- Implemented the `show` page for managing URL apps with functionalities like updating name, logo, access URL, and connection status.
- Added `UrlAppViewTest` for feature testing, ensuring role-based access, and validation of edit actions.
- Updated navigation to route URL apps to their respective management views.
- Enhanced `OidcService` to handle updated app settings and redirect URIs.
- Introduced a detailed view for OIDC apps (`show` page) with client credentials and sign-out URI management.
- Added functionality to toggle app status, generate new client secrets, and display OAuth scopes.
- Implemented service methods for handling OIDC app data, including `getPassportClient`, `generateNewSecret`, and `toggleStatus`.
- Enhanced feature tests for role-based access and validation of client secret generation.
- Introduced `StoreURLAppForm` and `StoreURLAppData` for form handling and data transformation.
- Added `UrlAppService` to streamline URL app creation with settings like `accessUrl` and `isConnectedToMicrosoft`.
- Enhanced user access controls with role-based permissions using `UserAccessTypeEnum`.
- Updated UI for URL app creation with support for logos and dynamic role selection.
- Implemented feature tests to validate URL app creation and access URL formatting.
- Introduced tests for OIDC app creation, including validation for access URL formatting.
- Updated enums and services to streamline application type and protocol handling.
- Added `accessUrl` support across backend, services, and UI to enhance app functionality and user accessibility.
- Refactored and commented out unused enum values and providers to improve maintainability.
- Introduced `needSignInUris` and `needSignOutUris` methods in `OidcConfigResolver` to determine URI requirements based on app type.
- Updated `AuthorizationCodeClientFactory` to merge sign-in and sign-out URIs for redirect handling.
- Enhanced app creation UI to conditionally display sign-in and sign-out URI fields.
- Added authorization check for OIDC app creation using `AppPermissionEnum`.
- Introduced `OidcConfigResolver` to streamline client secret checks based on app type.
- Enhanced logging in `OidcService` to provide detailed insights during app creation and error handling.
- Updated UI to conditionally display client secret based on app type.
- Added placeholder image support for app logos.
- Introduced new components and services for OIDC app creation, enabling dynamic handling of app types, URIs, and user roles.
- Added support for uploading and managing logos for connected apps.
- Implemented `ClientCreationFactory` and related factories for modular OIDC client generation.
- Updated UI to enhance app creation flow with post-creation credential display and improved validations.
- Refactored backend with `OidcService` for streamlined OIDC app creation and management.
- Added `PassportServiceProvider` to configure token expiration intervals.
- Updated `User` model with `HasApiTokens` trait and `OAuthenticatable` interface for Passport support.
- Registered `PassportServiceProvider` in `bootstrap/providers.php`.
- Removed the old `connected-apps.create` implementation and components, simplifying the codebase.
- Introduced modular OIDC integration using reusable components and traits, such as `WithSearchableChoices` and `WithRepeaterFields`.
- Added `StoreOIDCAppForm` for handling OpenID Connect app-specific fields and validation.
- Updated `choices.blade.php` and related components to leverage configuration-driven, dynamic multi-select functionality.
- Updated routes to support new OIDC app creation under distinct connection protocol namespaces.
- Enhanced app creation flow with support for dynamic fields like URIs (`repeater-input`) and scoped user roles.
- Upgraded `brick/math` to v0.17.2, `guzzlehttp/guzzle` to v7.12.0, `nesbot/carbon` to v3.12.3, and several others for improved performance and bug fixes.
- Updated middleware in `bootstrap/app.php` to render JSON for API exception routes.
- Introduced `ApplicationTypeEnum` and updated `ConnectionProtocolEnum` with labeled options, hints, and implementations for enhanced flexibility.
- Modularized the `apps` routes into a separate file for improved structure and maintainability.
- Added `CreateAppSelectionForm` Livewire component to handle app creation flows with dynamic protocol and type selection.
- Enhanced `connected-apps` UI with a modal-based app creation mechanism.
- Introduced `CaptureOidcNonce` middleware to capture and store nonce in session during GET requests.
