forked from fa/breadcrumb-the-shire
refactor(settings/sso): drop storage-metadata field hints, slim authority card
The shared client ID and shared client secret carried "setting key for…" DB descriptions that describe the storage row, not what the field means to an admin — they leaked metadata into the form. The authority card also had an info blockquote that paraphrased the URL placeholder and the DB description below it. Kept: the tenant-opt-in blockquote on the credentials card (it explains that these values only apply where a tenant has enabled "Use shared app credentials", which isn't obvious otherwise) and the "leave empty to keep" hint on the secret input. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -12,8 +12,6 @@ $values = $values ?? [];
|
||||
$settings = $settings ?? [];
|
||||
$microsoftSharedClientId = (string) ($values['microsoft_shared_client_id'] ?? '');
|
||||
$microsoftAuthority = (string) ($values['microsoft_authority'] ?? '');
|
||||
$microsoftSharedClientIdDesc = $settings['microsoft_shared_client_id']['description'] ?? 'setting.microsoft_shared_client_id';
|
||||
$microsoftSharedClientSecretDesc = $settings['microsoft_shared_client_secret_enc']['description'] ?? 'setting.microsoft_shared_client_secret_enc';
|
||||
$microsoftAuthorityDesc = $settings['microsoft_authority']['description'] ?? 'setting.microsoft_authority';
|
||||
$canUpdateSettings = (bool) ($canUpdateSettings ?? false);
|
||||
$isReadOnly = !$canUpdateSettings;
|
||||
@@ -62,12 +60,10 @@ $readonlyAttr = $isReadOnly ? 'readonly' : '';
|
||||
<label class="app-field">
|
||||
<span><?php e(t('Shared client ID')); ?></span>
|
||||
<input type="text" name="microsoft_shared_client_id" value="<?php e($microsoftSharedClientId); ?>" <?php e($readonlyAttr); ?>>
|
||||
<small><?php e(t($microsoftSharedClientIdDesc)); ?></small>
|
||||
</label>
|
||||
<label class="app-field">
|
||||
<span><?php e(t('Shared client secret')); ?></span>
|
||||
<input type="password" name="microsoft_shared_client_secret" value="" autocomplete="new-password" <?php e($readonlyAttr); ?>>
|
||||
<small><?php e(t($microsoftSharedClientSecretDesc)); ?></small>
|
||||
<small class="muted"><?php e(t('Leave empty to keep the currently stored client secret.')); ?></small>
|
||||
</label>
|
||||
</div>
|
||||
@@ -81,9 +77,6 @@ $readonlyAttr = $isReadOnly ? 'readonly' : '';
|
||||
</span>
|
||||
</summary>
|
||||
<div class="app-details-card-container">
|
||||
<blockquote data-variant="info">
|
||||
<small><?php e(t('The authority URL defines the Microsoft identity tenant endpoint used for sign-in.')); ?></small>
|
||||
</blockquote>
|
||||
<label class="app-field">
|
||||
<span><?php e(t('Authority URL')); ?></span>
|
||||
<input type="url" name="microsoft_authority" value="<?php e($microsoftAuthority); ?>" placeholder="https://login.microsoftonline.com/common/v2.0" <?php e($readonlyAttr); ?>>
|
||||
|
||||
Reference in New Issue
Block a user