Files
breadcrumb-the-shire/pages/admin/settings/sso(default).phtml
fs e11db7d918 refactor(settings/sso): drop storage-metadata field hints, slim authority card
The shared client ID and shared client secret carried "setting key for…"
DB descriptions that describe the storage row, not what the field means
to an admin — they leaked metadata into the form. The authority card
also had an info blockquote that paraphrased the URL placeholder and
the DB description below it.

Kept: the tenant-opt-in blockquote on the credentials card (it explains
that these values only apply where a tenant has enabled "Use shared app
credentials", which isn't obvious otherwise) and the "leave empty to
keep" hint on the secret input.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-25 18:27:25 +02:00

95 lines
3.9 KiB
PHTML

<?php
/**
* @var array $values
* @var array $settings
* @var bool $canUpdateSettings
*/
use MintyPHP\Session;
$values = $values ?? [];
$settings = $settings ?? [];
$microsoftSharedClientId = (string) ($values['microsoft_shared_client_id'] ?? '');
$microsoftAuthority = (string) ($values['microsoft_authority'] ?? '');
$microsoftAuthorityDesc = $settings['microsoft_authority']['description'] ?? 'setting.microsoft_authority';
$canUpdateSettings = (bool) ($canUpdateSettings ?? false);
$isReadOnly = !$canUpdateSettings;
$readonlyAttr = $isReadOnly ? 'readonly' : '';
?>
<div class="app-details-container">
<section>
<?php
$titlebar = [
'title' => t('Microsoft SSO settings'),
'backHref' => 'admin/settings',
'backTitle' => t('Cancel'),
'actions' => $canUpdateSettings ? [
[
'form' => 'settings-sso-form',
'name' => 'action',
'value' => 'save',
'class' => 'secondary outline',
'label' => t('Save'),
],
[
'form' => 'settings-sso-form',
'name' => 'action',
'value' => 'save_close',
'class' => 'primary',
'label' => t('Save & close'),
],
] : [],
];
require templatePath('partials/app-details-titlebar.phtml');
?>
<form id="settings-sso-form" method="post" data-details-storage="settings-sso-details-v1" data-standard-detail-form="1">
<details class="app-details-card" name="settings-integrations-microsoft-auth" data-details-key="settings-integrations-microsoft-auth" open>
<summary>
<span class="app-details-card-summary-title"><?php e(t('Shared Microsoft credentials')); ?></span>
<span class="app-details-card-summary-meta">
<span class="badge" data-variant="neutral"><?php e($microsoftSharedClientId !== '' ? t('Configured') : t('Not configured')); ?></span>
</span>
</summary>
<div class="app-details-card-container">
<blockquote data-variant="info">
<small><?php e(t('Shared Microsoft app credentials are used by tenants that enable "Use shared app credentials".')); ?></small>
</blockquote>
<label class="app-field">
<span><?php e(t('Shared client ID')); ?></span>
<input type="text" name="microsoft_shared_client_id" value="<?php e($microsoftSharedClientId); ?>" <?php e($readonlyAttr); ?>>
</label>
<label class="app-field">
<span><?php e(t('Shared client secret')); ?></span>
<input type="password" name="microsoft_shared_client_secret" value="" autocomplete="new-password" <?php e($readonlyAttr); ?>>
<small class="muted"><?php e(t('Leave empty to keep the currently stored client secret.')); ?></small>
</label>
</div>
</details>
<details class="app-details-card" name="settings-integrations-microsoft-authority" data-details-key="settings-integrations-microsoft-authority">
<summary>
<span class="app-details-card-summary-title"><?php e(t('Authority endpoint')); ?></span>
<span class="app-details-card-summary-meta">
<span class="badge" data-variant="neutral"><?php e($microsoftAuthority !== '' ? t('Configured') : t('Not configured')); ?></span>
</span>
</summary>
<div class="app-details-card-container">
<label class="app-field">
<span><?php e(t('Authority URL')); ?></span>
<input type="url" name="microsoft_authority" value="<?php e($microsoftAuthority); ?>" placeholder="https://login.microsoftonline.com/common/v2.0" <?php e($readonlyAttr); ?>>
<small><?php e(t($microsoftAuthorityDesc)); ?></small>
</label>
</div>
</details>
<?php Session::getCsrfInput(); ?>
</form>
</section>
<aside id="app-details-aside-section">
<div class="app-details-aside-section"></div>
</aside>
</div>