singleloginsystem/app/Services/Applications/OIDC/Factory/AuthorizationCodeClientFactory.php
= 882538130b Feat: make signin / signout uris render related to apptype
- Introduced `needSignInUris` and `needSignOutUris` methods in `OidcConfigResolver` to determine URI requirements based on app type.
- Updated `AuthorizationCodeClientFactory` to merge sign-in and sign-out URIs for redirect handling.
- Enhanced app creation UI to conditionally display sign-in and sign-out URI fields.
- Added authorization check for OIDC app creation using `AppPermissionEnum`.
2026-06-19 09:50:41 +00:00

39 lines
1.1 KiB
PHP

<?php
declare(strict_types=1);
namespace App\Services\Applications\OIDC\Factory;
use App\Data\Application\{ClientCredentialsData, StoreOIDCAppData};
use App\Enums\ApplicationTypeEnum;
use Exception;
use Laravel\Passport\ClientRepository;
readonly class AuthorizationCodeClientFactory implements ClientCreationContract
{
public function __construct(
private ClientRepository $client,
) {}
/**
* @throws Exception
*/
public function create(
StoreOIDCAppData $data
): ClientCredentialsData {
$client = $this->client->createAuthorizationCodeGrantClient(
name: $data->name,
// laravel-oidc-server expects redirect_uris to consist of sign_in and sign_out uris.
redirectUris: array_merge($data->signInUris, $data->signOutUris),
confidential: ApplicationTypeEnum::Web === $data->type,
);
return new ClientCredentialsData(
clientId: $client->id,
grantType: 'authorization_code',
clientSecret: $client->plainSecret,
redirectUris: $client->getAttribute('redirect_uris'),
);
}
}