snipe-it/app/Http/Livewire/OauthClients.php
2023-12-06 16:20:30 -06:00

110 lines
3.4 KiB
PHP

<?php
namespace App\Http\Livewire;
use Illuminate\Support\Facades\Http;
use Illuminate\Support\Facades\Log;
use Laravel\Passport\Client;
use Laravel\Passport\ClientRepository;
use Laravel\Passport\TokenRepository;
use Livewire\Component;
class OauthClients extends Component
{
public $name;
public $redirect;
public $editClientId;
public $editName;
public $editRedirect;
public $authorizationError;
protected $clientRepository;
protected $tokenRepository;
public function __construct()
{
$this->clientRepository = app(ClientRepository::class);
$this->tokenRepository = app(TokenRepository::class);
parent::__construct();
}
public function render()
{
return view('livewire.oauth-clients', [
'clients' => $this->clientRepository->activeForUser(auth()->user()->id),
'authorized_tokens' => $this->tokenRepository->forUser(auth()->user()->id)->where('revoked', false),
]);
}
public function createClient(): void
{
$this->validate([
'name' => 'required|string|max:255',
'redirect' => 'required|url|max:255',
]);
$newClient = $this->clientRepository->create(
auth()->user()->id,
$this->name,
$this->redirect,
);
$this->dispatchBrowserEvent('clientCreated');
}
public function deleteClient(Client $clientId): void
{
// test for safety
// ->delete must be of type Client - thus the model binding
if ($clientId->user_id == auth()->user()->id) {
$this->clientRepository->delete($clientId);
} else {
Log::warning('User ' . auth()->user()->id . ' attempted to delete client ' . $clientId->id . ' which belongs to user ' . $clientId->user_id);
$this->authorizationError = 'You are not authorized to delete this client.';
}
}
public function deleteToken($tokenId): void
{
$token = $this->tokenRepository->find($tokenId);
if ($token->user_id == auth()->user()->id) {
$this->tokenRepository->revokeAccessToken($tokenId);
} else {
Log::warning('User ' . auth()->user()->id . ' attempted to delete token ' . $tokenId . ' which belongs to user ' . $token->user_id);
$this->authorizationError = 'You are not authorized to delete this token.';
}
}
public function editClient(Client $editClientId): void
{
$this->editName = $editClientId->name;
$this->editRedirect = $editClientId->redirect;
$this->editClientId = $editClientId->id;
$this->dispatchBrowserEvent('editClient');
}
public function updateClient(Client $editClientId): void
{
$this->validate([
'editName' => 'required|string|max:255',
'editRedirect' => 'required|url|max:255',
]);
$client = $this->clientRepository->find($editClientId->id);
if ($client->user_id == auth()->user()->id) {
$client->name = $this->editName;
$client->redirect = $this->editRedirect;
$client->save();
} else {
Log::warning('User ' . auth()->user()->id . ' attempted to edit client ' . $editClientId->id . ' which belongs to user ' . $client->user_id);
$this->authorizationError = 'You are not authorized to edit this client.';
}
$this->dispatchBrowserEvent('clientUpdated');
}
}