feat: ssoid search

extend.php

@@ -16,6 +16,8 @@
 use Flarum\Extend;
 use Flarum\Frontend\Document;
 use Flarum\User\Event\LoggedOut;
+use Flarum\User\Filter\UserFilterer;
+use Flarum\User\Search\UserSearcher;
 use FoF\Extend\Events\OAuthLoginSuccessful;
 
 return [
@@ -72,4 +74,10 @@
 
     (new Extend\ApiSerializer(CurrentUserSerializer::class))
         ->attributes(Api\CurrentUserAttributes::class),
+
+    (new Extend\Filter(UserFilterer::class))
+        ->addFilter(Query\SsoIdFilterGambit::class),
+
+    (new Extend\SimpleFlarumSearch(UserSearcher::class))
+        ->addGambit(Query\SsoIdFilterGambit::class),
 ];

js/src/forum/components/ProviderInfo.tsx

@@ -61,6 +61,17 @@ export default class ProviderInfo extends Component<IProviderInfoAttrs> {
       90
     );
 
+    items.add(
+      'identification',
+      <LabelValue
+        label={app.translator.trans('fof-oauth.forum.user.settings.linked-account.identification-label', {
+          provider: app.translator.trans(`fof-oauth.forum.providers.${provider.name()}`),
+        })}
+        value={provider.providerIdentifier()}
+      />,
+      80
+    );
+
     return items;
   }
 }

resources/locale/en.yml

@@ -89,6 +89,7 @@ fof-oauth:
           label: Linked accounts
           last-used-label: Last used
           link-created-label: Link created
+          identification-label: "{provider} ID"
           orphaned-account: You have signed in through this provider previously, but this forum has disabled sign-in with this method since.
           help: These linked accounts allow you to sign into the forum using other providers.
           identifier-label: "{provider} ID"

src/Query/SsoIdFilterGambit.php

@@ -0,0 +1,59 @@
+<?php
+
+namespace FoF\OAuth\Query;
+
+use Flarum\Filter\FilterInterface;
+use Flarum\Filter\FilterState;
+use Flarum\Filter\ValidateFilterTrait;
+use Flarum\Search\AbstractRegexGambit;
+use Flarum\Search\SearchState;
+use Illuminate\Database\Query\Builder;
+
+class SsoIdFilterGambit extends AbstractRegexGambit implements FilterInterface
+{
+    use ValidateFilterTrait;
+
+    public function apply(SearchState $search, $bit)
+    {
+        if (! $search->getActor()->hasPermission('fof-oauth.admin.permissions.moderate_user_providers')) {
+            return false;
+        }
+
+        return parent::apply($search, $bit);
+    }
+
+    public function getGambitPattern()
+    {
+        return 'sso:(.+)';
+    }
+
+    protected function conditions(SearchState $search, array $matches, $negate)
+    {
+        $this->constrain($search->getQuery(), $matches[1], $negate);
+    }
+
+    public function getFilterKey(): string
+    {
+        return 'sso';
+    }
+
+    public function filter(FilterState $filterState, $filterValue, bool $negate)
+    {
+        if (! $filterState->getActor()->hasPermission('fof-oauth.admin.permissions.moderate_user_providers')) {
+            return;
+        }
+
+        $this->constrain($filterState->getQuery(), $filterValue, $negate);
+    }
+
+    protected function constrain(Builder $query, $rawSso, bool $negate)
+    {
+        $sso = $this->asString($rawSso);
+
+        $query->whereIn('id', function ($query) use ($sso) {
+            $query->select('user_id')
+                ->from('login_providers')
+                ->where('identifier', $sso);
+        });
+    }
+}