soeren/fotospiel-app
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Add PayPal checkout provider

Browse Source
This commit is contained in:
Codex Agent
2026-02-04 12:18:14 +01:00
parent 56a39d0535
commit fc5dfb272c
33 changed files with 1586 additions and 571 deletions
Download Patch File Download Diff File Expand all files Collapse all files

133
app/Http/Controllers/Api/PackageController.php
View File

@@ -9,16 +9,18 @@ use App\Models\Package;
use App\Models\PackagePurchase;
use App\Models\TenantPackage;
use App\Services\Checkout\CheckoutSessionService;
use App\Services\LemonSqueezy\LemonSqueezyCheckoutService;
use App\Services\PayPal\Exceptions\PayPalException;
use App\Services\PayPal\PayPalOrderService;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Log;
use Illuminate\Validation\ValidationException;
class PackageController extends Controller
{
public function __construct(
private readonly LemonSqueezyCheckoutService $lemonsqueezyCheckout,
private readonly PayPalOrderService $paypalOrders,
private readonly CheckoutSessionService $sessions,
) {}
@@ -53,7 +55,7 @@ class PackageController extends Controller
$request->validate([
'package_id' => 'required|exists:packages,id',
'type' => 'required|in:endcustomer,reseller',
'payment_method' => 'required|in:lemonsqueezy',
'payment_method' => 'required|in:paypal',
'event_id' => 'nullable|exists:events,id', // For endcustomer
'success_url' => 'nullable|url',
'return_url' => 'nullable|url',
@@ -79,7 +81,7 @@ class PackageController extends Controller
{
$request->validate([
'package_id' => 'required|exists:packages,id',
'lemonsqueezy_order_id' => 'required|string',
'paypal_order_id' => 'required|string',
]);
$package = Package::findOrFail($request->package_id);
@@ -89,14 +91,14 @@ class PackageController extends Controller
throw ValidationException::withMessages(['tenant' => 'Tenant not found.']);
}
$provider = 'lemonsqueezy';
$provider = 'paypal';
DB::transaction(function () use ($request, $package, $tenant, $provider) {
PackagePurchase::create([
'tenant_id' => $tenant->id,
'package_id' => $package->id,
'provider' => $provider,
'provider_id' => $request->input('lemonsqueezy_order_id'),
'provider_id' => $request->input('paypal_order_id'),
'price' => $package->price,
'type' => 'endcustomer_event',
'purchased_at' => now(),
@@ -161,12 +163,14 @@ class PackageController extends Controller
], 201);
}
public function createLemonSqueezyCheckout(Request $request): JsonResponse
public function createPayPalCheckout(Request $request): JsonResponse
{
$request->validate([
'package_id' => 'required|exists:packages,id',
'success_url' => 'nullable|url',
'return_url' => 'nullable|url',
'cancel_url' => 'nullable|url',
'locale' => 'nullable|string|max:10',
]);
$package = Package::findOrFail($request->integer('package_id'));
@@ -181,15 +185,11 @@ class PackageController extends Controller
throw ValidationException::withMessages(['user' => 'User context missing.']);
}
if (! $package->lemonsqueezy_variant_id) {
throw ValidationException::withMessages(['package_id' => 'Package is not linked to a Lemon Squeezy variant.']);
}
$session = $this->sessions->createOrResume($user, $package, [
'tenant' => $tenant,
]);
$this->sessions->selectProvider($session, CheckoutSession::PROVIDER_LEMONSQUEEZY);
$this->sessions->selectProvider($session, CheckoutSession::PROVIDER_PAYPAL);
$now = now();
@@ -201,30 +201,56 @@ class PackageController extends Controller
'legal_version' => config('app.legal_version', $now->toDateString()),
])->save();
$payload = [
'success_url' => $request->input('success_url'),
'return_url' => $request->input('return_url'),
'metadata' => [
'checkout_session_id' => $session->id,
'legal_version' => $session->legal_version,
'accepted_terms' => true,
],
];
$successUrl = $request->input('success_url') ?? $request->input('return_url');
$cancelUrl = $request->input('cancel_url') ?? $request->input('return_url');
$paypalReturnUrl = route('paypal.return', absolute: true);
$checkout = $this->lemonsqueezyCheckout->createCheckout($tenant, $package, $payload);
try {
$order = $this->paypalOrders->createOrder($session, $package, [
'return_url' => $paypalReturnUrl,
