Initial commit

2025-12-21 10:00:41 -05:00
commit d2b2846567
17 changed files with 2757 additions and 0 deletions
--- a/lib/Stores/CredentialStore.php
+++ b/lib/Stores/CredentialStore.php
@@ -0,0 +1,120 @@
+<?php
+
+declare(strict_types=1);
+
+namespace KTXM\AuthenticationProviderPassword\Stores;
+
+use KTXC\Db\DataStore;
+
+/**
+ * Credential Store for Default Identity Provider
+ * Manages local authentication credentials
+ * 
+ * Collection: provider_identity_default
+ * Schema: {
+ *   tid: string,        // Tenant identifier
+ *   identifier: string, // User identity (email/username)
+ *   secret: string,     // Encrypted password
+ *   created_at: int,    // Creation timestamp
+ *   updated_at: int     // Last update timestamp
+ * }
+ */
+class CredentialStore
+{
+    protected const COLLECTION_NAME = 'provider_identity_default';
+
+    public function __construct(private DataStore $store)
+    { }
+    
+    /**
+     * Fetch credential record by identifier (email/username)
+     * 
+     * @param string $tenant Tenant identifier
+     * @param string $identifier User identity
+     * @return array|null Credential record or null if not found
+     */
+    public function fetchByIdentifier(string $tenant, string $identifier): ?array
+    {
+        $entry = $this->store->selectCollection(self::COLLECTION_NAME)->findOne([
+            'tid' => $tenant, 
+            'identifier' => $identifier
+        ]);
+        
+        if (!$entry) { 
+            return null; 
+        }
+        
+        return (array)$entry;
+    }
+
+    /**
+     * Create a new credential record
+     * 
+     * @param string $tenant Tenant identifier
+     * @param string $identifier User identity
+     * @param string $encryptedSecret Encrypted password
+     * @return bool Whether creation was successful
+     */
+    public function create(string $tenant, string $identifier, string $encryptedSecret): bool
+    {
+        $result = $this->store->selectCollection(self::COLLECTION_NAME)->insertOne([
+            'tid' => $tenant,
+            'identifier' => $identifier,
+            'secret' => $encryptedSecret,
+            'created_at' => time(),
+            'updated_at' => time(),
+        ]);
+        
+        return $result->isAcknowledged();
+    }
+
+    /**
+     * Update credential secret
+     * 
+     * @param string $tenant Tenant identifier
+     * @param string $identifier User identity
+     * @param string $encryptedSecret New encrypted password
+     * @return bool Whether update was successful
+     */
+    public function updateSecret(string $tenant, string $identifier, string $encryptedSecret): bool
+    {
+        $result = $this->store->selectCollection(self::COLLECTION_NAME)->updateOne(
+            ['tid' => $tenant, 'identifier' => $identifier],
+            ['$set' => [
+                'secret' => $encryptedSecret,
+                'updated_at' => time(),
+            ]]
+        );
+        
+        return $result->isAcknowledged();
+    }
+
+    /**
+     * Delete credential record
+     * 
+     * @param string $tenant Tenant identifier
+     * @param string $identifier User identity
+     * @return bool Whether deletion was successful
+     */
+    public function delete(string $tenant, string $identifier): bool
+    {
+        $result = $this->store->selectCollection(self::COLLECTION_NAME)->deleteOne([
+            'tid' => $tenant, 
+            'identifier' => $identifier
+        ]);
+        
+        return $result->isAcknowledged();
+    }
+
+    /**
+     * Check if credential exists for identifier
+     * 
+     * @param string $tenant Tenant identifier
+     * @param string $identifier User identity
+     * @return bool Whether credential exists
+     */
+    public function exists(string $tenant, string $identifier): bool
+    {
+        return $this->fetchByIdentifier($tenant, $identifier) !== null;
+    }
+}