Refactor of micropub request handling

Trying to organise the code better. It now temporarily doesn’t support update requests. Thought the spec defines them as SHOULD features and not MUST features. So safe for now :)
Refactor micropub token verification
2025-04-27 16:38:25 +01:00 · 2025-04-12 11:47:30 +01:00 · 2025-04-10 21:03:22 +01:00 · 2025-04-10 20:09:36 +01:00 · 2025-04-10 17:08:19 +01:00 · 2025-04-10 16:53:23 +01:00
266 changed files with 8530 additions and 8976 deletions
--- a/.env.dusk.testing
+++ b/.env.dusk.testing
@ -1,14 +0,0 @@
 APP_ENV=testing
 APP_DEBUG=true
 APP_KEY=base64:6DJhvZLVjE6dD4Cqrteh+6Z5vZlG+v/soCKcDHLOAH0=
 APP_URL=http://localhost:8000
 APP_LONGURL=localhost
 APP_SHORTURL=local
 DB_CONNECTION=travis
 CACHE_DRIVER=array
 SESSION_DRIVER=file
 QUEUE_DRIVER=sync
 SCOUT_DRIVER=pgsql
--- a/.env.example
+++ b/.env.example
@ -2,11 +2,22 @@ APP_NAME=Laravel
 APP_ENV=local
 APP_KEY=
 APP_DEBUG=true
 APP_TIMEZONE=UTC
 APP_URL=https://example.com
-APP_LONGURL=example.com
+
-APP_SHORTURL=examp.le
+APP_LOCALE=en
 APP_FALLBACK_LOCALE=en
 APP_FAKER_LOCALE=en_US
 APP_MAINTENANCE_DRIVER=file
 # APP_MAINTENANCE_STORE=database
 PHP_CLI_SERVER_WORKERS=4
 BCRYPT_ROUNDS=12
 LOG_CHANNEL=stack
 LOG_STACK=single
 LOG_DEPRECATIONS_CHANNEL=null
 LOG_LEVEL=debug
@ -17,22 +28,30 @@ DB_DATABASE=laravel
 DB_USERNAME=root
 DB_PASSWORD=
-BROADCAST_DRIVER=log
+SESSION_DRIVER=database
 CACHE_DRIVER=file
 FILESYSTEM_DISK=local
 QUEUE_CONNECTION=sync
 SESSION_DRIVER=file
 SESSION_LIFETIME=120
 SESSION_ENCRYPT=false
 SESSION_PATH=/
 SESSION_DOMAIN=null
 BROADCAST_CONNECTION=log
 FILESYSTEM_DISK=local
 QUEUE_CONNECTION=database
 CACHE_STORE=database
 # CACHE_PREFIX=
 MEMCACHED_HOST=127.0.0.1
 REDIS_CLIENT=phpredis
 REDIS_HOST=127.0.0.1
 REDIS_PASSWORD=null
 REDIS_PORT=6379
-MAIL_MAILER=smtp
+MAIL_MAILER=log
-MAIL_HOST=mailhog
+MAIL_SCHEME=null
-MAIL_PORT=1025
+MAIL_HOST=127.0.0.1
 MAIL_PORT=2525
 MAIL_USERNAME=null
 MAIL_PASSWORD=null
 MAIL_ENCRYPTION=null
@ -45,19 +64,7 @@ AWS_DEFAULT_REGION=us-east-1
 AWS_BUCKET=
 AWS_USE_PATH_STYLE_ENDPOINT=false
-PUSHER_APP_ID=
+VITE_APP_NAME="${APP_NAME}"
 PUSHER_APP_KEY=
 PUSHER_APP_SECRET=
 PUSHER_HOST=
 PUSHER_PORT=443
 PUSHER_SCHEME=https
 PUSHER_APP_CLUSTER=mt1
 VITE_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
 VITE_PUSHER_HOST="${PUSHER_HOST}"
 VITE_PUSHER_PORT="${PUSHER_PORT}"
 VITE_PUSHER_SCHEME="${PUSHER_SCHEME}"
 VITE_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
 ADMIN_USER=admin# pick something better, this is used for `/admin`
 ADMIN_PASS=password
@ -71,19 +78,13 @@ TWITTER_ACCESS_TOKEN_SECRET=
 SCOUT_DRIVER=database
 SCOUT_QUEUE=false
 PIWIK=false
 PIWIK_ID=1
 PIWIK_URL=https://analytics.jmb.lv/piwik.php
 FATHOM_ID=
 APP_TIMEZONE=UTC
 APP_LANG=en
 APP_LOG=daily
 SESSION_SECURE_COOKIE=true
 SESSION_SAME_SITE=strict
 LOG_SLACK_WEBHOOK_URL=
 FLARE_KEY=
 IGNITION_OPEN_AI_KEY=
 BRIDGY_MASTODON_TOKEN=
--- a/.env.github
+++ b/.env.github
@ -1,70 +0,0 @@
 APP_NAME=Laravel
 APP_ENV=testing
 APP_KEY=SomeRandomString # Leave this
 APP_DEBUG=false
 APP_LOG_LEVEL=warning
 DB_CONNECTION=pgsql
 DB_HOST=127.0.0.1
 DB_PORT=5432
 DB_DATABASE=jbukdev_testing
 DB_USERNAME=postgres
 DB_PASSWORD=postgres
 BROADCAST_DRIVER=log
 CACHE_DRIVER=file
 SESSION_DRIVER=file
 QUEUE_DRIVER=sync
 REDIS_HOST=127.0.0.1
 REDIS_PASSWORD=null
 REDIS_PORT=6379
 MAIL_DRIVER=smtp
 MAIL_HOST=smtp.mailtrap.io
 MAIL_PORT=2525
 MAIL_USERNAME=null
 MAIL_PASSWORD=null
 MAIL_ENCRYPTION=null
 PUSHER_APP_ID=
 PUSHER_APP_KEY=
 PUSHER_APP_SECRET=
 AWS_S3_KEY=your-key
 AWS_S3_SECRET=your-secret
 AWS_S3_REGION=region
 AWS_S3_BUCKET=your-bucket
 AWS_S3_URL=https://xxxxxxx.s3-region.amazonaws.com
 APP_URL=https://example.com # This one is necessary
 APP_LONGURL=example.com
 APP_SHORTURL=examp.le
 ADMIN_USER=admin # pick something better, this is used for `/admin`
 ADMIN_PASS=password
 DISPLAY_NAME="Joe Bloggs" # This is used for example in the header and titles
 TWITTER_CONSUMER_KEY=
 TWITTER_CONSUMER_SECRET=
 TWITTER_ACCESS_TOKEN=
 TWITTER_ACCESS_TOKEN_SECRET=
 SCOUT_DRIVER=database
 SCOUT_QUEUE=false
 PIWIK=false
 FATHOM_ID=
 APP_TIMEZONE=UTC
 APP_LANG=en
 APP_LOG=daily
 SECURE_SESSION_COOKIE=true
 LOG_SLACK_WEBHOOK_URL=
 FLARE_KEY=
 FONT_LINK=
 BRIDGY_MASTODON_TOKEN=
--- a/.eslintrc.yml
+++ b/.eslintrc.yml
@ -1,38 +0,0 @@
 parserOptions:
  sourceType: 'module'
  ecmaVersion: 'latest'
 extends: 'eslint:recommended'
 env:
  browser: true
  es6: true
 ignorePatterns:
  - webpack.config.js
 rules:
  indent:
    - error
    - 2
  linebreak-style:
    - error
    - unix
  quotes:
    - error
    - single
  semi:
    - error
    - always
  no-console:
    - error
    - allow:
      - warn
      - error
  no-await-in-loop:
    - error
  no-promise-executor-return:
    - error
  require-atomic-updates:
    - error
  max-nested-callbacks:
    - error
    - 3
  prefer-promise-reject-errors:
    - error
--- a/.gitattributes
+++ b/.gitattributes
@ -5,7 +5,3 @@
 *.html diff=html
 *.md diff=markdown
 *.php diff=php
 /.github export-ignore
 CHANGELOG.md export-ignore
 .styleci.yml export-ignore
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -1,12 +0,0 @@
 version: 2
 updates:
  - package-ecosystem: "composer"
    directory: "/"
    schedule:
      interval: "daily"
  - package-ecosystem: "npm"
    directory: "/"
    schedule:
      interval: "daily"
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@ -1,144 +0,0 @@
 name: Deploy
 on:
  workflow_dispatch:
  release:
    types: [published]
 jobs:
  deploy:
    name: Deploy
    runs-on: ubuntu-latest
    environment: Hetzner
    env:
      repository: 'jonnybarnes/jonnybarnes.uk'
      newReleaseName: '${{ github.run_id }}'
    steps:
      - name: 🌍 Set Environment Variables
        run: |
          echo "releasesDir=${{ secrets.DEPLOYMENT_BASE_DIR }}/releases" >> $GITHUB_ENV
          echo "persistentDir=${{ secrets.DEPLOYMENT_BASE_DIR }}/persistent" >> $GITHUB_ENV
          echo "currentDir=${{ secrets.DEPLOYMENT_BASE_DIR }}/current" >> $GITHUB_ENV
      - name: 🌎 Set Environment Variables Part 2
        run: |
          echo "newReleaseDir=${{ env.releasesDir }}/${{ env.newReleaseName }}" >> $GITHUB_ENV
      - name: 🔄 Clone Repository
        uses: appleboy/ssh-action@master
        with:
          host: ${{ secrets.DEPLOYMENT_HOST }}
          port: ${{ secrets.DEPLOYMENT_PORT }}
          username: ${{ secrets.DEPLOYMENT_USER }}
          key: ${{ secrets.DEPLOYMENT_KEY }}
          script: |
            [ -d ${{ env.releasesDir }} ] || mkdir ${{ env.releasesDir }}
            [ -d ${{ env.persistentDir }} ] || mkdir ${{ env.persistentDir }}
            [ -d ${{ env.persistentDir }}/storage ] || mkdir ${{ env.persistentDir }}/storage
            cd ${{ env.releasesDir }}
            # Create new release directory
            mkdir ${{ env.newReleaseDir }}
            # Clone app
            git clone --depth 1 --branch ${{ github.ref_name }} https://github.com/${{ env.repository }} ${{ env.newReleaseName }}
            # Mark release
            cd ${{ env.newReleaseDir }}
            echo "${{ env.newReleaseName }}" > public/release-name.txt
            # Fix cache directory permissions
            sudo chown -R ${{ secrets.HTTP_USER }}:${{ secrets.HTTP_USER }} bootstrap/cache
      - name: 🎵 Run Composer
        uses: appleboy/ssh-action@master
        with:
          host: ${{ secrets.DEPLOYMENT_HOST }}
          port: ${{ secrets.DEPLOYMENT_PORT }}
          username: ${{ secrets.DEPLOYMENT_USER }}
          key: ${{ secrets.DEPLOYMENT_KEY }}
          script: |
            cd ${{ env.newReleaseDir }}
            composer install --prefer-dist --no-scripts --no-dev --no-progress --optimize-autoloader --quiet --no-interaction
      - name: 🔗 Update Symlinks
        uses: appleboy/ssh-action@master
        with:
          host: ${{ secrets.DEPLOYMENT_HOST }}
          port: ${{ secrets.DEPLOYMENT_PORT }}
          username: ${{ secrets.DEPLOYMENT_USER }}
          key: ${{ secrets.DEPLOYMENT_KEY }}
          script: |
            # Import the environment config
            cd ${{ env.newReleaseDir }};
            ln -nfs ${{ secrets.DEPLOYMENT_BASE_DIR }}/.env .env;
            # Remove the storage directory and replace with persistent data
            rm -rf ${{ env.newReleaseDir }}/storage;
            cd ${{ env.newReleaseDir }};
            ln -nfs ${{ secrets.DEPLOYMENT_BASE_DIR }}/persistent/storage storage;
            # Remove the public/profile-images directory and replace with persistent data
            rm -rf ${{ env.newReleaseDir }}/public/assets/profile-images;
            cd ${{ env.newReleaseDir }};
            ln -nfs ${{ secrets.DEPLOYMENT_BASE_DIR }}/persistent/profile-images public/assets/profile-images;
            # Add the persistent files data
            cd ${{ env.newReleaseDir }};
            ln -nfs ${{ secrets.DEPLOYMENT_BASE_DIR }}/persistent/files public/files;
            # Add the persistent fonts data
            cd ${{ env.newReleaseDir }};
            ln -nfs ${{ secrets.DEPLOYMENT_BASE_DIR }}/persistent/fonts public/fonts;
      - name: ✨ Optimize Installation
        uses: appleboy/ssh-action@master
        with:
          host: ${{ secrets.DEPLOYMENT_HOST }}
          port: ${{ secrets.DEPLOYMENT_PORT }}
          username: ${{ secrets.DEPLOYMENT_USER }}