'cancel_url' => $paypalReturnUrl,
'locale' => $request->input('locale'),
'request_id' => $session->id,
]);
} catch (PayPalException $exception) {
Log::warning('PayPal order creation failed (tenant)', [
'tenant_id' => $tenant->id,
'package_id' => $package->id,
'session_id' => $session->id,
'message' => $exception->getMessage(),
'status' => $exception->status(),
]);
throw ValidationException::withMessages(['paypal' => 'PayPal checkout could not be created.']);
}
$orderId = $order['id'] ?? null;
if (! is_string($orderId) || $orderId === '') {
throw ValidationException::withMessages(['paypal' => 'PayPal order ID missing.']);
}
$approveUrl = $this->paypalOrders->resolveApproveUrl($order);
$session->forceFill([
'lemonsqueezy_checkout_id' => $checkout['id'] ?? $session->lemonsqueezy_checkout_id,
'paypal_order_id' => $orderId,
'provider_metadata' => array_merge($session->provider_metadata ?? [], array_filter([
'lemonsqueezy_checkout_id' => $checkout['id'] ?? null,
'lemonsqueezy_checkout_url' => $checkout['checkout_url'] ?? null,
'lemonsqueezy_expires_at' => $checkout['expires_at'] ?? null,
'paypal_order_id' => $orderId,
'paypal_status' => $order['status'] ?? null,
'paypal_approve_url' => $approveUrl,
'paypal_success_url' => $successUrl,
'paypal_cancel_url' => $cancelUrl,
'paypal_created_at' => now()->toIso8601String(),
])),
])->save();
return response()->json(array_merge($checkout, [
$this->sessions->markRequiresCustomerAction($session, 'paypal_approval');
return response()->json([
'order_id' => $orderId,
'approve_url' => $approveUrl,
'status' => $order['status'] ?? null,
'checkout_session_id' => $session->id,
]));
]);
}
public function checkoutSessionStatus(CheckoutSessionStatusRequest $request, CheckoutSession $session): JsonResponse
@@ -239,7 +265,9 @@ class PackageController extends Controller
}
}
$checkoutUrl = data_get($session->provider_metadata ?? [], 'lemonsqueezy_checkout_url');
$checkoutUrl = $session->provider === CheckoutSession::PROVIDER_PAYPAL
? data_get($session->provider_metadata ?? [], 'paypal_approve_url')
: data_get($session->provider_metadata ?? [], 'lemonsqueezy_checkout_url');
return response()->json([
'status' => $session->status,
@@ -297,19 +325,44 @@ class PackageController extends Controller
private function handlePaidPurchase(Request $request, Package $package, $tenant): JsonResponse
{
if (! $package->lemonsqueezy_variant_id) {
throw ValidationException::withMessages(['package_id' => 'Package is not linked to a Lemon Squeezy variant.']);
$successUrl = $request->input('success_url') ?? $request->input('return_url');
$cancelUrl = $request->input('cancel_url') ?? $request->input('return_url');
$paypalReturnUrl = route('paypal.return', absolute: true);
try {
$session = $this->sessions->createOrResume($request->user(), $package, [
'tenant' => $tenant,
]);
$this->sessions->selectProvider($session, CheckoutSession::PROVIDER_PAYPAL);
$order = $this->paypalOrders->createOrder($session, $package, [
'return_url' => $paypalReturnUrl,
'cancel_url' => $paypalReturnUrl,
'locale' => $request->input('locale'),
'request_id' => $session->id,
]);
} catch (PayPalException $exception) {
Log::warning('PayPal order creation failed (purchase)', [
'tenant_id' => $tenant->id,
'package_id' => $package->id,
'message' => $exception->getMessage(),
'status' => $exception->status(),
]);
throw ValidationException::withMessages(['paypal' => 'PayPal checkout could not be created.']);
}
$checkout = $this->lemonsqueezyCheckout->createCheckout($tenant, $package, [
'success_url' => $request->input('success_url'),
'return_url' => $request->input('return_url'),
'metadata' => array_filter([
'type' => $request->input('type'),
'event_id' => $request->input('event_id'),
]),
]);
$orderId = $order['id'] ?? null;
if (! is_string($orderId) || $orderId === '') {
throw ValidationException::withMessages(['paypal' => 'PayPal order ID missing.']);
}
return response()->json($checkout);
return response()->json([
'order_id' => $orderId,
'approve_url' => $this->paypalOrders->resolveApproveUrl($order),
'status' => $order['status'] ?? null,
'return_url' => $successUrl,
'cancel_url' => $cancelUrl,
]);
}
}

