage roles
- Generate ImmutableId using user Id if not available
2026-05-27 10:43:44 +00:00
=
4849736c60 Feat: add intials SAML SSO compatibility.
- SAML public certificate generation
- Authentication using SAML
2026-05-27 05:49:36 +00:00
=
04c62145b5 Feat: notify all administrators when a ticket is raised
- Updated `TicketService` to trigger notifications to all administrators upon ticket creation.
- Added test to verify administrator notifications when a support ticket is raised.
- Minor formatting adjustments in `Ticket` model's imports for consistency.
2026-05-26 07:14:31 +00:00
=
67002d6979 Feat: add ticket assignment, comments, and notifications
- Added migration for ticket assignment and comments (`assigned_user_id` and `ticket_replies` table).
- Implemented `TicketAssignedNotification` and `TicketCommentedNotification`.
- Created `ReplyData`, `TicketListData`, and `PostReplyRequest` data classes.
- Introduced `ResolveNotificationRouteController` for modular notification redirection.
- Updated UI to support assigning users and posting comments on tickets.
- User is navigated to comments page when clicked on the ticket, upon navigation ticket details modal is opened.
- Extended tests to cover assignments, comments, status transitions, and notifications.
2026-05-26 07:01:18 +00:00
=
cac5f4905b WIP: implement ticketing system with support for notifications and attachments
- Added database migrations for tickets, statuses, roles, users, and related associations.
- Introduced models and enums for ticket status, permissions, and notifications.
- Implemented `TicketService` for ticket management and notification handling.
- Created Livewire form and UI for raising tickets with file attachments and routing options.
- Added tests covering ticket creation, validation, notifications, and file uploads.
2026-05-25 13:04:43 +00:00
=
c826ffbfcb Merge remote-tracking branch 'origin/feature/#113205-permission-manager' into feature/#113205-permission-manager 2026-05-25 10:14:48 +00:00
=
2a19940635 Feat: implement role-based priority restrictions and permission manager
- Added `priority`-based access logic to restrict role and user management actions.
- Introduced `Permission Manager` UI and routes for permission access control.
- Updated `RoleService` and `AppRoleService` to include `visible` scope for priority filtering.
- Enhanced seeding to assign priorities to default roles and ensure proper hierarchy.
- Updated sidebar, routes, and data structure to handle new permission enums and resource segmentation.
- Improved UI components to dynamically restrict visibility and actions based on role priority.
2026-05-25 10:14:28 +00:00
=
dcb5bd2790 Feat: implement role-based priority restrictions and permission manager
- Added `priority`-based access logic to restrict role and user management actions.
- Introduced `Permission Manager` UI and routes for permission access control.
- Updated `RoleService` and `AppRoleService` to include `visible` scope for priority filtering.
- Enhanced seeding to assign priorities to default roles and ensure proper hierarchy.
- Updated sidebar, routes, and data structure to handle new permission enums and resource segmentation.
- Improved UI components to dynamically restrict visibility and actions based on role priority.
2026-05-25 10:12:42 +00:00
=
d024308c2e Feat: add ConnectedAppFactory, MockDataSeeder, and role-app connection logic
- Introduced `ConnectedAppFactory` for generating connected app data.
- Added `MockDataSeeder` to create sample roles, users, and apps with dynamic role-app assignments.
- Extended `RoleAndAppsPermissionEnum` with `ConnectApps` permission.
- Updated access-manager UI to handle app-connection actions with proper authorization.
- Integrated app-role connection logic in Livewire component and updated `roles-and-apps` view for permissions-based actions.
2026-05-25 07:01:45 +00:00
=
cd29191c7b Feat: add role priority management
- Added `priority` column to `roles` table with migration and model updates.
- Introduced priority management methods in `RoleService` and validation logic for updates.
- Enhanced access-manager UI to display and edit role priorities via a modal.
- Updated related data classes and views to support and handle the new priority field.
2026-05-25 06:35:21 +00:00
=
d7c2491fed Refactor: consolidate and replace permission enums for streamlined access management
- Replaced `AccessManager`, `Apps`, and `Settings` enums with modular enums like `RoleAndAppsPermissionEnum`, `AppPermissionEnum`, etc.
- Updated route, view, Livewire components, and tests to use new modular enums.
- Enhanced `DefaultRoleWithPermissionSeeder` and `PermissionSeeder` with updated enums.
- Added README in the Enums/Permissions directory to explain usage and naming conventions.
- Refactored dashboard sidebar and route definitions for better enum-based permission handling.
- Improved test coverage to validate new permission enums functionality.
2026-05-25 06:18:09 +00:00
=
4fe1765525 Feat: add "Select All" and "Revoke All" permissions functionality in user access management
- Introduced methods `selectAllPermissions` and `revokeAllPermissions` in Livewire component.
- Updated permissions section UI with buttons for selecting and revoking all permissions.
- Enhanced user experience by simplifying bulk permission management.
2026-05-22 13:20:30 +00:00
=
42737a6a2f Feat: integrate reusable confirmation logic across components
- Applied `Confirmation` trait to multiple Livewire components for unified confirmation handling.
- Replaced inline confirmation modals with `requireConfirmation` method for streamlined interaction.
- Updated button styles and added reusable confirmation prompts for delete/detach actions.
- Enhanced `AppRoleService` and `ConnectionProviderService` to support deletion with confirmation.
2026-05-22 12:59:12 +00:00
=
5eca6d3602 Feat: add confirmation modal component and Livewire support
- Introduced `Confirmation` trait for reusable confirmation modal logic in Livewire components.
- Added `ConfirmationModal` Livewire component for handling confirmation prompts with customizable title, subtitle, description, and styling.
- Updated `captainhook.json` to increase `subjectLength` limit.
- Integrated confirmation modal in the sidebar layout with `<livewire:confirmation-modal/>`.
2026-05-22 11:37:31 +00:00
=
2956d03001 Feat: add role and permission middleware to routes 2026-05-22 11:36:51 +00:00
=
0fd2848475 Refactor: update auth page design and favicon
- Updated login and registration forms with improved layout and new components for better user experience.
- Removed unused favicon and replaced references with updated logo image.
2026-05-22 09:02:16 +00:00
=
ec26c0a205 Refactor: user in dashboard topbar and fix binding
- Centralized user data retrieval in `dashboard-topbar.blade.php` by introducing `$user` variable.
- Enhanced topbar dropdown with user details (name, email) and improved styling.
- Fixed Livewire binding in roles-and-apps view by replacing `model` with `wire:model`.
2026-05-21 13:20:27 +00:00
=
8079b878a1 Feat: add dynamic topbar with role-based display
- Updated `dashboard-topbar.blade.php` to show "Admin Panel" only for users with the Admin role.
- Introduced user initials avatar with logout functionality via dropdown menu.
2026-05-21 11:50:04 +00:00
=
0ca7361a22 Feat: user dashboard with active services
- Added `UserAppAccessService` for retrieving active services by user with detailed role and permission validation.
- Created `ServiceAppDto` to standardize service data for UI rendering.
- Enhanced user dashboard layout and Livewire component with computed services, role-based restricted access, and expiring service warnings.
- Updated dashboard blade views for improved user experience and dynamic active services display.
2026-05-21 11:44:57 +00:00