          key: ${{ secrets.DEPLOYMENT_KEY }}
          script: |
            cd ${{ env.newReleaseDir }};
            sudo runuser -u ${{ secrets.HTTP_USER }} -- php artisan clear-compiled;
      - name: 🙈 Migrate database
        uses: appleboy/ssh-action@master
        with:
          host: ${{ secrets.DEPLOYMENT_HOST }}
          port: ${{ secrets.DEPLOYMENT_PORT }}
          username: ${{ secrets.DEPLOYMENT_USER }}
          key: ${{ secrets.DEPLOYMENT_KEY }}
          script: |
            cd ${{ env.newReleaseDir }}
            sudo runuser -u ${{ secrets.HTTP_USER }} -- php artisan migrate --force
      - name: 🙏 Bless release
        uses: appleboy/ssh-action@master
        with:
          host: ${{ secrets.DEPLOYMENT_HOST }}
          port: ${{ secrets.DEPLOYMENT_PORT }}
          username: ${{ secrets.DEPLOYMENT_USER }}
          key: ${{ secrets.DEPLOYMENT_KEY }}
          script: |
            ln -nfs ${{ env.newReleaseDir }} ${{ env.currentDir }};
            cd ${{ env.newReleaseDir }}
            sudo runuser -u ${{ secrets.HTTP_USER }} -- php artisan horizon:terminate
            sudo runuser -u ${{ secrets.HTTP_USER }} -- php artisan config:cache
            sudo runuser -u ${{ secrets.HTTP_USER }} -- php artisan event:cache
            sudo runuser -u ${{ secrets.HTTP_USER }} -- php artisan route:cache
            sudo runuser -u ${{ secrets.HTTP_USER }} -- php artisan view:cache
            sudo systemctl restart php-fpm.service
            sudo systemctl restart jbuk-horizon.service
      - name: 🚾 Clean up old releases
        uses: appleboy/ssh-action@master
        with:
          host: ${{ secrets.DEPLOYMENT_HOST }}
          port: ${{ secrets.DEPLOYMENT_PORT }}
          username: ${{ secrets.DEPLOYMENT_USER }}
          key: ${{ secrets.DEPLOYMENT_KEY }}
          script: |
            fd '.+' ${{ env.releasesDir }} -d 1 | head -n -3 | xargs -d "\n" -I'{}' sudo chown -R ${{ secrets.DEPLOYMENT_USER }}:${{ secrets.DEPLOYMENT_USER }} {}
            fd '.+' ${{ env.releasesDir }} -d 1 | head -n -3 | xargs -d "\n" -I'{}' rm -rf {}
--- a/.github/workflows/phpunit.yml
+++ b/.github/workflows/phpunit.yml
@ -1,65 +0,0 @@
 name: PHP Unit
 on:
  pull_request:
 jobs:
  phpunit:
    runs-on: ubuntu-latest
    name: PHPUnit test suite
    services:
      postgres:
        image: postgres:latest
        env:
          POSTGRES_USER: postgres
          POSTGRES_PASSWORD: postgres
          POSTGRES_DB: jbukdev_testing
        ports:
          - 5432:5432
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      - name: Setup PHP
        uses: shivammathur/setup-php@v2
        with:
          php-version: '8.3'
          extensions: mbstring, intl, phpredis, imagick
          coverage: xdebug
          tools: phpunit
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: Copy .env
        run: php -r "file_exists('.env') || copy('.env.github', '.env');"
      - name: Get Composer Cache Directory
        id: composer-cache
        run: |
          echo "::set-output name=dir::$(composer config cache-files-dir)"
      - name: Cache composer dependencies
        uses: actions/cache@v3
        with:
          path: ${{ steps.composer-cache.outputs.dir }}
          key: ${{ runner.os }}-php-8.3-composer-${{ hashFiles('**/composer.lock') }}
          restore-keys: |
            ${{ runner.os }}-php-8.3-composer-
      - name: Install Composer Dependencies
        run: composer install --quiet --no-ansi --no-interaction --no-progress
      - name: Generate Key
        run: php artisan key:generate
      - name: Setup Directory Permissions
        run: chmod -R 777 storage bootstrap/cache
      - name: Setup Database
        run: php artisan migrate
      - name: Execute PHPUnit Tests
        run: vendor/bin/phpunit
--- a/.github/workflows/pint.yml
+++ b/.github/workflows/pint.yml
@ -1,38 +0,0 @@
 name: Laravel Pint
 on:
  pull_request:
 jobs:
  pint:
    runs-on: ubuntu-latest
    name: Laravel Pint
    steps:
      - name: Checkout code
        uses: actions/checkout@v3
      - name: Setup PHP with pecl extensions
        uses: shivammathur/setup-php@v2
        with:
          php-version: '8.2'
      - name: Get Composer Cache Directory
        id: composer-cache
        run: |
          echo "::set-output name=dir::$(composer config cache-files-dir)"
      - name: Cache composer dependencies
        uses: actions/cache@v3
        with:
          path: ${{ steps.composer-cache.outputs.dir }}
          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
          restore-keys: |
            ${{ runner.os }}-composer-
      - name: Install Composer Dependencies
        run: composer install --quiet --no-ansi --no-interaction --no-progress
      - name: Check Files with Laravel Pint
        run: vendor/bin/pint --test
--- a/.gitignore
+++ b/.gitignore
@ -4,7 +4,6 @@
 /public/coverage
 /public/hot
 /public/files
 /public/fonts
 /public/storage
 /storage/*.key
 /vendor
@ -21,3 +20,5 @@ yarn-error.log
 /.idea
 /.vscode
 ray.php
 /public/gpg.key
 /public/assets/img/favicon.png
--- a/.styleci.yml
+++ b/.styleci.yml
@ -1,9 +0,0 @@
 php:
  preset: laravel
  disabled:
    - no_unused_imports
  finder:
    not-name:
      - index.php
 js: true
 css: true
--- a/app/Console/Commands/CopyMediaToLocal.php
+++ b/app/Console/Commands/CopyMediaToLocal.php
@ -0,0 +1,69 @@
 <?php
 namespace App\Console\Commands;
 use App\Models\Media;
 use Illuminate\Console\Command;
 use Illuminate\Support\Facades\Storage;
 class CopyMediaToLocal extends Command
 {
    /**
     * The name and signature of the console command.
     *
     * @var string
     */
    protected $signature = 'app:copy-media-to-local';
    /**
     * The console command description.
     *
     * @var string
     */
    protected $description = 'Copy any historic media saved to S3 to the local filesystem';
    /**
     * Execute the console command.
     */
    public function handle()
    {
        // Load all the Media records
        $media = Media::all();
        // Loop through each media record and copy the file from S3 to the local filesystem
        foreach ($media as $mediaItem) {
            $filename = $mediaItem->path;
            $this->info('Processing: ' . $filename);
            // If the file is already saved locally skip to next one
            if (Storage::disk('local')->exists('public/' . $filename)) {
                $this->info('File already exists locally, skipping');
                continue;
            }
            // Copy the file from S3 to the local filesystem
            if (! Storage::disk('s3')->exists($filename)) {
                $this->error('File does not exist on S3');
                continue;
            }
            $contents = Storage::disk('s3')->get($filename);
            Storage::disk('local')->put('public/' . $filename, $contents);
            // Copy -medium and -small versions if they exist
            $filenameParts = explode('.', $filename);
            $extension = array_pop($filenameParts);
            $basename = trim(implode('.', $filenameParts), '.');
            $mediumFilename = $basename . '-medium.' . $extension;
            $smallFilename = $basename . '-small.' . $extension;
            if (Storage::disk('s3')->exists($mediumFilename)) {
                Storage::disk('local')->put('public/' . $mediumFilename, Storage::disk('s3')->get($mediumFilename));
            }
            if (Storage::disk('s3')->exists($smallFilename)) {
                Storage::disk('local')->put('public/' . $smallFilename, Storage::disk('s3')->get($smallFilename));
            }
        }
    }
 }
--- a/app/Console/Commands/MigratePlaceDataFromPostgis.php
+++ b/app/Console/Commands/MigratePlaceDataFromPostgis.php
@ -8,8 +8,6 @@ use Illuminate\Support\Facades\DB;
 /**
 * @codeCoverageIgnore
 *
 * @psalm-suppress UnusedClass
 */
 class MigratePlaceDataFromPostgis extends Command
 {
--- a/app/Console/Commands/ParseCachedWebMentions.php
+++ b/app/Console/Commands/ParseCachedWebMentions.php
@ -9,9 +9,6 @@ use Illuminate\Console\Command;
 use Illuminate\Contracts\Filesystem\FileNotFoundException;
 use Illuminate\FileSystem\FileSystem;
 /**
 * @psalm-suppress UnusedClass
 */
 class ParseCachedWebMentions extends Command
 {
    /**
--- a/app/Console/Commands/ReDownloadWebMentions.php
+++ b/app/Console/Commands/ReDownloadWebMentions.php
@ -8,9 +8,6 @@ use App\Jobs\DownloadWebMention;
 use App\Models\WebMention;
 use Illuminate\Console\Command;
 /**
 * @psalm-suppress UnusedClass
 */
 class ReDownloadWebMentions extends Command
 {
    /**
--- a/app/Console/Commands/UpdateWebmentionsRelationship.php
+++ b/app/Console/Commands/UpdateWebmentionsRelationship.php
@ -0,0 +1,36 @@
 <?php
 namespace App\Console\Commands;
 use App\Models\Note;
 use Illuminate\Console\Command;
 use Illuminate\Support\Facades\DB;
 class UpdateWebmentionsRelationship extends Command
 {
    /**
     * The name and signature of the console command.
     *
     * @var string
     */
    protected $signature = 'webmentions:update-model-relationship';
    /**
     * The console command description.
     *
     * @var string
     */
    protected $description = 'Update webmentions to relate to the correct note model class';
    /**
     * Execute the console command.