- Updated `CustomAuthCodeRepository` to resolve nonce from session if not present in POST requests, ensuring seamless handling.
- Registered middleware in `bootstrap/app.php` for web routes.
- Adjusted `LoginResponse` to use `redirect()->intended` for improved redirection logic.
- Added comprehensive feature tests to validate nonce capture, session storage, and cache resolution workflows.
- Created `CustomOidcClient` to override default `OidcClient` behavior, ensuring authorization prompts are always displayed.
- Updated `oidc-server.php` configuration to use the custom client model.
- Added `CustomAuthCodeRepository` to cache and store nonces during authorization.
- Introduced `CustomTokenResponseType` to resolve cached nonces during token exchange.
- Created `oidc-server.php` configuration for OpenID Connect support, including scopes, claims, and token lifetimes.
- Registered custom implementations in `AppServiceProvider` with bindings for `AuthCodeRepository` and `TokenResponseType`.
- Added feature tests to validate nonce caching and resolution logic.
- Introduced `is_unlimited` field in `app_roles` table to support roles with unlimited duration.
- Enhanced front-end and back-end implementations to manage unlimited roles, including UI updates and validation.
- Refactored `KekaOutlookController` and `KekaOutlookService` for streamlined exception handling and code consistency.
- Applied linting and formatting improvements across updated files.
- Introduced `KekaAccessGuard`, `KekaConfigResolver`, `KekaIntegrationService`, `KekaTokenService`, and `KekaUrlBuilder` to streamline Keka HR functionality.
- Refactored `KekaController` to delegate key operations to modular services, improving maintainability.
- Updated dashboard UI to ensure alignment with the new service-based architecture.
- Enhanced error handling, logging, and code reusability for Keka integration workflows.
- Implemented `KekaController` to manage OAuth flows for Keka HR, including connection, callback, and disconnection.
- Added required routes, middleware updates, and session handling for Keka integration.
- Enhanced dashboard UI to display Keka connection status and provide seamless connect/disconnect options.
- Included validation and configuration for Keka Portal URL in connected apps.
- Developed feature tests to ensure reliable authentication and token handling workflows for Keka.
- make the button bigger and active color
- remove unnecessary info from UI
- Removed redundant validation calls and improved permission handling for `ConnectApps`.
- Removed legacy Outlook integration, including views, controllers, and models.
- Introduced Microsoft Entra ID OAuth flows with enhanced permission checks and token management.
- Migrated database structure: replaced `outlook_tokens` table with `oauth_tokens` table for multi-provider support.
- Added comprehensive tests for Entra ID federation, including connection flow, token refresh, and permission checks.
- Standardized OAuth implementation using `EntraController` and consolidated token models into `OauthToken`.
- Refactored `SamlIdpService` to enhance SAML NameID handling, adding support for configurable formats and sources with `SamlNameIdFormatEnum`.
- Enabled custom attribute mapping with dynamic claims resolution, supporting app-level configurations.
- Standardized SAML namespace usage across all element creation methods to ensure compliance with SAML 2.0 specifications.
- Improved cryptographic signature handling with Exclusive Canonicalization (C14N) and proper DOM node positioning.
- Added new unit tests to verify SAML responses and cryptographic signature validation.
- Implemented `EnumMorphsToOptionsContract` interface to enable enums with options and labels for dropdowns.
- Created `SamlNameIdFormatEnum` and `SamlNameIdSourceEnum` for standardized SAML NameID configuration.
- Added reusable `SAML Configuration` Blade component for easier integration into connected app forms.
- Enabled custom SAML Attribute mapping with dynamic add/remove functionality and validation.
- Improved `SamlIdpController` to enforce ACS URL matching and user authorization checks.
- Refactored SAML-related tests and added scenarios for role-based SAML access and custom configurations.
- Improved logging for `MicrosoftGraphService` methods to provide detailed insights into federation configuration processes.
- Refactored error handling for domain federation configuration, including specific checks for authorization and resource errors.
- Streamlined federation flow logic and made it more resilient to exceptions.
- Updated UI components to handle configuration states more effectively and added button functionality for failed connections.
