refactor(arch): enforce gateway compliance and remove service-wrapping gateways
This commit is contained in:
@@ -6,6 +6,7 @@ use MintyPHP\Repository\Tenant\UserTenantRepositoryInterface;
|
||||
use MintyPHP\Repository\User\UserReadRepositoryInterface;
|
||||
use MintyPHP\Repository\User\UserWriteRepositoryInterface;
|
||||
use MintyPHP\Service\User\UserAssignmentService;
|
||||
use MintyPHP\Service\User\UserAvatarService;
|
||||
|
||||
class SsoUserLinkService
|
||||
{
|
||||
@@ -15,8 +16,8 @@ class SsoUserLinkService
|
||||
private readonly UserAssignmentService $userAssignmentService,
|
||||
private readonly UserTenantRepositoryInterface $userTenantRepository,
|
||||
private readonly AuthSettingsGateway $settingsGateway,
|
||||
private readonly AuthTenantSsoGateway $tenantSsoGateway,
|
||||
private readonly AuthAvatarGateway $avatarGateway,
|
||||
private readonly TenantSsoService $tenantSsoService,
|
||||
private readonly UserAvatarService $avatarService,
|
||||
private readonly AuthExternalIdentityGateway $externalIdentityGateway
|
||||
) {
|
||||
}
|
||||
@@ -34,7 +35,7 @@ class SsoUserLinkService
|
||||
return ['ok' => false, 'error' => 'identity_invalid'];
|
||||
}
|
||||
|
||||
$providerKey = $this->tenantSsoGateway->microsoftProviderKey();
|
||||
$providerKey = $this->tenantSsoService->microsoftProviderKey();
|
||||
// Look up by OID first (stable Microsoft object ID), fall back to issuer+subject
|
||||
// to handle tenants that migrated from an older OIDC setup without OID.
|
||||
$identity = $this->externalIdentityGateway->findByProviderTidOid(
|
||||
@@ -136,9 +137,9 @@ class SsoUserLinkService
|
||||
return;
|
||||
}
|
||||
|
||||
$syncFields = $this->tenantSsoGateway->normalizeProfileSyncFields($claims['sync_profile_fields'] ?? []);
|
||||
$syncFields = $this->tenantSsoService->normalizeProfileSyncFields($claims['sync_profile_fields'] ?? []);
|
||||
if (!$syncFields) {
|
||||
$syncFields = $this->tenantSsoGateway->defaultProfileSyncFields();
|
||||
$syncFields = $this->tenantSsoService->defaultProfileSyncFields();
|
||||
}
|
||||
if (!$syncFields) {
|
||||
return;
|
||||
@@ -202,12 +203,12 @@ class SsoUserLinkService
|
||||
return;
|
||||
}
|
||||
$userUuid = (string) ($user['uuid'] ?? '');
|
||||
if (!$this->avatarGateway->isValidUuid($userUuid)) {
|
||||
if (!$this->avatarService->isValidUuid($userUuid)) {
|
||||
return;
|
||||
}
|
||||
|
||||
// Keep avatar current with Microsoft profile photo on each login.
|
||||
$this->avatarGateway->saveBinary($userUuid, $binary, $avatarMime);
|
||||
$this->avatarService->saveBinary($userUuid, $binary, $avatarMime);
|
||||
}
|
||||
|
||||
private function ensureTenantAssignment(int $userId, int $tenantId): void
|
||||
@@ -228,7 +229,7 @@ class SsoUserLinkService
|
||||
string $email
|
||||
): void {
|
||||
try {
|
||||
$providerKey = $this->tenantSsoGateway->microsoftProviderKey();
|
||||
$providerKey = $this->tenantSsoService->microsoftProviderKey();
|
||||
$this->externalIdentityGateway->createLink([
|
||||
'user_id' => $userId,
|
||||
'provider' => $providerKey,
|
||||
|
||||
Reference in New Issue
Block a user