TenantAtlas/app/Services/Providers/ProviderGateway.php

<?php

namespace App\Services\Providers;

use App\Models\ProviderConnection;
use App\Services\Graph\GraphClientInterface;
use App\Services\Graph\GraphResponse;
use Illuminate\Support\Str;

final class ProviderGateway
{
    public function __construct(
        private readonly GraphClientInterface $graph,
        private readonly CredentialManager $credentials,
    ) {}

    public function getOrganization(ProviderConnection $connection): GraphResponse
    {
        return $this->graph->getOrganization($this->graphOptions($connection));
    }

    public function getPolicy(ProviderConnection $connection, string $policyType, string $policyId, array $options = []): GraphResponse
    {
        return $this->graph->getPolicy($policyType, $policyId, $this->graphOptions($connection, $options));
    }

    public function listPolicies(ProviderConnection $connection, string $policyType, array $options = []): GraphResponse
    {
        return $this->graph->listPolicies($policyType, $this->graphOptions($connection, $options));
    }

    public function applyPolicy(
        ProviderConnection $connection,
        string $policyType,
        string $policyId,
        array $payload,
        array $options = [],
    ): GraphResponse {
        return $this->graph->applyPolicy($policyType, $policyId, $payload, $this->graphOptions($connection, $options));
    }

    public function getServicePrincipalPermissions(ProviderConnection $connection, array $options = []): GraphResponse
    {
        return $this->graph->getServicePrincipalPermissions($this->graphOptions($connection, $options));
    }

    public function request(ProviderConnection $connection, string $method, string $path, array $options = []): GraphResponse
    {
        return $this->graph->request($method, $path, $this->graphOptions($connection, $options));
    }

    /**
     * @return array<string, mixed>
     */
    public function graphOptions(ProviderConnection $connection, array $overrides = []): array
    {
        $clientCredentials = $this->credentials->getClientCredentials($connection);

        return array_merge([
            'tenant' => $connection->entra_tenant_id,
            'client_id' => $clientCredentials['client_id'],
            'client_secret' => $clientCredentials['client_secret'],
            'client_request_id' => (string) Str::uuid(),
        ], $overrides);
    }
}