1
0

refactor(settings/sso): drop storage-metadata field hints, slim authority card

The shared client ID and shared client secret carried "setting key for…"
DB descriptions that describe the storage row, not what the field means
to an admin — they leaked metadata into the form. The authority card
also had an info blockquote that paraphrased the URL placeholder and
the DB description below it.

Kept: the tenant-opt-in blockquote on the credentials card (it explains
that these values only apply where a tenant has enabled "Use shared app
credentials", which isn't obvious otherwise) and the "leave empty to
keep" hint on the secret input.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-04-25 18:27:25 +02:00
parent 1f46ea602f
commit e11db7d918

View File

@@ -12,8 +12,6 @@ $values = $values ?? [];
$settings = $settings ?? [];
$microsoftSharedClientId = (string) ($values['microsoft_shared_client_id'] ?? '');
$microsoftAuthority = (string) ($values['microsoft_authority'] ?? '');
$microsoftSharedClientIdDesc = $settings['microsoft_shared_client_id']['description'] ?? 'setting.microsoft_shared_client_id';
$microsoftSharedClientSecretDesc = $settings['microsoft_shared_client_secret_enc']['description'] ?? 'setting.microsoft_shared_client_secret_enc';
$microsoftAuthorityDesc = $settings['microsoft_authority']['description'] ?? 'setting.microsoft_authority';
$canUpdateSettings = (bool) ($canUpdateSettings ?? false);
$isReadOnly = !$canUpdateSettings;
@@ -62,12 +60,10 @@ $readonlyAttr = $isReadOnly ? 'readonly' : '';
<label class="app-field">
<span><?php e(t('Shared client ID')); ?></span>
<input type="text" name="microsoft_shared_client_id" value="<?php e($microsoftSharedClientId); ?>" <?php e($readonlyAttr); ?>>
<small><?php e(t($microsoftSharedClientIdDesc)); ?></small>
</label>
<label class="app-field">
<span><?php e(t('Shared client secret')); ?></span>
<input type="password" name="microsoft_shared_client_secret" value="" autocomplete="new-password" <?php e($readonlyAttr); ?>>
<small><?php e(t($microsoftSharedClientSecretDesc)); ?></small>
<small class="muted"><?php e(t('Leave empty to keep the currently stored client secret.')); ?></small>
</label>
</div>
@@ -81,9 +77,6 @@ $readonlyAttr = $isReadOnly ? 'readonly' : '';
</span>
</summary>
<div class="app-details-card-container">
<blockquote data-variant="info">
<small><?php e(t('The authority URL defines the Microsoft identity tenant endpoint used for sign-in.')); ?></small>
</blockquote>
<label class="app-field">
<span><?php e(t('Authority URL')); ?></span>
<input type="url" name="microsoft_authority" value="<?php e($microsoftAuthority); ?>" placeholder="https://login.microsoftonline.com/common/v2.0" <?php e($readonlyAttr); ?>>