     */
    public function handle()
    {
        DB::table('webmentions')
            ->where('commentable_type', '=', 'App\Model\Note')
            ->update(['commentable_type' => Note::class]);
        $this->info('All webmentions updated to relate to the correct note model class');
    }
 }
--- a/app/Exceptions/InternetArchiveException.php
+++ b/app/Exceptions/InternetArchiveException.php
@ -2,6 +2,4 @@
 namespace App\Exceptions;
-class InternetArchiveException extends \Exception
+class InternetArchiveException extends \Exception {}
 {
 }
--- a/app/Exceptions/InvalidTokenScopeException.php
+++ b/app/Exceptions/InvalidTokenScopeException.php
@ -0,0 +1,7 @@
 <?php
 declare(strict_types=1);
 namespace App\Exceptions;
 class InvalidTokenScopeException extends \Exception {}
--- a/app/Exceptions/MicropubHandlerException.php
+++ b/app/Exceptions/MicropubHandlerException.php
@ -0,0 +1,7 @@
 <?php
 declare(strict_types=1);
 namespace App\Exceptions;
 class MicropubHandlerException extends \Exception {}
--- a/app/Http/Controllers/Admin/ArticlesController.php
+++ b/app/Http/Controllers/Admin/ArticlesController.php
@ -9,9 +9,6 @@ use App\Models\Article;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\View\View;
 /**
 * @psalm-suppress UnusedClass
 */
 class ArticlesController extends Controller
 {
    public function index(): View
--- a/app/Http/Controllers/Admin/BioController.php
+++ b/app/Http/Controllers/Admin/BioController.php
@ -10,9 +10,6 @@ use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
 use Illuminate\View\View;
 /**
 * @psalm-suppress UnusedClass
 */
 class BioController extends Controller
 {
    public function show(): View
--- a/app/Http/Controllers/Admin/ClientsController.php
+++ b/app/Http/Controllers/Admin/ClientsController.php
@ -9,9 +9,6 @@ use App\Models\MicropubClient;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\View\View;
 /**
 * @psalm-suppress UnusedClass
 */
 class ClientsController extends Controller
 {
    /**
--- a/app/Http/Controllers/Admin/ContactsController.php
+++ b/app/Http/Controllers/Admin/ContactsController.php
@ -12,9 +12,6 @@ use Illuminate\Http\RedirectResponse;
 use Illuminate\Support\Arr;
 use Illuminate\View\View;
 /**
 * @psalm-suppress UnusedClass
 */
 class ContactsController extends Controller
 {
    /**
@ -40,7 +37,7 @@ class ContactsController extends Controller
     */
    public function store(): RedirectResponse
    {
-        $contact = new Contact();
+        $contact = new Contact;
        $contact->name = request()->input('name');
        $contact->nick = request()->input('nick');
        $contact->homepage = request()->input('homepage');
@ -79,7 +76,7 @@ class ContactsController extends Controller
        if (request()->hasFile('avatar') && (request()->input('homepage') != '')) {
            $dir = parse_url(request()->input('homepage'), PHP_URL_HOST);
            $destination = public_path() . '/assets/profile-images/' . $dir;
-            $filesystem = new Filesystem();
+            $filesystem = new Filesystem;
            if ($filesystem->isDirectory($destination) === false) {
                $filesystem->makeDirectory($destination);
            }
@ -139,7 +136,7 @@ class ContactsController extends Controller
            }
            if ($avatar !== null) {
                $directory = public_path() . '/assets/profile-images/' . parse_url($contact->homepage, PHP_URL_HOST);
-                $filesystem = new Filesystem();
+                $filesystem = new Filesystem;
                if ($filesystem->isDirectory($directory) === false) {
                    $filesystem->makeDirectory($directory);
                }
--- a/app/Http/Controllers/Admin/HomeController.php
+++ b/app/Http/Controllers/Admin/HomeController.php
@ -7,9 +7,6 @@ namespace App\Http\Controllers\Admin;
 use App\Http\Controllers\Controller;
 use Illuminate\View\View;
 /**
 * @psalm-suppress UnusedClass
 */
 class HomeController extends Controller
 {
    /**
--- a/app/Http/Controllers/Admin/LikesController.php
+++ b/app/Http/Controllers/Admin/LikesController.php
@ -10,9 +10,6 @@ use App\Models\Like;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\View\View;
 /**
 * @psalm-suppress UnusedClass
 */
 class LikesController extends Controller
 {
    /**
--- a/app/Http/Controllers/Admin/NotesController.php
+++ b/app/Http/Controllers/Admin/NotesController.php
@ -11,9 +11,6 @@ use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
 use Illuminate\View\View;
 /**
 * @psalm-suppress UnusedClass
 */
 class NotesController extends Controller
 {
    /**
--- a/app/Http/Controllers/Admin/PasskeysController.php
+++ b/app/Http/Controllers/Admin/PasskeysController.php
@ -18,8 +18,8 @@ use Illuminate\Support\Facades\App;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\View\View;
 use ParagonIE\ConstantTime\Base64UrlSafe;
 use Random\RandomException;
 use Throwable;
 use Webauthn\AttestationStatement\AttestationObjectLoader;
 use Webauthn\AttestationStatement\AttestationStatementSupportManager;
 use Webauthn\AttestationStatement\NoneAttestationStatementSupport;
 use Webauthn\AuthenticationExtensions\ExtensionOutputCheckerHandler;
@ -28,18 +28,17 @@ use Webauthn\AuthenticatorAssertionResponseValidator;
 use Webauthn\AuthenticatorAttestationResponse;
 use Webauthn\AuthenticatorAttestationResponseValidator;
 use Webauthn\AuthenticatorSelectionCriteria;
 use Webauthn\CeremonyStep\CeremonyStepManagerFactory;
 use Webauthn\Denormalizer\WebauthnSerializerFactory;
 use Webauthn\Exception\WebauthnException;
 use Webauthn\PublicKeyCredential;
 use Webauthn\PublicKeyCredentialCreationOptions;
 use Webauthn\PublicKeyCredentialLoader;
 use Webauthn\PublicKeyCredentialParameters;
 use Webauthn\PublicKeyCredentialRequestOptions;
 use Webauthn\PublicKeyCredentialRpEntity;
 use Webauthn\PublicKeyCredentialSource;
 use Webauthn\PublicKeyCredentialUserEntity;
 /**
 * @psalm-suppress UnusedClass
 */
 class PasskeysController extends Controller
 {
    public function index(): View
@ -51,22 +50,26 @@ class PasskeysController extends Controller
        return view('admin.passkeys.index', compact('passkeys'));
    }
-    public function getCreateOptions(): JsonResponse
+    /**
     * @throws RandomException
     * @throws \JsonException
     */
    public function getCreateOptions(Request $request): JsonResponse
    {
        /** @var User $user */
        $user = auth()->user();
        // RP Entity i.e. the application
        $rpEntity = PublicKeyCredentialRpEntity::create(
-            config('app.name'),
+            name: config('app.name'),
-            config('url.longurl'),
+            id: config('app.url'),
        );
        // User Entity
        $userEntity = PublicKeyCredentialUserEntity::create(
-            $user->name,
+            name: $user->name,
-            (string) $user->id,
+            id: (string) $user->id,
-            $user->name,
+            displayName: $user->name,
        );
        // Challenge
@ -84,70 +87,100 @@ class PasskeysController extends Controller
        $authenticatorSelectionCriteria = AuthenticatorSelectionCriteria::create(
            userVerification: AuthenticatorSelectionCriteria::USER_VERIFICATION_REQUIREMENT_REQUIRED,
            residentKey: AuthenticatorSelectionCriteria::RESIDENT_KEY_REQUIREMENT_REQUIRED,
            requireResidentKey: true,
        );
-        $options = PublicKeyCredentialCreationOptions::create(
+        $publicKeyCredentialCreationOptions = PublicKeyCredentialCreationOptions::create(
-            $rpEntity,
+            rp: $rpEntity,
-            $userEntity,
+            user: $userEntity,
-            $challenge,
+            challenge: $challenge,
-            $pubKeyCredParams,
+            pubKeyCredParams: $pubKeyCredParams,
            authenticatorSelection: $authenticatorSelectionCriteria,
            attestation: PublicKeyCredentialCreationOptions::ATTESTATION_CONVEYANCE_PREFERENCE_NONE
        );
-        $options = json_encode($options, JSON_THROW_ON_ERROR);
+        $attestationStatementSupportManager = new AttestationStatementSupportManager;
        $attestationStatementSupportManager->add(new NoneAttestationStatementSupport);
        $webauthnSerializerFactory = new WebauthnSerializerFactory(
            attestationStatementSupportManager: $attestationStatementSupportManager
        );
        $webauthnSerializer = $webauthnSerializerFactory->create();
        $publicKeyCredentialCreationOptions = $webauthnSerializer->serialize(
            data: $publicKeyCredentialCreationOptions,
            format: 'json'
        );
-        session(['create_options' => $options]);
+        $request->session()->put('create_options', $publicKeyCredentialCreationOptions);
-        return JsonResponse::fromJsonString($options);
+        return JsonResponse::fromJsonString($publicKeyCredentialCreationOptions);
    }
    /**
     * @throws Throwable
     * @throws WebauthnException
     * @throws \JsonException
     */
    public function create(Request $request): JsonResponse
    {
        /** @var User $user */
        $user = auth()->user();
        $publicKeyCredentialCreationOptionsData = session('create_options');
        // Unset session data to mitigate replay attacks
        $request->session()->forget('create_options');
        if (empty($publicKeyCredentialCreationOptionsData)) {
            throw new WebAuthnException('No public key credential request options found');
        }
        $publicKeyCredentialCreationOptions = PublicKeyCredentialCreationOptions::createFromString($publicKeyCredentialCreationOptionsData);
-        // Unset session data to mitigate replay attacks
+        $attestationStatementSupportManager = new AttestationStatementSupportManager;
-        session()->forget('create_options');
+        $attestationStatementSupportManager->add(new NoneAttestationStatementSupport);
        $webauthnSerializerFactory = new WebauthnSerializerFactory(
            attestationStatementSupportManager: $attestationStatementSupportManager
        );
        $webauthnSerializer = $webauthnSerializerFactory->create();
-        $attestationSupportManager = AttestationStatementSupportManager::create();
+        $publicKeyCredential = $webauthnSerializer->deserialize(
-        $attestationSupportManager->add(NoneAttestationStatementSupport::create());
+            json_encode($request->all(), JSON_THROW_ON_ERROR),
-        $attestationObjectLoader = AttestationObjectLoader::create($attestationSupportManager);
+            PublicKeyCredential::class,
-        $publicKeyCredentialLoader = PublicKeyCredentialLoader::create($attestationObjectLoader);
+            'json'
-
+        );
        $publicKeyCredential = $publicKeyCredentialLoader->load(json_encode($request->all(), JSON_THROW_ON_ERROR));
        if (! $publicKeyCredential->response instanceof AuthenticatorAttestationResponse) {
            throw new WebAuthnException('Invalid response type');
        }
-        $attestationStatementSupportManager = AttestationStatementSupportManager::create();
+        $algorithmManager = new Manager;
-        $attestationStatementSupportManager->add(NoneAttestationStatementSupport::create());
+        $algorithmManager->add(new Ed25519);
        $algorithmManager->add(new ES256);
        $algorithmManager->add(new RS256);
        $ceremonyStepManagerFactory = new CeremonyStepManagerFactory;
        $ceremonyStepManagerFactory->setAlgorithmManager($algorithmManager);
        $ceremonyStepManagerFactory->setAttestationStatementSupportManager(
            $attestationStatementSupportManager
        );
        $ceremonyStepManagerFactory->setExtensionOutputCheckerHandler(
            ExtensionOutputCheckerHandler::create()
        );
        $allowedOrigins = [];
        if (App::environment('local', 'development')) {
            $allowedOrigins = [config('app.url')];
        }
        $ceremonyStepManagerFactory->setAllowedOrigins($allowedOrigins);
        $authenticatorAttestationResponseValidator = AuthenticatorAttestationResponseValidator::create(
-            attestationStatementSupportManager: $attestationStatementSupportManager,
+            ceremonyStepManager: $ceremonyStepManagerFactory->creationCeremony()
            publicKeyCredentialSourceRepository: null,
            tokenBindingHandler: null,
            extensionOutputCheckerHandler: ExtensionOutputCheckerHandler::create(),
        );
-        $securedRelyingPartyId = [];
+        $publicKeyCredentialCreationOptions = $webauthnSerializer->deserialize(
-        if (App::environment('local', 'development')) {
+            $publicKeyCredentialCreationOptionsData,
-            $securedRelyingPartyId = [config('url.longurl')];
+            PublicKeyCredentialCreationOptions::class,
-        }
+            'json'
        );
        $publicKeyCredentialSource = $authenticatorAttestationResponseValidator->check(
            authenticatorAttestationResponse: $publicKeyCredential->response,
            publicKeyCredentialCreationOptions: $publicKeyCredentialCreationOptions,
-            request: config('url.longurl'),
+            host: config('app.url')
            securedRelyingPartyId: $securedRelyingPartyId,
        );
        $user->passkey()->create([
@ -161,24 +194,37 @@ class PasskeysController extends Controller
        ]);
    }
-    public function getRequestOptions(): JsonResponse
+    /**
     * @throws RandomException
     * @throws \JsonException
     */
    public function getRequestOptions(Request $request): JsonResponse
    {
        $publicKeyCredentialRequestOptions = PublicKeyCredentialRequestOptions::create(
            challenge: random_bytes(16),
            userVerification: PublicKeyCredentialRequestOptions::USER_VERIFICATION_REQUIREMENT_REQUIRED
        );
-        $publicKeyCredentialRequestOptions = json_encode($publicKeyCredentialRequestOptions, JSON_THROW_ON_ERROR);
+        $attestationStatementSupportManager = AttestationStatementSupportManager::create();
        $attestationStatementSupportManager->add(NoneAttestationStatementSupport::create());
        $factory = new WebauthnSerializerFactory(