8
app/Http/Controllers/CheckoutController.php
View File

@@ -74,9 +74,11 @@ class CheckoutController extends Controller
'error' => $facebookError,
'profile' => $facebookProfile,
],
'lemonsqueezy' => [
'store_id' => config('lemonsqueezy.store_id'),
'test_mode' => config('lemonsqueezy.test_mode', false),
'paypal' => [
'client_id' => config('services.paypal.client_id'),
'currency' => config('checkout.currency', 'EUR'),
'intent' => 'capture',
'locale' => app()->getLocale(),
],
]);
}

85
app/Http/Controllers/MarketingController.php
View File

@@ -13,7 +13,8 @@ use App\Models\TenantPackage;
use App\Services\Checkout\CheckoutSessionService;
use App\Services\Coupons\CouponService;
use App\Services\GiftVouchers\GiftVoucherCheckoutService;
use App\Services\LemonSqueezy\LemonSqueezyCheckoutService;
use App\Services\PayPal\Exceptions\PayPalException;
use App\Services\PayPal\PayPalOrderService;
use App\Support\CheckoutRequestContext;
use App\Support\CheckoutRoutes;
use App\Support\Concerns\PresentsPackages;
@@ -41,7 +42,7 @@ class MarketingController extends Controller
public function __construct(
private readonly CheckoutSessionService $checkoutSessions,
private readonly LemonSqueezyCheckoutService $lemonsqueezyCheckout,
private readonly PayPalOrderService $paypalOrders,
private readonly CouponService $coupons,
private readonly GiftVoucherCheckoutService $giftVouchers,
) {}
@@ -194,16 +195,6 @@ class MarketingController extends Controller
return redirect('/event-admin')->with('success', __('marketing.packages.free_assigned'));
}
if (! $package->lemonsqueezy_variant_id) {
Log::warning('Package missing Lemon Squeezy variant id', ['package_id' => $package->id]);
return redirect()->route('packages', [
'locale' => app()->getLocale(),
'highlight' => $package->slug,
])
->with('error', __('marketing.packages.lemonsqueezy_not_configured'));
}
$session = $this->checkoutSessions->createOrResume($user, $package, array_merge(
CheckoutRequestContext::fromRequest($request),
[
@@ -211,7 +202,7 @@ class MarketingController extends Controller
]
));
$this->checkoutSessions->selectProvider($session, CheckoutSession::PROVIDER_LEMONSQUEEZY);
$this->checkoutSessions->selectProvider($session, CheckoutSession::PROVIDER_PAYPAL);
$now = now();
@@ -233,39 +224,61 @@ class MarketingController extends Controller
}
}
$checkout = $this->lemonsqueezyCheckout->createCheckout($tenant, $package, [
'success_url' => route('marketing.success', [
'locale' => app()->getLocale(),
'packageId' => $package->id,
]),
'return_url' => route('packages', [
'locale' => app()->getLocale(),
'highlight' => $package->slug,
]),
'metadata' => [
'checkout_session_id' => $session->id,
'coupon_code' => $couponCode,
'legal_version' => $session->legal_version,
'accepted_terms' => (bool) $session->accepted_terms_at,
'accepted_waiver' => $requiresWaiver && (bool) $session->digital_content_waiver_at,
],
'discount_code' => $couponCode,
$successUrl = route('marketing.success', [
'locale' => app()->getLocale(),
'packageId' => $package->id,
]);
$cancelUrl = route('packages', [
'locale' => app()->getLocale(),
'highlight' => $package->slug,
]);
try {
$checkout = $this->paypalOrders->createOrder($session, $package, [
'return_url' => route('paypal.return', absolute: true),
'cancel_url' => route('paypal.return', absolute: true),
'locale' => app()->getLocale(),
'request_id' => $session->id,
]);
} catch (PayPalException $exception) {
Log::warning('PayPal checkout failed', [
'package_id' => $package->id,
'tenant_id' => $tenant->id,
'message' => $exception->getMessage(),
'status' => $exception->status(),
]);
throw ValidationException::withMessages([
'paypal' => __('marketing.packages.paypal_checkout_failed'),
]);
}
$orderId = $checkout['id'] ?? null;
if (! is_string($orderId) || $orderId === '') {
throw ValidationException::withMessages([
'paypal' => __('marketing.packages.paypal_checkout_failed'),
]);
}
$redirectUrl = $this->paypalOrders->resolveApproveUrl($checkout);
$session->forceFill([
'lemonsqueezy_checkout_id' => $checkout['id'] ?? $session->lemonsqueezy_checkout_id,
'paypal_order_id' => $orderId,
'provider_metadata' => array_merge($session->provider_metadata ?? [], array_filter([
'lemonsqueezy_checkout_id' => $checkout['id'] ?? null,
'lemonsqueezy_checkout_url' => $checkout['checkout_url'] ?? null,
'lemonsqueezy_expires_at' => $checkout['expires_at'] ?? null,
'paypal_order_id' => $orderId,
'paypal_status' => $checkout['status'] ?? null,
'paypal_approve_url' => $redirectUrl,
'paypal_success_url' => $successUrl,
'paypal_cancel_url' => $cancelUrl,
'paypal_created_at' => now()->toIso8601String(),
])),
])->save();
$redirectUrl = $checkout['checkout_url'] ?? null;
$this->checkoutSessions->markRequiresCustomerAction($session, 'paypal_approval');
if (! $redirectUrl) {
throw ValidationException::withMessages([
'lemonsqueezy' => __('marketing.packages.lemonsqueezy_checkout_failed'),
'paypal' => __('marketing.packages.paypal_checkout_failed'),
]);
}

