ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
1f3619bd16
TenantAtlas/app/Support/Providers/ProviderReasonCodes.php
ahmido bab01f07a9 feat: standardize platform provider identity (#166) 
## Summary
- standardize Microsoft provider connections around explicit platform vs dedicated identity modes
- centralize admin-consent URL and runtime identity resolution so platform flows no longer fall back to tenant-local credentials
- add migration classification, richer consent and verification state handling, dedicated override management, and focused regression coverage

## Validation
- focused repo test coverage was added across provider identity, onboarding, audit, policy, guard, and migration flows
- latest explicit passing run in the workspace: `vendor/bin/sail artisan test --compact tests/Feature/AdminConsentCallbackTest.php tests/Feature/Audit/ProviderConnectionConsentAuditTest.php`

## Notes
- branch includes the full Spec 137 artifact set under `specs/137-platform-provider-identity/`
- target base branch: `dev`

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #166
2026-03-13 16:29:08 +00:00

96 lines
3.4 KiB
PHP
Raw Blame History

<?php
namespace App\Support\Providers;
final class ProviderReasonCodes
{
public const string ProviderConnectionMissing = 'provider_connection_missing';
public const string ProviderConnectionInvalid = 'provider_connection_invalid';
public const string ProviderCredentialMissing = 'provider_credential_missing';
public const string ProviderCredentialInvalid = 'provider_credential_invalid';
public const string ProviderConnectionTypeInvalid = 'provider_connection_type_invalid';
public const string PlatformIdentityMissing = 'platform_identity_missing';
public const string PlatformIdentityIncomplete = 'platform_identity_incomplete';
public const string DedicatedCredentialMissing = 'dedicated_credential_missing';
public const string DedicatedCredentialInvalid = 'dedicated_credential_invalid';
public const string ProviderConsentMissing = 'provider_consent_missing';
public const string ProviderConsentFailed = 'provider_consent_failed';
public const string ProviderConsentRevoked = 'provider_consent_revoked';
public const string ProviderConnectionReviewRequired = 'provider_connection_review_required';
public const string ProviderAuthFailed = 'provider_auth_failed';
public const string ProviderPermissionMissing = 'provider_permission_missing';
public const string ProviderPermissionDenied = 'provider_permission_denied';
public const string ProviderPermissionRefreshFailed = 'provider_permission_refresh_failed';
public const string IntuneRbacPermissionMissing = 'intune_rbac.permission_missing';
public const string TenantTargetMismatch = 'tenant_target_mismatch';
public const string NetworkUnreachable = 'network_unreachable';
public const string RateLimited = 'rate_limited';
public const string UnknownError = 'unknown_error';
public const string IntuneRbacNotConfigured = 'intune_rbac.not_configured';
public const string IntuneRbacUnhealthy = 'intune_rbac.unhealthy';
public const string IntuneRbacStale = 'intune_rbac.stale';
/**
* @return array<int, string>
*/
public static function all(): array
{
return [
self::ProviderConnectionMissing,
self::ProviderConnectionInvalid,
self::ProviderCredentialMissing,
self::ProviderCredentialInvalid,
self::ProviderConnectionTypeInvalid,
self::PlatformIdentityMissing,
self::PlatformIdentityIncomplete,
self::DedicatedCredentialMissing,
self::DedicatedCredentialInvalid,
self::ProviderConsentMissing,
self::ProviderConsentFailed,
self::ProviderConsentRevoked,
self::ProviderConnectionReviewRequired,
self::ProviderAuthFailed,
self::ProviderPermissionMissing,
self::ProviderPermissionDenied,
self::ProviderPermissionRefreshFailed,
self::IntuneRbacPermissionMissing,
self::TenantTargetMismatch,
self::NetworkUnreachable,
self::RateLimited,
self::UnknownError,
self::IntuneRbacNotConfigured,
self::IntuneRbacUnhealthy,
self::IntuneRbacStale,
];
}
public static function isKnown(string $reasonCode): bool
{
return in_array($reasonCode, self::all(), true) || str_starts_with($reasonCode, 'ext.');
}
}
Reference in New Issue View Git Blame Copy Permalink