- Expanded test coverage for Microsoft Graph Federation scenarios, including authorization failures and domain validation.
- masked the sensitive fields
- Removed inline data definitions from multiple dashboard components for roles, users, and connected apps, replacing them with service-based computed properties.
- Added comprehensive debug and error-level logging throughout `SamlIdpService` and related controllers to improve traceability of SAML flows.
- Cleaned up and centralized SAML-related logic, improving maintainability and error handling consistency.
- Deleted unused `hr-permission.blade.php` component to reduce code redundancy.
- Introduced `ddev` configuration for Laravel-based SAML SSO setup.
- Added detailed technical specifications for SAML 2.0 integration, including endpoints, flows, and cryptographic signing.
- Created extensive unit tests to validate `SamlIdpController` and `SamlIdpService` functionalities.
- Enhanced metadata generation, SAML request parsing, and cryptographic signing of responses.
- Implemented models, services, and tests to standardize IdP interactions with Service Providers.
- Added activity logs for ticket status changes, comments, and ticket views.
- Implemented `TicketStatusChangedNotification` to notify users of status updates.
- Enhanced ticket list filtering with pagination, search, and status filters.
- Updated UI to better handle ticket assignments, status updates, and comment notifications.
- Extended tests for activity logs, unauthorized actions, status change notifications, and filtering functionalities.
- Added `MicrosoftGraphCredentialsData` and `FederatedIdpMfaBehaviorEnum` for managing Entra ID integration.
- Implemented `MicrosoftGraphService` to handle federation setup, domain management, and token authentication.
- Created UI for managing Microsoft Graph Federation, including connection and disconnection flows.
- Extended tests to validate Microsoft Graph Federation functionality.
- Updated `TicketService` to trigger notifications to all administrators upon ticket creation.
- Added test to verify administrator notifications when a support ticket is raised.
- Minor formatting adjustments in `Ticket` model's imports for consistency.
- Added migration for ticket assignment and comments (`assigned_user_id` and `ticket_replies` table).
- Implemented `TicketAssignedNotification` and `TicketCommentedNotification`.
- Created `ReplyData`, `TicketListData`, and `PostReplyRequest` data classes.
- Introduced `ResolveNotificationRouteController` for modular notification redirection.
- Updated UI to support assigning users and posting comments on tickets.
- User is navigated to comments page when clicked on the ticket, upon navigation ticket details modal is opened.
- Extended tests to cover assignments, comments, status transitions, and notifications.
- Added database migrations for tickets, statuses, roles, users, and related associations.
- Introduced models and enums for ticket status, permissions, and notifications.
- Implemented `TicketService` for ticket management and notification handling.
- Created Livewire form and UI for raising tickets with file attachments and routing options.
- Added tests covering ticket creation, validation, notifications, and file uploads.
- Added `priority`-based access logic to restrict role and user management actions.
- Introduced `Permission Manager` UI and routes for permission access control.
- Updated `RoleService` and `AppRoleService` to include `visible` scope for priority filtering.
- Enhanced seeding to assign priorities to default roles and ensure proper hierarchy.
- Updated sidebar, routes, and data structure to handle new permission enums and resource segmentation.
- Improved UI components to dynamically restrict visibility and actions based on role priority.
- Added `priority`-based access logic to restrict role and user management actions.
- Introduced `Permission Manager` UI and routes for permission access control.
- Updated `RoleService` and `AppRoleService` to include `visible` scope for priority filtering.
- Enhanced seeding to assign priorities to default roles and ensure proper hierarchy.
- Updated sidebar, routes, and data structure to handle new permission enums and resource segmentation.
- Improved UI components to dynamically restrict visibility and actions based on role priority.
- Introduced `ConnectedAppFactory` for generating connected app data.
- Added `MockDataSeeder` to create sample roles, users, and apps with dynamic role-app assignments.
- Extended `RoleAndAppsPermissionEnum` with `ConnectApps` permission.
- Updated access-manager UI to handle app-connection actions with proper authorization.
- Integrated app-role connection logic in Livewire component and updated `roles-and-apps` view for permissions-based actions.