223
app/Http/Controllers/PayPalCheckoutController.php Normal file
View File

@@ -0,0 +1,223 @@
<?php
namespace App\Http\Controllers;
use App\Http\Requests\PayPal\PayPalCaptureRequest;
use App\Http\Requests\PayPal\PayPalCheckoutRequest;
use App\Models\CheckoutSession;
use App\Models\Package;
use App\Services\Checkout\CheckoutAssignmentService;
use App\Services\Checkout\CheckoutSessionService;
use App\Services\Coupons\CouponService;
use App\Services\PayPal\Exceptions\PayPalException;
use App\Services\PayPal\PayPalOrderService;
use App\Support\CheckoutRequestContext;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Str;
use Illuminate\Validation\ValidationException;
class PayPalCheckoutController extends Controller
{
public function __construct(
private readonly PayPalOrderService $orders,
private readonly CheckoutSessionService $sessions,
private readonly CheckoutAssignmentService $assignment,
private readonly CouponService $coupons,
) {}
public function create(PayPalCheckoutRequest $request): JsonResponse
{
$data = $request->validated();
$user = $request->user();
$tenant = $user?->tenant;
if (! $tenant) {
throw ValidationException::withMessages(['tenant' => 'Tenant context missing.']);
}
$package = Package::findOrFail((int) $data['package_id']);
$session = $this->sessions->createOrResume($user, $package, array_merge(
CheckoutRequestContext::fromRequest($request),
[
'tenant' => $tenant,
'locale' => $data['locale'] ?? null,
]
));
$this->sessions->selectProvider($session, CheckoutSession::PROVIDER_PAYPAL);
$now = now();
$session->forceFill([
'accepted_terms_at' => $now,
'accepted_privacy_at' => $now,
'accepted_withdrawal_notice_at' => $now,
'digital_content_waiver_at' => null,
'legal_version' => $this->resolveLegalVersion(),
])->save();
$couponCode = Str::upper(trim((string) ($data['coupon_code'] ?? '')));
if ($couponCode !== '') {
$preview = $this->coupons->preview($couponCode, $package, $tenant);
$this->sessions->applyCoupon($session, $preview['coupon'], $preview['pricing']);
}
$successUrl = $data['return_url'] ?? null;
$cancelUrl = $data['cancel_url'] ?? $successUrl;
$paypalReturnUrl = route('paypal.return', absolute: true);
try {
$order = $this->orders->createOrder($session, $package, [
'return_url' => $paypalReturnUrl,
'cancel_url' => $paypalReturnUrl,
'locale' => $data['locale'] ?? $session->locale,
'request_id' => $session->id,
]);
} catch (PayPalException $exception) {
Log::warning('PayPal order creation failed', [
'session_id' => $session->id,
'message' => $exception->getMessage(),
'status' => $exception->status(),
'context' => $exception->context(),
]);
throw ValidationException::withMessages([
'paypal' => __('marketing.packages.paypal_checkout_failed', [], app()->getLocale())
?: 'Unable to create PayPal checkout.',
]);
}
$orderId = $order['id'] ?? null;
if (! is_string($orderId) || $orderId === '') {
throw ValidationException::withMessages([
'paypal' => 'PayPal order ID missing.',
]);
}
$approveUrl = $this->orders->resolveApproveUrl($order);
$session->forceFill([
'paypal_order_id' => $orderId,
'provider_metadata' => array_merge($session->provider_metadata ?? [], array_filter([
'paypal_order_id' => $orderId,
'paypal_status' => $order['status'] ?? null,