            attestationStatementSupportManager: $attestationStatementSupportManager
        );
        $serializer = $factory->create();
        $publicKeyCredentialRequestOptions = $serializer->serialize(data: $publicKeyCredentialRequestOptions, format: 'json');
-        session(['request_options' => $publicKeyCredentialRequestOptions]);
+        $request->session()->put('request_options', $publicKeyCredentialRequestOptions);
        return JsonResponse::fromJsonString($publicKeyCredentialRequestOptions);
    }
    /**
     * @throws \JsonException
     */
    public function login(Request $request): JsonResponse
    {
        $requestOptions = session('request_options');
-        session()->forget('request_options');
+        $request->session()->forget('request_options');
        if (empty($requestOptions)) {
            return response()->json([
@ -187,14 +233,19 @@ class PasskeysController extends Controller
            ], 400);
        }
-        $publicKeyCredentialRequestOptions = PublicKeyCredentialRequestOptions::createFromString($requestOptions);
+        $attestationStatementSupportManager = new AttestationStatementSupportManager;
        $attestationStatementSupportManager->add(new NoneAttestationStatementSupport);
-        $attestationSupportManager = AttestationStatementSupportManager::create();
+        $webauthnSerializerFactory = new WebauthnSerializerFactory(
-        $attestationSupportManager->add(NoneAttestationStatementSupport::create());
+            attestationStatementSupportManager: $attestationStatementSupportManager
-        $attestationObjectLoader = AttestationObjectLoader::create($attestationSupportManager);
+        );
-        $publicKeyCredentialLoader = PublicKeyCredentialLoader::create($attestationObjectLoader);
+        $webauthnSerializer = $webauthnSerializerFactory->create();
-        $publicKeyCredential = $publicKeyCredentialLoader->load(json_encode($request->all(), JSON_THROW_ON_ERROR));
+        $publicKeyCredential = $webauthnSerializer->deserialize(
            json_encode($request->all(), JSON_THROW_ON_ERROR),
            PublicKeyCredential::class,
            'json'
        );
        if (! $publicKeyCredential->response instanceof AuthenticatorAssertionResponse) {
            return response()->json([
@ -211,33 +262,51 @@ class PasskeysController extends Controller
            ], 404);
        }
-        $credential = PublicKeyCredentialSource::createFromArray(json_decode($passkey->passkey, true, 512, JSON_THROW_ON_ERROR));
+        $publicKeyCredentialSource = $webauthnSerializer->deserialize(
-
+            $passkey->passkey,
-        $algorithmManager = Manager::create();
+            PublicKeyCredentialSource::class,
-        $algorithmManager->add(new Ed25519());
+            'json'
        $algorithmManager->add(new ES256());
        $algorithmManager->add(new RS256());
        $authenticatorAssertionResponseValidator = new AuthenticatorAssertionResponseValidator(
            publicKeyCredentialSourceRepository: null,
            tokenBindingHandler: null,
            extensionOutputCheckerHandler: ExtensionOutputCheckerHandler::create(),
            algorithmManager: $algorithmManager,
        );
-        $securedRelyingPartyId = [];
+        $algorithmManager = new Manager;
        $algorithmManager->add(new Ed25519);
        $algorithmManager->add(new ES256);
        $algorithmManager->add(new RS256);
        $attestationStatementSupportManager = new AttestationStatementSupportManager;
        $attestationStatementSupportManager->add(new NoneAttestationStatementSupport);
        $ceremonyStepManagerFactory = new CeremonyStepManagerFactory;
        $ceremonyStepManagerFactory->setAlgorithmManager($algorithmManager);
        $ceremonyStepManagerFactory->setAttestationStatementSupportManager(
            $attestationStatementSupportManager
        );
        $ceremonyStepManagerFactory->setExtensionOutputCheckerHandler(
            ExtensionOutputCheckerHandler::create()
        );
        $allowedOrigins = [];
        if (App::environment('local', 'development')) {
-            $securedRelyingPartyId = [config('url.longurl')];
+            $allowedOrigins = [config('app.url')];
        }
        $ceremonyStepManagerFactory->setAllowedOrigins($allowedOrigins);
        $authenticatorAssertionResponseValidator = AuthenticatorAssertionResponseValidator::create(
            ceremonyStepManager: $ceremonyStepManagerFactory->requestCeremony()
        );
        $publicKeyCredentialRequestOptions = $webauthnSerializer->deserialize(
            $requestOptions,
            PublicKeyCredentialRequestOptions::class,
            'json'
        );
        try {
            $authenticatorAssertionResponseValidator->check(
-                credentialId: $credential,
+                publicKeyCredentialSource: $publicKeyCredentialSource,
                authenticatorAssertionResponse: $publicKeyCredential->response,
                publicKeyCredentialRequestOptions: $publicKeyCredentialRequestOptions,
-                request: config('url.longurl'),
+                host: config('app.url'),
                userHandle: null,
                securedRelyingPartyId: $securedRelyingPartyId,
            );
        } catch (Throwable) {
            return response()->json([
--- a/app/Http/Controllers/Admin/PlacesController.php
+++ b/app/Http/Controllers/Admin/PlacesController.php
@ -10,9 +10,6 @@ use App\Services\PlaceService;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\View\View;
 /**
 * @psalm-suppress UnusedClass
 */
 class PlacesController extends Controller
 {
    protected PlaceService $placeService;
--- a/app/Http/Controllers/Admin/SyndicationTargetsController.php
+++ b/app/Http/Controllers/Admin/SyndicationTargetsController.php
@ -10,9 +10,6 @@ use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
 use Illuminate\View\View;
 /**
 * @psalm-suppress UnusedClass
 */
 class SyndicationTargetsController extends Controller
 {
    /**
--- a/app/Http/Controllers/ArticlesController.php
+++ b/app/Http/Controllers/ArticlesController.php
@ -10,9 +10,6 @@ use Illuminate\Http\RedirectResponse;
 use Illuminate\View\View;
 use Jonnybarnes\IndieWeb\Numbers;
 /**
 * @psalm-suppress UnusedClass
 */
 class ArticlesController extends Controller
 {
    /**
--- a/app/Http/Controllers/AuthController.php
+++ b/app/Http/Controllers/AuthController.php
@ -9,9 +9,6 @@ use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\View\View;
 /**
 * @psalm-suppress UnusedClass
 */
 class AuthController extends Controller
 {
    /**
--- a/app/Http/Controllers/BookmarksController.php
+++ b/app/Http/Controllers/BookmarksController.php
@ -7,9 +7,6 @@ namespace App\Http\Controllers;
 use App\Models\Bookmark;
 use Illuminate\View\View;
 /**
 * @psalm-suppress UnusedClass
 */
 class BookmarksController extends Controller
 {
    /**
--- a/app/Http/Controllers/ContactsController.php
+++ b/app/Http/Controllers/ContactsController.php
@ -8,9 +8,6 @@ use App\Models\Contact;
 use Illuminate\Filesystem\Filesystem;
 use Illuminate\View\View;
 /**
 * @psalm-suppress UnusedClass
 */
 class ContactsController extends Controller
 {
    /**
@ -18,7 +15,7 @@ class ContactsController extends Controller
     */
    public function index(): View
    {
-        $filesystem = new Filesystem();
+        $filesystem = new Filesystem;
        $contacts = Contact::all();
        foreach ($contacts as $contact) {
            $contact->homepageHost = parse_url($contact->homepage, PHP_URL_HOST);
@ -40,7 +37,7 @@ class ContactsController extends Controller
        $contact->homepageHost = parse_url($contact->homepage, PHP_URL_HOST);
        $file = public_path() . '/assets/profile-images/' . $contact->homepageHost . '/image';
-        $filesystem = new Filesystem();
+        $filesystem = new Filesystem;
        $image = ($filesystem->exists($file)) ?
            '/assets/profile-images/' . $contact->homepageHost . '/image'
        :
--- a/app/Http/Controllers/Controller.php
+++ b/app/Http/Controllers/Controller.php
@ -2,11 +2,7 @@
 namespace App\Http\Controllers;
-use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
+abstract class Controller
 use Illuminate\Foundation\Validation\ValidatesRequests;
 use Illuminate\Routing\Controller as BaseController;
 class Controller extends BaseController
 {
-    use AuthorizesRequests, ValidatesRequests;
+    //
 }
--- a/app/Http/Controllers/FeedsController.php
+++ b/app/Http/Controllers/FeedsController.php
@ -9,9 +9,6 @@ use App\Models\Note;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Response;
 /**
 * @psalm-suppress UnusedClass
 */
 class FeedsController extends Controller
 {
    /**
@ -122,8 +119,8 @@ class FeedsController extends Controller
        foreach ($notes as $key => $note) {
            $data['items'][$key] = [
-                'id' => $note->longurl,
+                'id' => $note->uri,
-                'url' => $note->longurl,
+                'url' => $note->uri,
                'content_text' => $note->content,
                'date_published' => $note->created_at->tz('UTC')->toRfc3339String(),
                'date_modified' => $note->updated_at->tz('UTC')->toRfc3339String(),
@ -164,7 +161,7 @@ class FeedsController extends Controller
            'author' => [
                'type' => 'card',
                'name' => config('user.display_name'),
-                'url' => config('url.longurl'),
+                'url' => config('app.url'),
            ],
            'children' => $items,
        ], 200, [
@ -183,8 +180,8 @@ class FeedsController extends Controller
            $items[] = [
                'type' => 'entry',
                'published' => $note->created_at,
-                'uid' => $note->longurl,
+                'uid' => $note->uri,
-                'url' => $note->longurl,
+                'url' => $note->uri,
                'content' => [
                    'text' => $note->getRawOriginal('note'),
                    'html' => $note->note,
@ -200,7 +197,7 @@ class FeedsController extends Controller
            'author' => [
                'type' => 'card',
                'name' => config('user.display_name'),
-                'url' => config('url.longurl'),
+                'url' => config('app.url'),
            ],
            'children' => $items,
        ], 200, [
--- a/app/Http/Controllers/FrontPageController.php
+++ b/app/Http/Controllers/FrontPageController.php
@ -10,9 +10,6 @@ use App\Models\Note;
 use Illuminate\Http\Response;
 use Illuminate\View\View;
 /**
 * @psalm-suppress UnusedClass
 */
 class FrontPageController extends Controller
 {
    /**
--- a/app/Http/Controllers/IndieAuthController.php
+++ b/app/Http/Controllers/IndieAuthController.php
@ -0,0 +1,327 @@
 <?php
 declare(strict_types=1);
 namespace App\Http\Controllers;
 use App\Services\TokenService;
 use Exception;
 use GuzzleHttp\Client;
 use GuzzleHttp\Psr7\Uri;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Cache;
 use Illuminate\Support\Facades\Validator;
 use Illuminate\View\View;
 use Random\RandomException;
 use SodiumException;
 class IndieAuthController extends Controller
 {
    public function indieAuthMetadataEndpoint(): JsonResponse
    {
        return response()->json([
            'issuer' => config('app.url'),
            'authorization_endpoint' => route('indieauth.start'),
            'token_endpoint' => route('indieauth.token'),
            'code_challenge_methods_supported' => ['S256'],
            // 'introspection_endpoint' => route('indieauth.introspection'),
            // 'introspection_endpoint_auth_methods_supported' => ['none'],
        ]);
    }
    /**
     * Process a GET request to the IndieAuth endpoint.
     *
     * This is the first step in the IndieAuth flow, where the client app sends the user to the IndieAuth endpoint.
     */
    public function start(Request $request): View
    {
        // First check all required params are present
        $validator = Validator::make($request->all(), [
            'response_type' => 'required:string',
            'client_id' => 'required',
            'redirect_uri' => 'required',
            'state' => 'required',
            'code_challenge' => 'required:string',
            'code_challenge_method' => 'required:string',
        ], [
            'response_type' => 'response_type is required',
            'client_id.required' => 'client_id is required to display which app is asking for authentication',
            'redirect_uri.required' => 'redirect_uri is required so we can progress successful requests',
            'state.required' => 'state is required',
            'code_challenge.required' => 'code_challenge is required',
            'code_challenge_method.required' => 'code_challenge_method is required',
        ]);
        if ($validator->fails()) {
            return view('indieauth.error')->withErrors($validator);
        }
        if ($request->get('response_type') !== 'code') {
            return view('indieauth.error')->withErrors(['response_type' => 'only a response_type of "code" is supported']);
        }
        if (mb_strtoupper($request->get('code_challenge_method')) !== 'S256') {
            return view('indieauth.error')->withErrors(['code_challenge_method' => 'only a code_challenge_method of "S256" is supported']);
        }
        if (! $this->isValidRedirectUri($request->get('client_id'), $request->get('redirect_uri'))) {
            return view('indieauth.error')->withErrors(['redirect_uri' => 'redirect_uri is not valid for this client_id']);
        }
        $scopes = $request->get('scope', '');
        $scopes = explode(' ', $scopes);
        return view('indieauth.start', [
            'me' => $request->get('me'),
            'client_id' => $request->get('client_id'),
            'redirect_uri' => $request->get('redirect_uri'),
            'state' => $request->get('state'),
            'scopes' => $scopes,
            'code_challenge' => $request->get('code_challenge'),
            'code_challenge_method' => $request->get('code_challenge_method'),
        ]);
    }
    /**
     * Confirm an IndieAuth approval request.
