a949c8d3af
hooks in config/services.php/.env.example, and updated wizard steps/controllers to store session payloads, attach packages, and surface localized success/error states. - Retooled payment handling for both Stripe and PayPal, adding richer status management in CheckoutController/ PayPalController, fallback flows in the wizard’s PaymentStep.tsx, and fresh feature tests for intent creation, webhooks, and the wizard CTA. - Introduced a consent-aware Matomo analytics stack: new consent context, cookie-banner UI, useAnalytics/ useCtaExperiment hooks, and MatomoTracker component, then instrumented marketing pages (Home, Packages, Checkout) with localized copy and experiment tracking. - Polished package presentation across marketing UIs by centralizing formatting in PresentsPackages, surfacing localized description tables/placeholders, tuning badges/layouts, and syncing guest/marketing translations. - Expanded docs & reference material (docs/prp/*, TODOs, public gallery overview) and added a Playwright smoke test for the hero CTA while reconciling outstanding checklist items.
191 lines
7.9 KiB
PHP
191 lines
7.9 KiB
PHP
<?php
|
|
|
|
namespace App\Filament\Resources;
|
|
|
|
use App\Filament\Resources\OAuthClientResource\Pages;
|
|
use App\Models\OAuthClient;
|
|
use App\Models\RefreshToken;
|
|
use BackedEnum;
|
|
use Filament\Forms;
|
|
use Filament\Forms\Form;
|
|
use Filament\Notifications\Notification;
|
|
use Filament\Resources\Resource;
|
|
use Filament\Schemas\Schema;
|
|
use Filament\Tables;
|
|
use Filament\Tables\Table;
|
|
use Illuminate\Support\Collection;
|
|
use Illuminate\Support\Arr;
|
|
use Illuminate\Support\Facades\Hash;
|
|
use Illuminate\Support\Str;
|
|
|
|
class OAuthClientResource extends Resource
|
|
{
|
|
protected static ?string $model = OAuthClient::class;
|
|
|
|
protected static BackedEnum|string|null $navigationIcon = 'heroicon-o-key';
|
|
|
|
protected static ?int $navigationSort = 30;
|
|
|
|
public static function getNavigationGroup(): string
|
|
{
|
|
return __('admin.nav.security');
|
|
}
|
|
|
|
public static function form(Schema $form): Schema
|
|
{
|
|
return $form->schema([
|
|
Forms\Components\TextInput::make('name')
|
|
->label(__('admin.oauth.fields.name'))
|
|
->required()
|
|
->maxLength(255),
|
|
Forms\Components\TextInput::make('client_id')
|
|
->label(__('admin.oauth.fields.client_id'))
|
|
->required()
|
|
->unique(ignoreRecord: true)
|
|
->maxLength(255),
|
|
Forms\Components\TextInput::make('client_secret')
|
|
->label(__('admin.oauth.fields.client_secret'))
|
|
->password()
|
|
->revealable()
|
|
->helperText(__('admin.oauth.hints.client_secret'))
|
|
->dehydrated(fn (?string $state): bool => filled($state))
|
|
->dehydrateStateUsing(fn (?string $state): ?string => filled($state) ? Hash::make($state) : null),
|
|
Forms\Components\Select::make('tenant_id')
|
|
->label(__('admin.oauth.fields.tenant'))
|
|
->relationship('tenant', 'name')
|
|
->searchable()
|
|
->preload()
|
|
->nullable(),
|
|
Forms\Components\Textarea::make('redirect_uris')
|
|
->label(__('admin.oauth.fields.redirect_uris'))
|
|
->rows(4)
|
|
->helperText(__('admin.oauth.hints.redirect_uris'))
|
|
->formatStateUsing(fn ($state): string => is_array($state) ? implode(PHP_EOL, $state) : (string) $state)
|
|
->dehydrateStateUsing(function (?string $state): array {
|
|
$entries = collect(preg_split('/\r\n|\r|\n/', (string) $state))
|
|
->map(fn ($uri) => trim($uri))
|
|
->filter();
|
|
|
|
return $entries->values()->all();
|
|
})
|
|
->required(),
|
|
Forms\Components\TagsInput::make('scopes')
|
|
->label(__('admin.oauth.fields.scopes'))
|
|