'paypal_approve_url' => $approveUrl,
'paypal_success_url' => $successUrl,
'paypal_cancel_url' => $cancelUrl,
'paypal_created_at' => now()->toIso8601String(),
])),
])->save();
$this->sessions->markRequiresCustomerAction($session, 'paypal_approval');
return response()->json([
'order_id' => $orderId,
'approve_url' => $approveUrl,
'status' => $order['status'] ?? null,
'checkout_session_id' => $session->id,
]);
}
public function capture(PayPalCaptureRequest $request): JsonResponse
{
$data = $request->validated();
$session = CheckoutSession::findOrFail($data['checkout_session_id']);
$orderId = (string) $data['order_id'];
if ($session->status === CheckoutSession::STATUS_COMPLETED) {
return response()->json([
'status' => $session->status,
'completed_at' => optional($session->completed_at)->toIso8601String(),
'checkout_session_id' => $session->id,
]);
}
if ($session->provider !== CheckoutSession::PROVIDER_PAYPAL) {
$this->sessions->selectProvider($session, CheckoutSession::PROVIDER_PAYPAL);
}
try {
$capture = $this->orders->captureOrder($orderId, [
'request_id' => $session->id,
]);
} catch (PayPalException $exception) {
Log::warning('PayPal capture failed', [
'session_id' => $session->id,
'order_id' => $orderId,
'message' => $exception->getMessage(),
'status' => $exception->status(),
'context' => $exception->context(),
]);
$this->sessions->markFailed($session, 'paypal_capture_failed');
return response()->json([
'status' => CheckoutSession::STATUS_FAILED,
'checkout_session_id' => $session->id,
], 422);
}
$status = strtoupper((string) ($capture['status'] ?? ''));
$captureId = $this->orders->resolveCaptureId($capture);
$totals = $this->orders->resolveTotals($capture);
$session->forceFill([
'paypal_order_id' => $orderId,
'paypal_capture_id' => $captureId,
'provider_metadata' => array_merge($session->provider_metadata ?? [], array_filter([
'paypal_order_id' => $orderId,
'paypal_capture_id' => $captureId,
'paypal_status' => $status ?: null,
'paypal_totals' => $totals !== [] ? $totals : null,
'paypal_captured_at' => now()->toIso8601String(),
])),
])->save();
if ($status === 'COMPLETED') {
$this->sessions->markProcessing($session, [
'paypal_status' => $status,
'paypal_capture_id' => $captureId,
]);
$this->assignment->finalise($session, [
'source' => 'paypal_capture',
'provider' => CheckoutSession::PROVIDER_PAYPAL,
'provider_reference' => $captureId ?? $orderId,
'payload' => $capture,
]);
$this->sessions->markCompleted($session, now());
return response()->json([
'status' => CheckoutSession::STATUS_COMPLETED,
'completed_at' => optional($session->completed_at)->toIso8601String(),
'checkout_session_id' => $session->id,
]);
}
if (in_array($status, ['PAYER_ACTION_REQUIRED', 'PENDING'], true)) {
$this->sessions->markRequiresCustomerAction($session, 'paypal_pending');
return response()->json([
'status' => CheckoutSession::STATUS_REQUIRES_CUSTOMER_ACTION,
'checkout_session_id' => $session->id,
], 202);
}
$this->sessions->markFailed($session, 'paypal_'.$status);
return response()->json([
'status' => CheckoutSession::STATUS_FAILED,
'checkout_session_id' => $session->id,
], 422);
}
protected function resolveLegalVersion(): string
{
return config('app.legal_version', now()->toDateString());
}
}