     *
     * Generates an auth code and redirects the user back to the client app.
     *
     * @throws RandomException
     */
    public function confirm(Request $request): RedirectResponse
    {
        $authCode = bin2hex(random_bytes(16));
        $cacheKey = hash('xxh3', $request->get('client_id'));
        $indieAuthRequestData = [
            'code_challenge' => $request->get('code_challenge'),
            'code_challenge_method' => $request->get('code_challenge_method'),
            'client_id' => $request->get('client_id'),
            'redirect_uri' => $request->get('redirect_uri'),
            'auth_code' => $authCode,
            'scope' => implode(' ', $request->get('scope', '')),
        ];
        Cache::put($cacheKey, $indieAuthRequestData, now()->addMinutes(10));
        $redirectUri = new Uri($request->get('redirect_uri'));
        $redirectUri = Uri::withQueryValues($redirectUri, [
            'code' => $authCode,
            'state' => $request->get('state'),
            'iss' => config('app.url'),
        ]);
        return redirect()->away($redirectUri);
    }
    /**
     * Process a POST request to the IndieAuth auth endpoint.
     *
     * This is one possible second step in the IndieAuth flow, where the client app sends the auth code to the IndieAuth
     * endpoint. As it is to the auth endpoint we return profile information. A similar request can be made to the token
     * endpoint to get an access token.
     */
    public function processCodeExchange(Request $request): JsonResponse
    {
        $invalidCodeResponse = $this->validateAuthorizationCode($request);
        if ($invalidCodeResponse instanceof JsonResponse) {
            return $invalidCodeResponse;
        }
        return response()->json([
            'me' => config('app.url'),
        ]);
    }
    /**
     * Process a POST request to the IndieAuth token endpoint.
     *
     * This is another possible second step in the IndieAuth flow, where the client app sends the auth code to the
     * IndieAuth token endpoint. As it is to the token endpoint we return an access token.
     *
     * @throws SodiumException
     */
    public function processTokenRequest(Request $request): JsonResponse
    {
        $indieAuthData = $this->validateAuthorizationCode($request);
        if ($indieAuthData instanceof JsonResponse) {
            return $indieAuthData;
        }
        if ($indieAuthData['scope'] === '') {
            return response()->json(['errors' => [
                'scope' => [
                    'The scope property must be non-empty for an access token to be issued.',
                ],
            ]], 400);
        }
        $tokenData = [
            'me' => config('app.url'),
            'client_id' => $request->get('client_id'),
            'scope' => $indieAuthData['scope'],
        ];
        $tokenService = resolve(TokenService::class);
        $token = $tokenService->getNewToken($tokenData);
        return response()->json([
            'access_token' => $token,
            'token_type' => 'Bearer',
            'scope' => $indieAuthData['scope'],
            'me' => config('app.url'),
        ]);
    }
    protected function isValidRedirectUri(string $clientId, string $redirectUri): bool
    {
        // If client_id is not a valid URL, then it's not valid
        $clientIdParsed = \Mf2\parseUriToComponents($clientId);
        if (! isset($clientIdParsed['authority'])) {
            return false;
        }
        // If redirect_uri is not a valid URL, then it's not valid
        $redirectUriParsed = \Mf2\parseUriToComponents($redirectUri);
        if (! isset($redirectUriParsed['authority'])) {
            return false;
        }
        // If client_id and redirect_uri are the same host, then it's valid
        if ($clientIdParsed['authority'] === $redirectUriParsed['authority']) {
            return true;
        }
        // Otherwise we need to check the redirect_uri is in the client_id's redirect_uris
        $guzzle = resolve(Client::class);
        try {
            $clientInfo = $guzzle->get($clientId);
        } catch (Exception) {
            return false;
        }
        $clientInfoParsed = \Mf2\parse($clientInfo->getBody()->getContents(), $clientId);
        $redirectUris = $clientInfoParsed['rels']['redirect_uri'] ?? [];
        return in_array($redirectUri, $redirectUris, true);
    }
    /**
     * @throws SodiumException
     */
    protected function validateAuthorizationCode(Request $request): JsonResponse|array
    {
        // First check all the data is present
        $validator = Validator::make($request->all(), [
            'grant_type' => 'required:string',
            'code' => 'required:string',
            'client_id' => 'required',
            'redirect_uri' => 'required',
            'code_verifier' => 'required',
        ]);
        if ($validator->fails()) {
            return response()->json(['errors' => $validator->errors()], 400);
        }
        if ($request->get('grant_type') !== 'authorization_code') {
            return response()->json(['errors' => [
                'grant_type' => [
                    'Only a grant type of "authorization_code" is supported.',
                ],
            ]], 400);
        }
        // Check cache for auth code
        $cacheKey = hash('xxh3', $request->get('client_id'));
        $indieAuthRequestData = Cache::pull($cacheKey);
        if ($indieAuthRequestData === null) {
            return response()->json(['errors' => [
                'code' => [
                    'The code is invalid.',
                ],
            ]], 404);
        }
        // Check the IndieAuth code
        if (! array_key_exists('auth_code', $indieAuthRequestData)) {
            return response()->json(['errors' => [
                'code' => [
                    'The code is invalid.',
                ],
            ]], 400);
        }
        if ($indieAuthRequestData['auth_code'] !== $request->get('code')) {
            return response()->json(['errors' => [
                'code' => [
                    'The code is invalid.',
                ],
            ]], 400);
        }
        // Check code verifier
        if (! array_key_exists('code_challenge', $indieAuthRequestData)) {
            return response()->json(['errors' => [
                'code_verifier' => [
                    'The code verifier is invalid.',
                ],
            ]], 400);
        }
        if (! hash_equals(
            $indieAuthRequestData['code_challenge'],
            sodium_bin2base64(
                hash('sha256', $request->get('code_verifier'), true),
                SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING
            )
        )) {
            return response()->json(['errors' => [
                'code_verifier' => [
                    'The code verifier is invalid.',
                ],
            ]], 400);
        }
        // Check redirect_uri
        if (! array_key_exists('redirect_uri', $indieAuthRequestData)) {
            return response()->json(['errors' => [
                'redirect_uri' => [
                    'The redirect uri is invalid.',
                ],
            ]], 400);
        }
        if ($indieAuthRequestData['redirect_uri'] !== $request->get('redirect_uri')) {
            return response()->json(['errors' => [
                'redirect_uri' => [
                    'The redirect uri is invalid.',
                ],
            ]], 400);
        }
        // Check client_id
        if (! array_key_exists('client_id', $indieAuthRequestData)) {
            return response()->json(['errors' => [
                'client_id' => [
                    'The client id is invalid.',
                ],
            ]], 400);
        }
        if ($indieAuthRequestData['client_id'] !== $request->get('client_id')) {
            return response()->json(['errors' => [
                'client_id' => [
                    'The client id is invalid.',
                ],
            ]], 400);
        }
        return $indieAuthRequestData;
    }
 }
--- a/app/Http/Controllers/LikesController.php
+++ b/app/Http/Controllers/LikesController.php
@ -7,9 +7,6 @@ namespace App\Http\Controllers;
 use App\Models\Like;
 use Illuminate\View\View;
 /**
 * @psalm-suppress UnusedClass
 */
 class LikesController extends Controller
 {
    /**
--- a/app/Http/Controllers/MicropubController.php
+++ b/app/Http/Controllers/MicropubController.php
@ -4,110 +4,73 @@ declare(strict_types=1);
 namespace App\Http\Controllers;
-use App\Http\Responses\MicropubResponses;
+use App\Exceptions\InvalidTokenScopeException;
 use App\Exceptions\MicropubHandlerException;
 use App\Http\Requests\MicropubRequest;
 use App\Models\Place;
 use App\Models\SyndicationTarget;
-use App\Services\Micropub\HCardService;
+use App\Services\Micropub\MicropubHandlerRegistry;
 use App\Services\Micropub\HEntryService;
 use App\Services\Micropub\UpdateService;
 use App\Services\TokenService;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
-use Lcobucci\JWT\Encoding\CannotDecodeContent;
+use Lcobucci\JWT\Token;
 use Lcobucci\JWT\Token\InvalidTokenStructure;
 use Lcobucci\JWT\Validation\RequiredConstraintsViolated;
 use Monolog\Handler\StreamHandler;
 use Monolog\Logger;
 /**
 * @psalm-suppress UnusedClass
 */
 class MicropubController extends Controller
 {
-    protected TokenService $tokenService;
+    protected MicropubHandlerRegistry $handlerRegistry;
-    protected HEntryService $hentryService;
+    public function __construct(MicropubHandlerRegistry $handlerRegistry)
-
+    {
-    protected HCardService $hcardService;
+        $this->handlerRegistry = $handlerRegistry;
    protected UpdateService $updateService;
    public function __construct(
        TokenService $tokenService,
        HEntryService $hentryService,
        HCardService $hcardService,
        UpdateService $updateService
    ) {
        $this->tokenService = $tokenService;
        $this->hentryService = $hentryService;
        $this->hcardService = $hcardService;
        $this->updateService = $updateService;
    }
    /**
-     * This function receives an API request, verifies the authenticity
+     * Respond to a POST request to the micropub endpoint.
-     * then passes over the info to the relevant Service class.
+     *
     * The request is initially processed by the MicropubRequest form request
     * class. The normalizes the data, so we can pass it into the handlers for
     * the different micropub requests, h-entry or h-card, for example.
     */
-    public function post(Request $request): JsonResponse
+    public function post(MicropubRequest $request): JsonResponse
    {
        $type = $request->getType();
        if (! $type) {
            return response()->json([
                'error' => 'invalid_request',
                'error_description' => 'Microformat object type is missing, for example: h-entry or h-card',
            ], 400);
        }
        try {
-            $tokenData = $this->tokenService->validateToken($request->input('access_token'));
+            $handler = $this->handlerRegistry->getHandler($type);
-        } catch (RequiredConstraintsViolated|InvalidTokenStructure|CannotDecodeContent) {
+            $result = $handler->handle($request->getMicropubData());
            $micropubResponses = new MicropubResponses();
            return $micropubResponses->invalidTokenResponse();
        }
        if ($tokenData->claims()->has('scope') === false) {
            $micropubResponses = new MicropubResponses();
            return $micropubResponses->tokenHasNoScopeResponse();
        }
        $this->logMicropubRequest($request->all());
        if (($request->input('h') === 'entry') || ($request->input('type.0') === 'h-entry')) {
            if (stripos($tokenData->claims()->get('scope'), 'create') === false) {
                $micropubResponses = new MicropubResponses();
                return $micropubResponses->insufficientScopeResponse();
            }
            $location = $this->hentryService->process($request->all(), $this->getCLientId());
            // Return appropriate response based on the handler result
            return response()->json([
-                'response' => 'created',
+                'response' => $result['response'],
-                'location' => $location,
+                'location' => $result['url'] ?? null,
-            ], 201)->header('Location', $location);
+            ], 201)->header('Location', $result['url']);
-        }
+        } catch (\InvalidArgumentException $e) {
        if ($request->input('h') === 'card' || $request->input('type.0') === 'h-card') {
            if (stripos($tokenData->claims()->get('scope'), 'create') === false) {
                $micropubResponses = new MicropubResponses();
                return $micropubResponses->insufficientScopeResponse();
            }
            $location = $this->hcardService->process($request->all());
            return response()->json([
-                'response' => 'created',
+                'error' => 'invalid_request',
-                'location' => $location,
+                'error_description' => $e->getMessage(),
-            ], 201)->header('Location', $location);
+            ], 400);
-        }
+        } catch (MicropubHandlerException) {
        if ($request->input('action') === 'update') {
            if (stripos($tokenData->claims()->get('scope'), 'update') === false) {
                $micropubResponses = new MicropubResponses();
                return $micropubResponses->insufficientScopeResponse();
            }
            return $this->updateService->process($request->all());
        }
            return response()->json([
-            'response' => 'error',
+                'error' => 'Unknown Micropub type',
-            'error_description' => 'unsupported_request_type',
+                'error_description' => 'The request could not be processed by this server',
            ], 500);
        } catch (InvalidTokenScopeException) {
            return response()->json([
                'error' => 'invalid_scope',
                'error_description' => 'The token does not have the required scope for this request',
            ], 403);
        } catch (\Exception) {
            return response()->json([
                'error' => 'server_error',
                'error_description' => 'An error occurred processing the request',
            ], 500);
        }
    }
    /**
@ -120,12 +83,6 @@ class MicropubController extends Controller
     */
    public function get(Request $request): JsonResponse
    {
        try {
            $tokenData = $this->tokenService->validateToken($request->input('access_token'));
        } catch (RequiredConstraintsViolated|InvalidTokenStructure) {
            return (new MicropubResponses())->invalidTokenResponse();
        }
        if ($request->input('q') === 'syndicate-to') {
            return response()->json([
                'syndicate-to' => SyndicationTarget::all(),
@ -157,36 +114,17 @@ class MicropubController extends Controller
            ]);
        }
-        // default response is just to return the token data
+        // the default response is just to return the token data
        /** @var Token $tokenData */
        $tokenData = $request->input('token_data');
        return response()->json([
            'response' => 'token',
            'token' => [
-                'me' => $tokenData->claims()->get('me'),
+                'me' => $tokenData['me'],
-                'scope' => $tokenData->claims()->get('scope'),
+                'scope' => $tokenData['scope'],
-                'client_id' => $tokenData->claims()->get('client_id'),
+                'client_id' => $tokenData['client_id'],
            ],
        ]);
    }
    /**
     * Determine the client id from the access token sent with the request.