->placeholder('tenant:read')
|
|
->suggestions([
|
|
'tenant:read',
|
|
'tenant:write',
|
|
'tenant:admin',
|
|
])
|
|
->separator(',')
|
|
->required(),
|
|
Forms\Components\Toggle::make('is_active')
|
|
->label(__('admin.oauth.fields.is_active'))
|
|
->default(true),
|
|
Forms\Components\Textarea::make('description')
|
|
->label(__('admin.oauth.fields.description'))
|
|
->rows(3)
|
|
->columnSpanFull(),
|
|
])->columns(2);
|
|
}
|
|
|
|
public static function table(Table $table): Table
|
|
{
|
|
return $table
|
|
->columns([
|
|
Tables\Columns\TextColumn::make('name')
|
|
->label(__('admin.oauth.fields.name'))
|
|
->searchable()
|
|
->sortable(),
|
|
Tables\Columns\TextColumn::make('client_id')
|
|
->label(__('admin.oauth.fields.client_id'))
|
|
->copyable()
|
|
->sortable(),
|
|
Tables\Columns\TextColumn::make('tenant.name')
|
|
->label(__('admin.oauth.fields.tenant'))
|
|
->toggleable(isToggledHiddenByDefault: true)
|
|
->sortable(),
|
|
Tables\Columns\IconColumn::make('is_active')
|
|
->label(__('admin.oauth.fields.is_active'))
|
|
->boolean()
|
|
->color(fn (bool $state): string => $state ? 'success' : 'danger'),
|
|
Tables\Columns\TextColumn::make('redirect_uris')
|
|
->label(__('admin.oauth.fields.redirect_uris'))
|
|
->formatStateUsing(fn ($state) => collect(Arr::wrap($state))->implode("\n"))
|
|
->limit(50)
|
|
->toggleable(),
|
|
Tables\Columns\TagsColumn::make('scopes')
|
|
->label(__('admin.oauth.fields.scopes'))
|
|
->separator(', ')
|
|
->limit(4),
|
|
Tables\Columns\TextColumn::make('updated_at')
|
|
->label(__('admin.oauth.fields.updated_at'))
|
|
->dateTime()
|
|
->sortable()
|
|
->toggleable(isToggledHiddenByDefault: true),
|
|
])
|
|
->filters([
|
|
Tables\Filters\TernaryFilter::make('is_active')
|
|
->label(__('admin.oauth.filters.is_active'))
|
|
->placeholder(__('admin.oauth.filters.any'))
|
|
->trueLabel(__('admin.oauth.filters.active'))
|
|
->falseLabel(__('admin.oauth.filters.inactive')),
|
|
Tables\Filters\SelectFilter::make('tenant_id')
|
|
->label(__('admin.oauth.fields.tenant'))
|
|
->relationship('tenant', 'name')
|
|
->searchable(),
|
|
])
|
|
->actions([
|
|
Tables\Actions\ViewAction::make(),
|
|
Tables\Actions\EditAction::make(),
|
|
Tables\Actions\Action::make('regenerate_secret')
|
|
->label(__('admin.oauth.actions.regenerate_secret'))
|
|
->icon('heroicon-o-arrow-path')
|
|
->requiresConfirmation()
|
|
->action(function (OAuthClient $record): void {
|
|
$plainSecret = Str::random(48);
|
|
|
|
$record->forceFill([
|
|
'client_secret' => Hash::make($plainSecret),
|
|
])->save();
|
|
|
|
Notification::make()
|
|
->title(__('admin.oauth.notifications.secret_regenerated_title'))
|
|
->body(__('admin.oauth.notifications.secret_regenerated_body', [
|
|
'secret' => $plainSecret,
|
|
]))
|
|
->success()
|
|
->send();
|
|
}),
|
|
Tables\Actions\DeleteAction::make()
|
|
->before(function (OAuthClient $record): void {
|
|
RefreshToken::query()
|
|
->where('client_id', $record->client_id)
|
|
->delete();
|
|
}),
|
|
])
|
|
->bulkActions([
|
|
Tables\Actions\BulkActionGroup::make([
|
|
Tables\Actions\DeleteBulkAction::make()
|
|
->before(function (Collection $records): void {
|
|
$records->each(function (OAuthClient $record) {
|
|
RefreshToken::query()
|
|
->where('client_id', $record->client_id)
|
|
->delete();
|
|
});
|
|
}),
|
|
]),
|
|
]);
|
|
}
|
|
|
|
public static function getPages(): array
|
|
{
|
|
return [
|
|
'index' => Pages\ListOAuthClients::route('/'),
|
|
'create' => Pages\CreateOAuthClient::route('/create'),
|
|
'view' => Pages\ViewOAuthClient::route('/{record}'),
|
|
'edit' => Pages\EditOAuthClient::route('/{record}/edit'),
|
|
];
|
|
}
|
|
}
|