Files
breadcrumb-the-shire/lib/Service/Auth/AuthServicesFactory.php
fs 0c351f6aff refactor(audit): extract audit domain into self-contained module
Move the entire audit subsystem (system audit, API audit, import audit,
user lifecycle audit, frontend telemetry) from core into modules/audit/.

Core decoupling via interface-based injection:
- AuditRecorderInterface replaces SystemAuditService in 10+ core services
- UserLifecycleAuditInterface / ImportAuditInterface for specialized flows
- NullAuditRecorder fallback when audit module is disabled
- ApiBootstrap/ApiResponse use null-safe callable resolvers

Module structure (modules/audit/):
- Manifest with routes, permissions, scheduler jobs, authorization policy
- 9 services, 8 repositories, 6 domain enums, 4 job handlers
- 33 page files, 4 JS files, 8 test files, migration scripts, i18n

Core cleanup:
- OperationsAuthorizationPolicy, UiCapabilityMap, PermissionService
  surgically cleaned of audit-specific constants
- Sidebar template cleared of hardcoded audit navigation
- AuditModuleIsolationContractTest ensures no future core→module coupling

All quality gates pass: 1346 tests (19,276 assertions), PHPStan level 5
clean, architecture contracts verified.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 21:12:49 +01:00

180 lines
7.4 KiB
PHP

<?php
namespace MintyPHP\Service\Auth;
use MintyPHP\App\AppContainer;
use MintyPHP\App\Module\ModuleEventDispatcher;
use MintyPHP\Http\CookieStoreInterface;
use MintyPHP\Http\RequestRuntimeInterface;
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Repository\Support\DatabaseSessionRepository;
use MintyPHP\Service\Audit\AuditRecorderInterface;
use MintyPHP\Service\Mail\MailServicesFactory;
use MintyPHP\Service\User\UserServicesFactory;
class AuthServicesFactory
{
private ?TenantSsoService $tenantSsoService = null;
private ?LdapAuthService $ldapAuthService = null;
private ?MicrosoftOidcStateStoreService $microsoftOidcStateStoreService = null;
private ?MicrosoftOidcService $microsoftOidcService = null;
private ?ApiTokenService $apiTokenService = null;
private ?PasswordResetService $passwordResetService = null;
private ?EmailVerificationService $emailVerificationService = null;
private ?RememberMeService $rememberMeService = null;
private ?AuthService $authService = null;
private ?SsoUserLinkService $ssoUserLinkService = null;
private ?AuthSessionTenantContextService $authSessionTenantContextService = null;
public function __construct(
private readonly UserServicesFactory $userServicesFactory,
private readonly AuditRecorderInterface $auditRecorder,
private readonly MailServicesFactory $mailServicesFactory,
private readonly AuthRepositoryFactory $authRepositoryFactory,
private readonly AuthGatewayFactory $authGatewayFactory,
private readonly DatabaseSessionRepository $databaseSessionRepository,
private readonly SessionStoreInterface $sessionStore,
private readonly CookieStoreInterface $cookieStore,
private readonly RequestRuntimeInterface $requestRuntime,
private readonly AppContainer $appContainer
) {
}
public function createApiTokenService(): ApiTokenService
{
return $this->apiTokenService ??= new ApiTokenService(
$this->userServicesFactory->createUserReadRepository(),
$this->authRepositoryFactory->createApiTokenRepository(),
$this->authGatewayFactory->createAuthSettingsGateway(),
$this->authGatewayFactory->getTenantScopeService(),
$this->databaseSessionRepository,
$this->requestRuntime
);
}
public function createPasswordResetService(): PasswordResetService
{
return $this->passwordResetService ??= new PasswordResetService(
$this->userServicesFactory->createUserReadRepository(),
$this->authRepositoryFactory->createPasswordResetRepository(),
$this->userServicesFactory->createUserPasswordService(),
$this->createRememberMeService(),
$this->mailServicesFactory->createMailService()
);
}