     *
     * @throws RequiredConstraintsViolated
     */
    private function getClientId(): string
    {
        return resolve(TokenService::class)
            ->validateToken(app('request')->input('access_token'))
            ->claims()->get('client_id');
    }
    /**
     * Save the details of the micropub request to a log file.
     */
    private function logMicropubRequest(array $request): void
    {
        $logger = new Logger('micropub');
        $logger->pushHandler(new StreamHandler(storage_path('logs/micropub.log')));
        $logger->debug('MicropubLog', $request);
    }
 }
--- a/app/Http/Controllers/MicropubMediaController.php
+++ b/app/Http/Controllers/MicropubMediaController.php
@ -7,54 +7,29 @@ namespace App\Http\Controllers;
 use App\Http\Responses\MicropubResponses;
 use App\Jobs\ProcessMedia;
 use App\Models\Media;
 use App\Services\TokenService;
 use Exception;
 use Illuminate\Contracts\Container\BindingResolutionException;
 use Illuminate\Http\File;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
 use Illuminate\Http\UploadedFile;
 use Illuminate\Support\Carbon;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Str;
 use Intervention\Image\ImageManager;
 use Lcobucci\JWT\Token\InvalidTokenStructure;
 use Lcobucci\JWT\Validation\RequiredConstraintsViolated;
 use Ramsey\Uuid\Uuid;
 /**
 * @psalm-suppress UnusedClass
 */
 class MicropubMediaController extends Controller
 {
    protected TokenService $tokenService;
    public function __construct(TokenService $tokenService)
    {
        $this->tokenService = $tokenService;
    }
    public function getHandler(Request $request): JsonResponse
    {
-        try {
+        $tokenData = $request->input('token_data');
            $tokenData = $this->tokenService->validateToken($request->input('access_token'));
        } catch (RequiredConstraintsViolated|InvalidTokenStructure) {
            $micropubResponses = new MicropubResponses();
-            return $micropubResponses->invalidTokenResponse();
+        $scopes = $tokenData['scope'];
        if (is_string($scopes)) {
            $scopes = explode(' ', $scopes);
        }
-
+        if (! in_array('create', $scopes, true)) {
-        if ($tokenData->claims()->has('scope') === false) {
+            return (new MicropubResponses)->insufficientScopeResponse();
            $micropubResponses = new MicropubResponses();
            return $micropubResponses->tokenHasNoScopeResponse();
        }
        if (Str::contains($tokenData->claims()->get('scope'), 'create') === false) {
            $micropubResponses = new MicropubResponses();
            return $micropubResponses->insufficientScopeResponse();
        }
        if ($request->input('q') === 'last') {
@ -105,24 +80,14 @@ class MicropubMediaController extends Controller
     */
    public function media(Request $request): JsonResponse
    {
-        try {
+        $tokenData = $request->input('token_data');
            $tokenData = $this->tokenService->validateToken($request->input('access_token'));
        } catch (RequiredConstraintsViolated|InvalidTokenStructure) {
            $micropubResponses = new MicropubResponses();
-            return $micropubResponses->invalidTokenResponse();
+        $scopes = $tokenData['scope'];
        if (is_string($scopes)) {
            $scopes = explode(' ', $scopes);
        }
-
+        if (! in_array('create', $scopes, true)) {
-        if ($tokenData->claims()->has('scope') === false) {
+            return (new MicropubResponses)->insufficientScopeResponse();
            $micropubResponses = new MicropubResponses();
            return $micropubResponses->tokenHasNoScopeResponse();
        }
        if (Str::contains($tokenData->claims()->get('scope'), 'create') === false) {
            $micropubResponses = new MicropubResponses();
            return $micropubResponses->insufficientScopeResponse();
        }
        if ($request->hasFile('file') === false) {
@ -133,7 +98,10 @@ class MicropubMediaController extends Controller
            ], 400);
        }
-        if ($request->file('file')->isValid() === false) {
+        /** @var UploadedFile $file */
        $file = $request->file('file');
        if ($file->isValid() === false) {
            return response()->json([
                'response' => 'error',
                'error' => 'invalid_request',
@ -141,7 +109,7 @@ class MicropubMediaController extends Controller
            ], 400);
        }
-        $filename = $this->saveFile($request->file('file'));
+        $filename = Storage::disk('local')->putFile('media', $file);
        /** @var ImageManager $manager */
        $manager = resolve(ImageManager::class);
@ -154,19 +122,12 @@ class MicropubMediaController extends Controller
        }
        $media = Media::create([
-            'token' => $request->bearerToken(),
+            'token' => $request->input('access_token'),
-            'path' => 'media/' . $filename,
+            'path' => $filename,
            'type' => $this->getFileTypeFromMimeType($request->file('file')->getMimeType()),
            'image_widths' => $width,
        ]);
        // put the file on S3 initially, the ProcessMedia job may edit this
        Storage::disk('s3')->putFileAs(
            'media',
            new File(storage_path('app') . '/' . $filename),
            $filename
        );
        ProcessMedia::dispatch($filename);
        return response()->json([
@ -230,7 +191,7 @@ class MicropubMediaController extends Controller
     *
     * @throws Exception
     */
-    private function saveFile(UploadedFile $file): string
+    private function saveFileToLocal(UploadedFile $file): string
    {
        $filename = Uuid::uuid4()->toString() . '.' . $file->extension();
        Storage::disk('local')->putFileAs('', $file, $filename);
--- a/app/Http/Controllers/NotesController.php
+++ b/app/Http/Controllers/NotesController.php
@ -14,8 +14,6 @@ use Jonnybarnes\IndieWeb\Numbers;
 /**
 * @todo Need to sort out Twitter and webmentions!
 *
 * @psalm-suppress UnusedClass
 */
 class NotesController extends Controller
 {
@ -67,7 +65,7 @@ class NotesController extends Controller
     */
    public function redirect(int $decId): RedirectResponse
    {
-        return redirect(config('app.url') . '/notes/' . (new Numbers())->numto60($decId));
+        return redirect(config('app.url') . '/notes/' . (new Numbers)->numto60($decId));
    }
    /**
--- a/app/Http/Controllers/PlacesController.php
+++ b/app/Http/Controllers/PlacesController.php
@ -7,9 +7,6 @@ namespace App\Http\Controllers;
 use App\Models\Place;
 use Illuminate\View\View;
 /**
 * @psalm-suppress UnusedClass
 */
 class PlacesController extends Controller
 {
    /**
--- a/app/Http/Controllers/SearchController.php
+++ b/app/Http/Controllers/SearchController.php
@ -6,9 +6,6 @@ use App\Models\Note;
 use Illuminate\Http\Request;
 use Illuminate\View\View;
 /**
 * @psalm-suppress UnusedClass
 */
 class SearchController extends Controller
 {
    public function search(Request $request): View
--- a/app/Http/Controllers/ShortURLsController.php
+++ b/app/Http/Controllers/ShortURLsController.php
@ -1,55 +0,0 @@
 <?php
 declare(strict_types=1);
 namespace App\Http\Controllers;
 use Illuminate\Http\RedirectResponse;
 /**
 * @psalm-suppress UnusedClass
 */
 class ShortURLsController extends Controller
 {
    /*
    |--------------------------------------------------------------------------
    | Short URL Controller
    |--------------------------------------------------------------------------
    |
    |    This redirects the short urls to long ones
    |
    */
    /**
     * Redirect from '/' to the long url.
     */
    public function baseURL(): RedirectResponse
    {
        return redirect(config('app.url'));
    }
    /**
     * Redirect from '/@' to a twitter profile.
     */
    public function twitter(): RedirectResponse
    {
        return redirect('https://twitter.com/jonnybarnes');
    }
    /**
     * Redirect a short url of this site out to a long one based on post type.
     *
     * Further redirects may happen.
     */
    public function expandType(string $type, string $postId): RedirectResponse
    {
        if ($type === 't') {
            $type = 'notes';
        }
        if ($type === 'b') {
            $type = 'blog/s';
        }
        return redirect(config('app.url') . '/' . $type . '/' . $postId);
    }
 }
--- a/app/Http/Controllers/TokenEndpointController.php
+++ b/app/Http/Controllers/TokenEndpointController.php
@ -1,109 +0,0 @@
 <?php
 declare(strict_types=1);
 namespace App\Http\Controllers;
 use App\Services\TokenService;
 use GuzzleHttp\Client as GuzzleClient;
 use GuzzleHttp\Exception\BadResponseException;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
 use IndieAuth\Client;
 use JsonException;
 /**
 * @psalm-suppress UnusedClass
 */
 class TokenEndpointController extends Controller
 {
    /**
     * @var Client The IndieAuth Client.
     */
    protected Client $client;
    /**
     * @var GuzzleClient The GuzzleHttp client.
     */
    protected GuzzleClient $guzzle;
    protected TokenService $tokenService;
    /**
     * Inject the dependencies.
     */
    public function __construct(
        Client $client,
        GuzzleClient $guzzle,
        TokenService $tokenService
    ) {
        $this->client = $client;
        $this->guzzle = $guzzle;
        $this->tokenService = $tokenService;
    }
    /**
     * If the user has auth’d via the IndieAuth protocol, issue a valid token.
     */
    public function create(Request $request): JsonResponse
    {
        $auth = $this->verifyIndieAuthCode(
            config('url.authorization_endpoint'),
            $request->input('code'),
            $request->input('redirect_uri'),
            $request->input('client_id'),
        );
        if ($auth === null || ! array_key_exists('me', $auth)) {
            return response()->json([
                'error' => 'There was an error verifying the IndieAuth code',
            ], 401);
        }
        $scope = $auth['scope'] ?? '';
        $tokenData = [
            'me' => config('app.url'),
            'client_id' => $request->input('client_id'),
            'scope' => $scope,
        ];
        $token = $this->tokenService->getNewToken($tokenData);
        $content = [
            'me' => config('app.url'),
            'scope' => $scope,
            'access_token' => $token,
        ];
        return response()->json($content);
    }
    protected function verifyIndieAuthCode(
        string $authorizationEndpoint,
        string $code,
        string $redirectUri,
        string $clientId
    ): ?array {
        try {
            $response = $this->guzzle->request('POST', $authorizationEndpoint, [
                'headers' => [
                    'Accept' => 'application/json',
                ],
                'form_params' => [
                    'code' => $code,
                    'me' => config('app.url'),
                    'redirect_uri' => $redirectUri,
                    'client_id' => $clientId,
                ],
            ]);
        } catch (BadResponseException) {
            return null;
        }
        try {
            $authData = json_decode((string) $response->getBody(), true, 512, JSON_THROW_ON_ERROR);
        } catch (JsonException) {
            return null;
        }
        return $authData;
    }
 }
--- a/app/Http/Controllers/WebMentionsController.php
+++ b/app/Http/Controllers/WebMentionsController.php
@ -12,9 +12,6 @@ use Illuminate\Http\Response;
 use Illuminate\View\View;
 use Jonnybarnes\IndieWeb\Numbers;
 /**
 * @psalm-suppress UnusedClass
 */
 class WebMentionsController extends Controller
 {
    /**
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@ -1,74 +0,0 @@
 <?php
 namespace App\Http;
 use Illuminate\Foundation\Http\Kernel as HttpKernel;
 class Kernel extends HttpKernel
 {
    /**
     * The application's global HTTP middleware stack.
