- Introduced `needSignInUris` and `needSignOutUris` methods in `OidcConfigResolver` to determine URI requirements based on app type. - Updated `AuthorizationCodeClientFactory` to merge sign-in and sign-out URIs for redirect handling. - Enhanced app creation UI to conditionally display sign-in and sign-out URI fields. - Added authorization check for OIDC app creation using `AppPermissionEnum`.
75 lines
2.5 KiB
PHP
75 lines
2.5 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Services\Applications\OIDC;
|
|
|
|
use App\Data\Application\{CreatedApplicationData, StoreOIDCAppData};
|
|
use App\Data\ConnectedApp\ConnectAppRequest;
|
|
use App\Enums\{ConnectionProtocolEnum, ConnectionStatusEnum};
|
|
use App\Models\{ConnectionProtocol, ConnectionStatus};
|
|
use App\Services\{ApplicationLogoUploader, ConnectedAppService};
|
|
use App\Services\Applications\OIDC\Factory\ClientCreationFactory;
|
|
use Illuminate\Support\Facades\{DB, Log};
|
|
use Illuminate\Support\Str;
|
|
use Throwable;
|
|
|
|
readonly class OidcService
|
|
{
|
|
public function __construct(
|
|
private ClientCreationFactory $clientCreationFactory,
|
|
private ApplicationLogoUploader $logoUploader,
|
|
private ConnectedAppService $connectedAppService,
|
|
) {}
|
|
|
|
/**
|
|
* @throws Throwable
|
|
*/
|
|
public function createApp(StoreOIDCAppData $data): CreatedApplicationData
|
|
{
|
|
Log::info('Creating OIDC app', [
|
|
'name' => $data->name,
|
|
'type' => $data->type,
|
|
]);
|
|
try {
|
|
DB::beginTransaction();
|
|
$logo = $this->logoUploader->store($data->logo);
|
|
$appData = $this->connectedAppService->create(
|
|
new ConnectAppRequest(
|
|
name: $data->name,
|
|
connectionProtocolId: ConnectionProtocol::query()->where('name', ConnectionProtocolEnum::OIDC->value)->first()->id,
|
|
connectionProviderId: 0,
|
|
slug: Str::slug($data->name),
|
|
connectionStatusId: ConnectionStatus::query()->where('name', ConnectionStatusEnum::Connected->value)->first()->id,
|
|
logo: $logo,
|
|
)
|
|
);
|
|
|
|
$clientData = $this->clientCreationFactory->for($data->type)->create($data);
|
|
DB::commit();
|
|
|
|
// remove sensitive data
|
|
$appData->settings = null;
|
|
|
|
Log::info('OIDC app created', [
|
|
'name' => $data->name,
|
|
'type' => $data->type,
|
|
'clientId' => isset($clientData->clientId),
|
|
'clientSecret' => isset($clientData->clientSecret),
|
|
]);
|
|
|
|
return new CreatedApplicationData(
|
|
application: $appData,
|
|
clientCredentials: $clientData,
|
|
);
|
|
} catch (Throwable $e) {
|
|
DB::rollBack();
|
|
Log::error('Failed to create OIDC app', [
|
|
'name' => $data->name,
|
|
'type' => $data->type,
|
|
]);
|
|
throw $e;
|
|
}
|
|
}
|
|
}
|