feat: extend event toolkit and polish guest pwa

2025-10-28 18:28:22 +01:00
parent f29067f570
commit a7bbf230fd
45 changed files with 3809 additions and 351 deletions
--- a/resources/js/admin/dev-tools.ts
+++ b/resources/js/admin/dev-tools.ts
@@ -51,7 +51,7 @@ if (import.meta.env.DEV || import.meta.env.VITE_ENABLE_TENANT_SWITCHER === 'true
      code_challenge_method: 'S256',
    });

-    const callbackUrl = await requestAuthorization(`/api/v1/oauth/authorize?${authorizeParams}`);
+    const callbackUrl = await requestAuthorization(`/api/v1/oauth/authorize?${authorizeParams}`, redirectUri);
    verifyState(callbackUrl.searchParams.get('state'), state);

    const code = callbackUrl.searchParams.get('code');
@@ -115,22 +115,53 @@ if (import.meta.env.DEV || import.meta.env.VITE_ENABLE_TENANT_SWITCHER === 'true
  globalThis.fotospielDemoAuth = api;
 }

-function requestAuthorization(url: string): Promise<URL> {
+function requestAuthorization(url: string, fallbackRedirect?: string): Promise<URL> {
  return new Promise((resolve, reject) => {
    const xhr = new XMLHttpRequest();
    xhr.open('GET', url, true);
    xhr.withCredentials = true;
+    xhr.setRequestHeader('Accept', 'application/json, text/plain, */*');
+    xhr.setRequestHeader('X-Requested-With', 'XMLHttpRequest');
    xhr.onreadystatechange = () => {
      if (xhr.readyState !== XMLHttpRequest.DONE) {
        return;
      }

+      const contentType = xhr.getResponseHeader('Content-Type') ?? '';
      const responseUrl = xhr.responseURL || xhr.getResponseHeader('Location');
      if ((xhr.status >= 200 && xhr.status < 400) || xhr.status === 0) {
        if (responseUrl) {
          resolve(new URL(responseUrl, window.location.origin));
          return;
        }
+
+        if (contentType.includes('application/json')) {
+          try {
+            const payload = JSON.parse(xhr.responseText ?? '{}') as {
+              code?: string;
+              state?: string | null;
+              redirect_url?: string | null;
+            };
+            const target = payload.redirect_url ?? fallbackRedirect;
+            if (!target) {
+              throw new Error('Authorize response missing redirect target');
+            }
+
+            const finalUrl = new URL(target, window.location.origin);
+            if (payload.code && !finalUrl.searchParams.has('code')) {
+              finalUrl.searchParams.set('code', payload.code);
+            }
+            if (payload.state && !finalUrl.searchParams.has('state')) {
+              finalUrl.searchParams.set('state', payload.state);
+            }
+
+            resolve(finalUrl);
+            return;
+          } catch (error) {
+            reject(error instanceof Error ? error : new Error(String(error)));
+            return;
+          }
+        }
      }

      reject(new Error(`Authorize failed with ${xhr.status}`));