ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
95ccc3008c
TenantAtlas/app/Http/Controllers
History
ahmido c5fbcaa692 063-entra-signin (#76) 
Key changes

Adds Entra OIDC redirect + callback endpoints under /auth/entra/* (token exchange only there).
Upserts tenant users keyed by (entra_tenant_id = tid, entra_object_id = oid); regenerates session; never stores tokens.
Blocks disabled / soft-deleted users with a generic error and safe logging.
Membership-based post-login routing:
0 memberships → /admin/no-access
1 membership → tenant dashboard (via Filament URL helpers)
>1 memberships → /admin/choose-tenant
Adds Filament pages:
/admin/choose-tenant (tenant selection + redirect)
/admin/no-access (tenantless-safe)
Both use simple layout to avoid tenant-required UI.
Guards / tests

Adds DbOnlyPagesDoNotMakeHttpRequestsTest to enforce DB-only render/hydration for:
/admin/login, /admin/no-access, /admin/choose-tenant
with Http::preventStrayRequests()
Adds session separation smoke coverage to ensure tenant session doesn’t access system and vice versa.
Runs: vendor/bin/sail artisan test --compact tests/Feature/Auth

Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box>
Reviewed-on: #76
2026-01-27 16:38:53 +00:00
..
Auth 063-entra-signin (#76) 2026-01-27 16:38:53 +00:00
AdminConsentCallbackController.php feat: TenantPilot v1 - Complete implementation (Phases 1-12) 2025-12-12 02:27:54 +01:00
Controller.php Initial commit from Specify template 2025-12-10 22:27:21 +01:00
RbacDelegatedAuthController.php Intune RBAC: graceful unsupported-account handling, health-check fixes, tests and docs updates 2025-12-13 01:25:06 +01:00
TenantOnboardingController.php feat: TenantPilot v1 - Complete implementation (Phases 1-12) 2025-12-12 02:27:54 +01:00