agent foundation

This commit is contained in:
2026-03-06 00:44:52 +01:00
parent 9819cba733
commit 9a08f96c11
199 changed files with 8522 additions and 1880 deletions

View File

@@ -2,6 +2,7 @@
namespace MintyPHP\Service\Auth;
use MintyPHP\Http\RequestRuntimeInterface;
use MintyPHP\Repository\Auth\ApiTokenRepositoryInterface;
use MintyPHP\Repository\Support\DatabaseSessionRepository;
use MintyPHP\Repository\User\UserReadRepositoryInterface;
@@ -15,7 +16,8 @@ class ApiTokenService
private readonly ApiTokenRepositoryInterface $apiTokenRepository,
private readonly AuthSettingsGateway $settingsGateway,
private readonly AuthScopeGateway $scopeGateway,
private readonly DatabaseSessionRepository $databaseSessionRepository
private readonly DatabaseSessionRepository $databaseSessionRepository,
private readonly RequestRuntimeInterface $requestRuntime
) {
}
@@ -76,6 +78,7 @@ class ApiTokenService
return ['ok' => false, 'error' => 'invalid_expires_at'];
}
// Selector is public (used for lookup); verifier is the secret (only its hash is stored).
$selector = bin2hex(random_bytes(12));
$plainToken = bin2hex(random_bytes(32));
$tokenHash = hash('sha256', $plainToken);
@@ -140,6 +143,7 @@ class ApiTokenService
$tenantId = null;
}
// Wrap revoke+create in a transaction so rotation is atomic — no gap where neither token is valid.
$transactionStarted = false;
try {
$this->databaseSessionRepository->beginTransaction();
@@ -260,7 +264,7 @@ class ApiTokenService
return null;
}
$ip = $_SERVER['REMOTE_ADDR'] ?? '';
$ip = $this->requestRuntime->ip();
$this->apiTokenRepository->updateLastUsed((int) $record['id'], $ip);
return [