     *
     * These middleware are run during every request to your application.
     *
     * @var array<int, class-string|string>
     */
    protected $middleware = [
        // \App\Http\Middleware\TrustHosts::class,
        \App\Http\Middleware\TrustProxies::class,
        \Illuminate\Http\Middleware\HandleCors::class,
        \App\Http\Middleware\PreventRequestsDuringMaintenance::class,
        \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
        \App\Http\Middleware\TrimStrings::class,
        \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
    ];
    /**
     * The application's route middleware groups.
     *
     * @var array<string, array<int, class-string|string>>
     */
    protected $middlewareGroups = [
        'web' => [
            \App\Http\Middleware\EncryptCookies::class,
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            \Illuminate\Session\Middleware\StartSession::class,
            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
            \App\Http\Middleware\LinkHeadersMiddleware::class,
            \App\Http\Middleware\LocalhostSessionMiddleware::class,
            \App\Http\Middleware\CSPHeader::class,
        ],
        'api' => [
            // \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
            \Illuminate\Routing\Middleware\ThrottleRequests::class.':api',
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],
    ];
    /**
     * The application's middleware aliases.
     *
     * Aliases may be used instead of class names to conveniently assign middleware to routes and groups.
     *
     * @var array<string, class-string|string>
     */
    protected $middlewareAliases = [
        'auth' => \App\Http\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
        'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
        'precognitive' => \Illuminate\Foundation\Http\Middleware\HandlePrecognitiveRequests::class,
        'signed' => \App\Http\Middleware\ValidateSignature::class,
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
        'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
        'micropub.token' => \App\Http\Middleware\VerifyMicropubToken::class,
        'myauth' => \App\Http\Middleware\MyAuthMiddleware::class,
        'cors' => \App\Http\Middleware\CorsHeaders::class,
    ];
 }
--- a/app/Http/Middleware/CSPHeader.php
+++ b/app/Http/Middleware/CSPHeader.php
@ -1,48 +0,0 @@
 <?php
 namespace App\Http\Middleware;
 use Closure;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\App;
 use Symfony\Component\HttpFoundation\Response;
 class CSPHeader
 {
    /**
     * Handle an incoming request.
     *
     * @psalm-suppress PossiblyUnusedMethod
     */
    public function handle(Request $request, Closure $next): Response
    {
        if (App::environment('local', 'development')) {
            return $next($request);
        }
        // headers have to be single-line strings,
        // so we concat multiple lines
        // phpcs:disable Generic.Files.LineLength.TooLong
        return $next($request)
            ->header(
                'Content-Security-Policy',
                "default-src 'self'; " .
                "style-src 'self' 'unsafe-inline' cloud.typography.com jonnybarnes.uk; " .
                "img-src 'self' data: blob: https://pbs.twimg.com https://jbuk-media.s3-eu-west-1.amazonaws.com https://jbuk-media-dev.s3-eu-west-1.amazonaws.com https://secure.gravatar.com https://graph.facebook.com *.fbcdn.net https://*.cdninstagram.com https://*.4sqi.net https://upload.wikimedia.org; " .
                "font-src 'self' data:; " .
                "frame-src 'self' https://www.youtube.com blob:; " .
                'upgrade-insecure-requests; ' .
                'block-all-mixed-content; ' .
                'report-to csp-endpoint; ' .
                'report-uri https://jonnybarnes.report-uri.io/r/default/csp/enforce;'
            )->header(
                'Report-To',
                '{' .
                        "'url': 'https://jonnybarnes.report-uri.io/r/default/csp/enforce', " .
                        "'group': 'csp-endpoint', " .
                        "'max-age': 10886400" .
                '}'
            );
        // phpcs:enable Generic.Files.LineLength.TooLong
    }
 }
--- a/app/Http/Middleware/CorsHeaders.php
+++ b/app/Http/Middleware/CorsHeaders.php
@ -10,8 +10,6 @@ class CorsHeaders
 {
    /**
     * Handle an incoming request.
     *
     * @psalm-suppress PossiblyUnusedMethod
     */
    public function handle(Request $request, Closure $next): Response
    {
--- a/app/Http/Middleware/LinkHeadersMiddleware.php
+++ b/app/Http/Middleware/LinkHeadersMiddleware.php
@ -10,16 +10,15 @@ class LinkHeadersMiddleware
 {
    /**
     * Handle an incoming request.
     *
     * @psalm-suppress PossiblyUnusedMethod
     */
    public function handle(Request $request, Closure $next): Response
    {
        $response = $next($request);
-        $response->header('Link', '<https://indieauth.com/auth>; rel="authorization_endpoint"', false);
+        $response->header('Link', '<' . route('indieauth.metadata') . '>; rel="indieauth-metadata"', false);
-        $response->header('Link', '<' . config('app.url') . '/api/token>; rel="token_endpoint"', false);
+        $response->header('Link', '<' . route('indieauth.start') . '>; rel="authorization_endpoint"', false);
-        $response->header('Link', '<' . config('app.url') . '/api/post>; rel="micropub"', false);
+        $response->header('Link', '<' . route('indieauth.token') . '>; rel="token_endpoint"', false);
-        $response->header('Link', '<' . config('app.url') . '/webmention>; rel="webmention"', false);
+        $response->header('Link', '<' . route('micropub-endpoint') . '>; rel="micropub"', false);
        $response->header('Link', '<' . route('webmention-endpoint') . '>; rel="webmention"', false);
        return $response;
    }
--- a/app/Http/Middleware/LocalhostSessionMiddleware.php
+++ b/app/Http/Middleware/LocalhostSessionMiddleware.php
@ -14,8 +14,6 @@ class LocalhostSessionMiddleware
     * Whilst we are developing locally, automatically log in as
     * `['me' => config('app.url')]` as I can’t manually log in as
     * a .localhost domain.
     *
     * @psalm-suppress PossiblyUnusedMethod
     */
    public function handle(Request $request, Closure $next): Response
    {
--- a/app/Http/Middleware/LogMicropubRequest.php
+++ b/app/Http/Middleware/LogMicropubRequest.php
@ -0,0 +1,24 @@
 <?php
 declare(strict_types=1);
 namespace App\Http\Middleware;
 use Closure;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
 use Monolog\Handler\StreamHandler;
 use Monolog\Logger;
 class LogMicropubRequest
 {
    public function handle(Request $request, Closure $next): Response|JsonResponse
    {
        $logger = new Logger('micropub');
        $logger->pushHandler(new StreamHandler(storage_path('logs/micropub.log')));
        $logger->debug('MicropubLog', $request->all());
        return $next($request);
    }
 }
--- a/app/Http/Middleware/MyAuthMiddleware.php
+++ b/app/Http/Middleware/MyAuthMiddleware.php
@ -13,13 +13,13 @@ class MyAuthMiddleware
 {
    /**
     * Check the user is logged in.
     *
     * @psalm-suppress PossiblyUnusedMethod
     */
    public function handle(Request $request, Closure $next): Response
    {
        if (Auth::check() === false) {
            // they’re not logged in, so send them to login form
            redirect()->setIntendedUrl($request->fullUrl());
            return redirect()->route('login');
        }
--- a/app/Http/Middleware/ValidateSignature.php
+++ b/app/Http/Middleware/ValidateSignature.php
@ -10,8 +10,6 @@ class ValidateSignature extends Middleware
     * The names of the query string parameters that should be ignored.
     *
     * @var array<int, string>
     *
     * @psalm-suppress PossiblyUnusedProperty
     */
    protected $except = [
        // 'fbclid',
--- a/app/Http/Middleware/VerifyMicropubToken.php
+++ b/app/Http/Middleware/VerifyMicropubToken.php
@ -4,8 +4,14 @@ declare(strict_types=1);
 namespace App\Http\Middleware;
 use App\Http\Responses\MicropubResponses;
 use Closure;
 use Illuminate\Http\Request;
 use Lcobucci\JWT\Configuration;
 use Lcobucci\JWT\Encoding\CannotDecodeContent;
 use Lcobucci\JWT\Token;
 use Lcobucci\JWT\Token\InvalidTokenStructure;
 use Lcobucci\JWT\Validation\RequiredConstraintsViolated;
 use Symfony\Component\HttpFoundation\Response;
 class VerifyMicropubToken
@ -13,24 +19,63 @@ class VerifyMicropubToken
    /**
     * Handle an incoming request.
     *
-     * @psalm-suppress PossiblyUnusedMethod
+     * @param  Closure(Request): (Response)  $next
     */
    public function handle(Request $request, Closure $next): Response
    {
        $rawToken = null;
        if ($request->input('access_token')) {
-            return $next($request);
+            $rawToken = $request->input('access_token');
-        }
+        } elseif ($request->bearerToken()) {
-
+            $rawToken = $request->bearerToken();
        if ($request->bearerToken()) {
            return $next($request->merge([
                'access_token' => $request->bearerToken(),
            ]));
        }
        if (! $rawToken) {
            return response()->json([
                'response' => 'error',
                'error' => 'unauthorized',
                'error_description' => 'No access token was provided in the request',
            ], 401);
        }
        try {
            $tokenData = $this->validateToken($rawToken);
        } catch (RequiredConstraintsViolated|InvalidTokenStructure|CannotDecodeContent) {
            $micropubResponses = new MicropubResponses;
            return $micropubResponses->invalidTokenResponse();
        }
        if ($tokenData->claims()->has('scope') === false) {
            $micropubResponses = new MicropubResponses;
            return $micropubResponses->tokenHasNoScopeResponse();
        }
        return $next($request->merge([
            'access_token' => $rawToken,
            'token_data' => [
                'me' => $tokenData->claims()->get('me'),
                'scope' => $tokenData->claims()->get('scope'),
                'client_id' => $tokenData->claims()->get('client_id'),
            ],
        ]));
    }
    /**
     * Check the token signature is valid.
