ahmido
ce0615a9c1
## Summary - move the Laravel application into `apps/platform` and keep the repository root for orchestration, docs, and tooling - update the local command model, Sail/Docker wiring, runtime paths, and ignore rules around the new platform location - add relocation quickstart/contracts plus focused smoke coverage for bootstrap, command model, routes, and runtime behavior ## Validation - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/PlatformRelocation` - integrated browser smoke validated `/up`, `/`, `/admin`, `/admin/choose-workspace`, and tenant route semantics for `200`, `403`, and `404` ## Remaining Rollout Checks - validate Dokploy build context and working-directory assumptions against the new `apps/platform` layout - confirm web, queue, and scheduler processes all start from the expected working directory in staging/production - verify no legacy volume mounts or asset-publish paths still point at the old root-level `public/` or `storage/` locations Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #213
59 lines
2.3 KiB
PHP
59 lines
2.3 KiB
PHP
<?php
|
|
|
|
namespace App\Services\Providers;
|
|
|
|
use App\Support\Providers\ProviderConnectionType;
|
|
use App\Support\Providers\ProviderReasonCodes;
|
|
|
|
final class PlatformProviderIdentityResolver
|
|
{
|
|
public function resolve(string $tenantContext): ProviderIdentityResolution
|
|
{
|
|
$targetTenant = trim($tenantContext);
|
|
$clientId = trim((string) config('graph.client_id'));
|
|
$clientSecret = trim((string) config('graph.client_secret'));
|
|
$authorityTenant = trim((string) config('graph.tenant_id', 'organizations'));
|
|
$redirectUri = trim((string) route('admin.consent.callback'));
|
|
|
|
if ($targetTenant === '') {
|
|
return ProviderIdentityResolution::blocked(
|
|
connectionType: ProviderConnectionType::Platform,
|
|
tenantContext: 'organizations',
|
|
credentialSource: 'platform_config',
|
|
reasonCode: ProviderReasonCodes::ProviderConnectionInvalid,
|
|
message: 'Provider connection is missing target tenant scope.',
|
|
);
|
|
}
|
|
|
|
if ($clientId === '') {
|
|
return ProviderIdentityResolution::blocked(
|
|
connectionType: ProviderConnectionType::Platform,
|
|
tenantContext: $targetTenant,
|
|
credentialSource: 'platform_config',
|
|
reasonCode: ProviderReasonCodes::PlatformIdentityMissing,
|
|
message: 'Platform app identity is not configured.',
|
|
);
|
|
}
|
|
|
|
if ($clientSecret === '' || $redirectUri === '') {
|
|
return ProviderIdentityResolution::blocked(
|
|
connectionType: ProviderConnectionType::Platform,
|
|
tenantContext: $targetTenant,
|
|
credentialSource: 'platform_config',
|
|
reasonCode: ProviderReasonCodes::PlatformIdentityIncomplete,
|
|
message: 'Platform app identity is incomplete.',
|
|
);
|
|
}
|
|
|
|
return ProviderIdentityResolution::resolved(
|
|
connectionType: ProviderConnectionType::Platform,
|
|
tenantContext: $targetTenant,
|
|
effectiveClientId: $clientId,
|
|
credentialSource: 'platform_config',
|
|
clientSecret: $clientSecret,
|
|
authorityTenant: $authorityTenant !== '' ? $authorityTenant : 'organizations',
|
|
redirectUri: $redirectUri,
|
|
);
|
|
}
|
|
}
|