136
app/Http/Controllers/PayPalReturnController.php Normal file
View File

@@ -0,0 +1,136 @@
<?php
namespace App\Http\Controllers;
use App\Models\CheckoutSession;
use App\Services\Checkout\CheckoutAssignmentService;
use App\Services\Checkout\CheckoutSessionService;
use App\Services\PayPal\Exceptions\PayPalException;
use App\Services\PayPal\PayPalOrderService;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Str;
class PayPalReturnController extends Controller
{
public function __construct(
private readonly PayPalOrderService $orders,
private readonly CheckoutSessionService $sessions,
private readonly CheckoutAssignmentService $assignment,
) {}
public function __invoke(Request $request): RedirectResponse
{
$orderId = $this->resolveOrderId($request);
$fallback = $this->resolveFallbackUrl();
if (! $orderId) {
return redirect()->to($fallback);
}
$session = CheckoutSession::query()
->where('paypal_order_id', $orderId)
->first();
if (! $session) {
return redirect()->to($fallback);
}
$successUrl = data_get($session->provider_metadata ?? [], 'paypal_success_url');
$cancelUrl = data_get($session->provider_metadata ?? [], 'paypal_cancel_url');
if ($session->status === CheckoutSession::STATUS_COMPLETED) {
return redirect()->to($this->resolveSafeRedirect($successUrl, $fallback));
}
try {
$capture = $this->orders->captureOrder($orderId, [
'request_id' => $session->id,
]);
} catch (PayPalException $exception) {
Log::warning('PayPal return capture failed', [
'session_id' => $session->id,
'order_id' => $orderId,
'message' => $exception->getMessage(),
'status' => $exception->status(),
]);
$this->sessions->markFailed($session, 'paypal_capture_failed');
return redirect()->to($this->resolveSafeRedirect($cancelUrl, $fallback));
}
$status = strtoupper((string) ($capture['status'] ?? ''));
$captureId = $this->orders->resolveCaptureId($capture);
$totals = $this->orders->resolveTotals($capture);
$session->forceFill([
'paypal_capture_id' => $captureId,
'provider_metadata' => array_merge($session->provider_metadata ?? [], array_filter([
'paypal_status' => $status ?: null,
'paypal_capture_id' => $captureId,
'paypal_totals' => $totals !== [] ? $totals : null,
'paypal_captured_at' => now()->toIso8601String(),
])),
])->save();
if ($status === 'COMPLETED') {
$this->sessions->markProcessing($session, [
'paypal_status' => $status,
'paypal_capture_id' => $captureId,
]);
$this->assignment->finalise($session, [
'source' => 'paypal_return',
'provider' => CheckoutSession::PROVIDER_PAYPAL,
'provider_reference' => $captureId ?? $orderId,
'payload' => $capture,
]);
$this->sessions->markCompleted($session, now());
return redirect()->to($this->resolveSafeRedirect($successUrl, $fallback));
}
$this->sessions->markFailed($session, 'paypal_'.$status);
return redirect()->to($this->resolveSafeRedirect($cancelUrl, $fallback));
}
protected function resolveOrderId(Request $request): ?string
{
$candidate = $request->query('token') ?? $request->query('order_id');
if (! is_string($candidate) || $candidate === '') {
return null;
}
return $candidate;
}
protected function resolveFallbackUrl(): string
{
return rtrim((string) config('app.url', url('/')), '/') ?: url('/');
}
protected function resolveSafeRedirect(?string $target, string $fallback): string
{
if (! $target) {
return $fallback;
}
if (Str::startsWith($target, ['/'])) {
return $target;
}
$appHost = parse_url($fallback, PHP_URL_HOST);
$targetHost = parse_url($target, PHP_URL_HOST);
if ($appHost && $targetHost && Str::lower($appHost) === Str::lower($targetHost)) {
return $target;
}
return $fallback;
}
}