snipe-it/app/Livewire/OauthClients.php

100 lines
3.1 KiB
PHP
Raw Normal View History

2023-12-05 12:52:14 -08:00
<?php
2024-05-29 12:07:48 -07:00
namespace App\Livewire;
2023-12-05 12:52:14 -08:00
2023-12-06 14:20:30 -08:00
use Illuminate\Support\Facades\Http;
2023-12-05 18:22:20 -08:00
use Illuminate\Support\Facades\Log;
use Laravel\Passport\Client;
2023-12-05 12:52:14 -08:00
use Laravel\Passport\ClientRepository;
2023-12-06 14:20:30 -08:00
use Laravel\Passport\TokenRepository;
2023-12-05 12:52:14 -08:00
use Livewire\Component;
class OauthClients extends Component
{
public $name;
public $redirect;
public $editClientId;
public $editName;
public $editRedirect;
2023-12-05 18:22:20 -08:00
public $authorizationError;
2023-12-05 12:52:14 -08:00
public function render()
{
return view('livewire.oauth-clients', [
'clients' => app(ClientRepository::class)->activeForUser(auth()->id()),
'authorized_tokens' => app(TokenRepository::class)->forUser(auth()->id())->where('revoked', false),
2023-12-05 12:52:14 -08:00
]);
}
public function createClient(): void
2023-12-05 12:52:14 -08:00
{
$this->validate([
2023-12-05 12:52:14 -08:00
'name' => 'required|string|max:255',
'redirect' => 'required|url|max:255',
]);
2024-06-10 12:22:23 -07:00
app(ClientRepository::class)->create(
auth()->id(),
$this->name,
$this->redirect,
);
$this->dispatch('clientCreated');
2023-12-05 12:52:14 -08:00
}
public function deleteClient(Client $clientId): void
2023-12-05 12:52:14 -08:00
{
// test for safety
// ->delete must be of type Client - thus the model binding
if ($clientId->created_by == auth()->id()) {
2024-06-04 15:37:41 -07:00
app(ClientRepository::class)->delete($clientId);
2023-12-05 18:36:59 -08:00
} else {
Log::warning('User ' . auth()->id() . ' attempted to delete client ' . $clientId->id . ' which belongs to user ' . $clientId->created_by);
2023-12-05 18:36:59 -08:00
$this->authorizationError = 'You are not authorized to delete this client.';
}
}
2023-12-05 12:52:14 -08:00
2023-12-06 14:20:30 -08:00
public function deleteToken($tokenId): void
{
2024-06-04 15:37:41 -07:00
$token = app(TokenRepository::class)->find($tokenId);
if ($token->created_by == auth()->id()) {
2024-06-04 15:37:41 -07:00
app(TokenRepository::class)->revokeAccessToken($tokenId);
2023-12-06 14:20:30 -08:00
} else {
Log::warning('User ' . auth()->id() . ' attempted to delete token ' . $tokenId . ' which belongs to user ' . $token->created_by);
2023-12-06 14:20:30 -08:00
$this->authorizationError = 'You are not authorized to delete this token.';
}
}
public function editClient(Client $editClientId): void
{
$this->editName = $editClientId->name;
$this->editRedirect = $editClientId->redirect;
2023-12-05 12:52:14 -08:00
2023-12-05 18:22:20 -08:00
$this->editClientId = $editClientId->id;
$this->dispatch('editClient');
2023-12-05 12:52:14 -08:00
}
public function updateClient(Client $editClientId): void
2023-12-05 12:52:14 -08:00
{
$this->validate([
'editName' => 'required|string|max:255',
'editRedirect' => 'required|url|max:255',
]);
2024-06-04 15:37:41 -07:00
$client = app(ClientRepository::class)->find($editClientId->id);
if ($client->created_by == auth()->id()) {
$client->name = $this->editName;
$client->redirect = $this->editRedirect;
$client->save();
} else {
Log::warning('User ' . auth()->id() . ' attempted to edit client ' . $editClientId->id . ' which belongs to user ' . $client->created_by);
2023-12-05 18:22:20 -08:00
$this->authorizationError = 'You are not authorized to edit this client.';
}
$this->dispatch('clientUpdated');
2023-12-05 12:52:14 -08:00
}
}