public function createEmailVerificationService(): EmailVerificationService
{
return $this->emailVerificationService ??= new EmailVerificationService(
$this->userServicesFactory->createUserReadRepository(),
$this->userServicesFactory->createUserWriteRepository(),
$this->authRepositoryFactory->createEmailVerificationRepository(),
$this->mailServicesFactory->createMailService()
);
}
public function createRememberMeService(): RememberMeService
{
return $this->rememberMeService ??= new RememberMeService(
$this->userServicesFactory->createUserReadRepository(),
$this->userServicesFactory->createUserWriteRepository(),
$this->authRepositoryFactory->createRememberTokenRepository(),
$this->authGatewayFactory->createPermissionService(),
$this->createAuthSessionTenantContextService(),
$this->sessionStore,
$this->cookieStore,
$this->requestRuntime,
$this->authGatewayFactory->createAuthSettingsGateway(),
new RememberMeRateLimiter()
);
}
public function createAuthService(): AuthService
{
return $this->authService ??= new AuthService(
$this->userServicesFactory->createUserReadRepository(),
$this->userServicesFactory->createUserWriteRepository(),
$this->userServicesFactory->createUserAccountService(),
$this->userServicesFactory->createUserTenantContextService(),
$this->createRememberMeService(),
$this->createEmailVerificationService(),
$this->authGatewayFactory->createPermissionService(),
$this->createTenantSsoService(),
$this->createAuthSessionTenantContextService(),
$this->auditRecorder,
$this->sessionStore,
$this->resolveEventDispatcher()
);
}
public function createSsoUserLinkService(): SsoUserLinkService
{
return $this->ssoUserLinkService ??= new SsoUserLinkService(
$this->userServicesFactory->createUserReadRepository(),
$this->userServicesFactory->createUserWriteRepository(),
$this->userServicesFactory->createUserAssignmentService(),
$this->userServicesFactory->createUserTenantRepository(),
$this->authGatewayFactory->createAuthSettingsGateway(),
$this->createTenantSsoService(),
$this->userServicesFactory->createUserAvatarService(),
$this->authGatewayFactory->createAuthExternalIdentityGateway()
);
}
public function createTenantSsoService(): TenantSsoService
{
return $this->tenantSsoService ??= new TenantSsoService(
$this->authGatewayFactory->createAuthTenantGateway(),
$this->authRepositoryFactory->createTenantMicrosoftAuthRepository(),
$this->authRepositoryFactory->createTenantLdapAuthRepository(),
$this->authGatewayFactory->createAuthSettingsGateway(),
$this->authGatewayFactory->createAuthCryptoGateway()
);
}
public function createLdapAuthService(): LdapAuthService
{
return $this->ldapAuthService ??= new LdapAuthService(
new LdapConnectionGateway()
);
}
public function createMicrosoftOidcStateStore(): MicrosoftOidcStateStoreService
{
return $this->microsoftOidcStateStoreService ??= new MicrosoftOidcStateStoreService($this->sessionStore);
}
public function createMicrosoftOidcService(): MicrosoftOidcService
{
return $this->microsoftOidcService ??= new MicrosoftOidcService(
$this->createTenantSsoService(),
$this->authGatewayFactory->createAuthTenantGateway(),
$this->createOidcHttpGateway(),
$this->createMicrosoftOidcStateStore()
);
}
private function createOidcHttpGateway(): OidcHttpGateway
{
return new OidcHttpGateway();
}
private function resolveEventDispatcher(): ?ModuleEventDispatcher
{
if ($this->appContainer->has(ModuleEventDispatcher::class)) {
$dispatcher = $this->appContainer->get(ModuleEventDispatcher::class);
return $dispatcher instanceof ModuleEventDispatcher ? $dispatcher : null;
}
return null;
}
private function createAuthSessionTenantContextService(): AuthSessionTenantContextService
{
return $this->authSessionTenantContextService ??= new AuthSessionTenantContextService(
$this->userServicesFactory->createUserTenantContextService(),
$this->sessionStore,
$this->appContainer
);
}
}