     */
    private function validateToken(string $bearerToken): Token
    {
        $config = resolve(Configuration::class);
        $token = $config->parser()->parse($bearerToken);
        $constraints = $config->validationConstraints();
        $config->validator()->assert($token, ...$constraints);
        return $token;
    }
 }
--- a/app/Http/Requests/MicropubRequest.php
+++ b/app/Http/Requests/MicropubRequest.php
@ -0,0 +1,106 @@
 <?php
 declare(strict_types=1);
 namespace App\Http\Requests;
 use Illuminate\Foundation\Http\FormRequest;
 use Illuminate\Support\Arr;
 class MicropubRequest extends FormRequest
 {
    protected array $micropubData = [];
    public function rules(): array
    {
        return [
            // Validation rules
        ];
    }
    public function getMicropubData(): array
    {
        return $this->micropubData;
    }
    public function getType(): ?string
    {
        // Return consistent type regardless of input format
        return $this->micropubData['type'] ?? null;
    }
    protected function prepareForValidation(): void
    {
        // Normalize the request data based on content type
        if ($this->isJson()) {
            $this->normalizeMicropubJson();
        } else {
            $this->normalizeMicropubForm();
        }
    }
    private function normalizeMicropubJson(): void
    {
        $json = $this->json();
        if ($json === null) {
            throw new \InvalidArgumentException('`isJson()` passed but there is no json data');
        }
        $data = $json->all();
        // Convert JSON type (h-entry) to simple type (entry)
        if (isset($data['type']) && is_array($data['type'])) {
            $type = current($data['type']);
            if (strpos($type, 'h-') === 0) {
                $this->micropubData['type'] = substr($type, 2);
            }
        }
        // Or set the type to update
        elseif (isset($data['action']) && $data['action'] === 'update') {
            $this->micropubData['type'] = 'update';
        }
        // Add in the token data
        $this->micropubData['token_data'] = $data['token_data'];
        // Add h-entry values
        $this->micropubData['content'] = Arr::get($data, 'properties.content.0');
        $this->micropubData['in-reply-to'] = Arr::get($data, 'properties.in-reply-to.0');
        $this->micropubData['published'] = Arr::get($data, 'properties.published.0');
        $this->micropubData['location'] = Arr::get($data, 'location');
        $this->micropubData['bookmark-of'] = Arr::get($data, 'properties.bookmark-of.0');
        $this->micropubData['like-of'] = Arr::get($data, 'properties.like-of.0');
        $this->micropubData['mp-syndicate-to'] = Arr::get($data, 'properties.mp-syndicate-to');
        // Add h-card values
        $this->micropubData['name'] = Arr::get($data, 'properties.name.0');
        $this->micropubData['description'] = Arr::get($data, 'properties.description.0');
        $this->micropubData['geo'] = Arr::get($data, 'properties.geo.0');
        // Add checkin value
        $this->micropubData['checkin'] = Arr::get($data, 'checkin');
        $this->micropubData['syndication'] = Arr::get($data, 'properties.syndication.0');
    }
    private function normalizeMicropubForm(): void
    {
        // Convert form h=entry to type=entry
        if ($h = $this->input('h')) {
            $this->micropubData['type'] = $h;
        }
        // Add some fields to the micropub data with default null values
        $this->micropubData['in-reply-to'] = null;
        $this->micropubData['published'] = null;
        $this->micropubData['location'] = null;
        $this->micropubData['description'] = null;
        $this->micropubData['geo'] = null;
        $this->micropubData['latitude'] = null;
        $this->micropubData['longitude'] = null;
        // Map form fields to micropub data
        foreach ($this->except(['h', 'access_token']) as $key => $value) {
            $this->micropubData[$key] = $value;
        }
    }
 }
--- a/app/Jobs/DownloadWebMention.php
+++ b/app/Jobs/DownloadWebMention.php
@ -24,8 +24,7 @@ class DownloadWebMention implements ShouldQueue
     */
    public function __construct(
        protected string $source
-    ) {
+    ) {}
    }
    /**
     * Execute the job.
@ -39,7 +38,7 @@ class DownloadWebMention implements ShouldQueue
        // 4XX and 5XX responses should get Guzzle to throw an exception,
        // Laravel should catch and retry these automatically.
        if ($response->getStatusCode() === 200) {
-            $filesystem = new FileSystem();
+            $filesystem = new FileSystem;
            $filename = storage_path('HTML') . '/' . $this->createFilenameFromURL($this->source);
            // backup file first
            $filenameBackup = $filename . '.' . date('Y-m-d') . '.backup';
--- a/app/Jobs/ProcessBookmark.php
+++ b/app/Jobs/ProcessBookmark.php
@ -25,8 +25,7 @@ class ProcessBookmark implements ShouldQueue
     */
    public function __construct(
        protected Bookmark $bookmark
-    ) {
+    ) {}
    }
    /**
     * Execute the job.
--- a/app/Jobs/ProcessLike.php
+++ b/app/Jobs/ProcessLike.php
@ -30,8 +30,7 @@ class ProcessLike implements ShouldQueue
     */
    public function __construct(
        protected Like $like
-    ) {
+    ) {}
    }
    /**
     * Execute the job.
--- a/app/Jobs/ProcessMedia.php
+++ b/app/Jobs/ProcessMedia.php
@ -25,43 +25,45 @@ class ProcessMedia implements ShouldQueue
     */
    public function __construct(
        protected string $filename
-    ) {
+    ) {}
    }
    /**
     * Execute the job.
     */
    public function handle(ImageManager $manager): void
    {
-        //open file
+        // Load file
        $file = Storage::disk('local')->get('media/' . $this->filename);
        // Open file
        try {
-            $image = $manager->read(storage_path('app') . '/' . $this->filename);
+            $image = $manager->read($file);
        } catch (DecoderException) {
            // not an image; delete file and end job
-            unlink(storage_path('app') . '/' . $this->filename);
+            Storage::disk('local')->delete('media/' . $this->filename);
            return;
        }
-        //create smaller versions if necessary
+
        // Save the file publicly
        Storage::disk('public')->put('media/' . $this->filename, $file);
        // Create smaller versions if necessary
        if ($image->width() > 1000) {
            $filenameParts = explode('.', $this->filename);
            $extension = array_pop($filenameParts);
            // the following achieves this data flow
            // foo.bar.png => ['foo', 'bar', 'png'] => ['foo', 'bar'] => foo.bar
-            $basename = ltrim(array_reduce($filenameParts, function ($carry, $item) {
+            $basename = trim(implode('.', $filenameParts), '.');
-                return $carry . '.' . $item;
+
-            }, ''), '.');
+            $medium = $image->resize(width: 1000);
-            $medium = $image->resize(1000, null, function ($constraint) {
+            Storage::disk('public')->put('media/' . $basename . '-medium.' . $extension, (string) $medium->encode());
-                $constraint->aspectRatio();
+
-            });
+            $small = $image->resize(width: 500);
-            Storage::disk('s3')->put('media/' . $basename . '-medium.' . $extension, (string) $medium->encode());
+            Storage::disk('public')->put('media/' . $basename . '-small.' . $extension, (string) $small->encode());
            $small = $image->resize(500, null, function ($constraint) {
                $constraint->aspectRatio();
            });
            Storage::disk('s3')->put('media/' . $basename . '-small.' . $extension, (string) $small->encode());
        }
-        // now we can delete the locally saved image
+        // Now we can delete the locally saved image
-        unlink(storage_path('app') . '/' . $this->filename);
+        Storage::disk('local')->delete('media/' . $this->filename);
    }
 }
--- a/app/Jobs/ProcessWebMention.php
+++ b/app/Jobs/ProcessWebMention.php
@ -30,8 +30,7 @@ class ProcessWebMention implements ShouldQueue
    public function __construct(
        protected Note $note,
        protected string $source
-    ) {
+    ) {}
    }
    /**
     * Execute the job.
@ -45,7 +44,7 @@ class ProcessWebMention implements ShouldQueue
        try {
            $response = $guzzle->request('GET', $this->source);
        } catch (RequestException $e) {
-            throw new RemoteContentNotFoundException();
+            throw new RemoteContentNotFoundException;
        }
        $this->saveRemoteContent((string) $response->getBody(), $this->source);
        $microformats = Mf2\parse((string) $response->getBody(), $this->source);
@ -54,7 +53,7 @@ class ProcessWebMention implements ShouldQueue
            // check webmention still references target
            // we try each type of mention (reply/like/repost)
            if ($webmention->type === 'in-reply-to') {
-                if ($parser->checkInReplyTo($microformats, $this->note->longurl) === false) {
+                if ($parser->checkInReplyTo($microformats, $this->note->uri) === false) {
                    // it doesn’t so delete
                    $webmention->delete();
@ -68,7 +67,7 @@ class ProcessWebMention implements ShouldQueue
                return;
            }
            if ($webmention->type === 'like-of') {
-                if ($parser->checkLikeOf($microformats, $this->note->longurl) === false) {
+                if ($parser->checkLikeOf($microformats, $this->note->uri) === false) {
                    // it doesn’t so delete
                    $webmention->delete();
@ -76,7 +75,7 @@ class ProcessWebMention implements ShouldQueue
                } // note we don’t need to do anything if it still is a like
            }
            if ($webmention->type === 'repost-of') {
-                if ($parser->checkRepostOf($microformats, $this->note->longurl) === false) {
+                if ($parser->checkRepostOf($microformats, $this->note->uri) === false) {
                    // it doesn’t so delete
                    $webmention->delete();
@ -86,13 +85,13 @@ class ProcessWebMention implements ShouldQueue
        }// foreach
        // no webmention in the db so create new one
-        $webmention = new WebMention();
+        $webmention = new WebMention;
        $type = $parser->getMentionType($microformats); // throw error here?
        dispatch(new SaveProfileImage($microformats));
        $webmention->source = $this->source;
-        $webmention->target = $this->note->longurl;
+        $webmention->target = $this->note->uri;
        $webmention->commentable_id = $this->note->id;
-        $webmention->commentable_type = 'App\Model\Note';
+        $webmention->commentable_type = Note::class;
        $webmention->type = $type;
        $webmention->mf2 = json_encode($microformats);
        $webmention->save();
--- a/app/Jobs/SaveProfileImage.php
+++ b/app/Jobs/SaveProfileImage.php
@ -25,8 +25,7 @@ class SaveProfileImage implements ShouldQueue
     */
    public function __construct(
        protected array $microformats
-    ) {
+    ) {}
    }
    /**
     * Execute the job.
--- a/app/Jobs/SaveScreenshot.php
+++ b/app/Jobs/SaveScreenshot.php
@ -23,8 +23,7 @@ class SaveScreenshot implements ShouldQueue
     */
    public function __construct(
        protected Bookmark $bookmark
-    ) {
+    ) {}
    }
    /**
     * Execute the job.
--- a/app/Jobs/SendWebMentions.php
+++ b/app/Jobs/SendWebMentions.php
@ -27,8 +27,7 @@ class SendWebMentions implements ShouldQueue
     */
    public function __construct(
        protected Note $note
-    ) {
+    ) {}
    }
    /**
     * Execute the job.
@ -46,7 +45,7 @@ class SendWebMentions implements ShouldQueue
                $guzzle = resolve(Client::class);
                $guzzle->post($endpoint, [
                    'form_params' => [
-                        'source' => $this->note->longurl,
+                        'source' => $this->note->uri,
                        'target' => $url,
                    ],
                ]);
@ -62,7 +61,7 @@ class SendWebMentions implements ShouldQueue
    public function discoverWebmentionEndpoint(string $url): ?string
    {
        // let’s not send webmentions to myself
-        if (parse_url($url, PHP_URL_HOST) === config('url.longurl')) {
+        if (parse_url($url, PHP_URL_HOST) === parse_url(config('app.url'), PHP_URL_HOST)) {
            return null;
        }
        if (Str::startsWith($url, '/notes/tagged/')) {
@ -76,7 +75,7 @@ class SendWebMentions implements ShouldQueue
        // check HTTP Headers for webmention endpoint
        $links = Header::parse($response->getHeader('Link'));
        foreach ($links as $link) {
-            if (mb_stristr($link['rel'], 'webmention')) {
+            if (array_key_exists('rel', $link) && mb_stristr($link['rel'], 'webmention')) {
                return $this->resolveUri(trim($link[0], '<>'), $url);
            }
        }
@ -109,7 +108,7 @@ class SendWebMentions implements ShouldQueue
        }
        $urls = [];
-        $dom = new \DOMDocument();
+        $dom = new \DOMDocument;
        $dom->loadHTML($html);
        $anchors = $dom->getElementsByTagName('a');
        foreach ($anchors as $anchor) {
--- a/app/Jobs/SyndicateNoteToBluesky.php
+++ b/app/Jobs/SyndicateNoteToBluesky.php
@ -0,0 +1,62 @@
 <?php
 declare(strict_types=1);
 namespace App\Jobs;
 use App\Models\Note;
 use GuzzleHttp\Client;
 use GuzzleHttp\Exception\GuzzleException;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Foundation\Bus\Dispatchable;
 use Illuminate\Queue\InteractsWithQueue;
 use Illuminate\Queue\SerializesModels;
 class SyndicateNoteToBluesky implements ShouldQueue
 {
    use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
    /**
     * Create a new job instance.
     */
    public function __construct(
        protected Note $note
    ) {}
    /**
     * Execute the job.
     *
     * @throws GuzzleException
     */
    public function handle(Client $guzzle): void
    {
        // We can only make the request if we have an access token
        if (config('bridgy.bluesky_token') === null) {
            return;
        }
        // Make micropub request
        $response = $guzzle->request(
            'POST',
            'https://brid.gy/micropub',
            [
                'headers' => [
                    'Authorization' => 'Bearer ' . config('bridgy.bluesky_token'),
                ],
                'json' => [
                    'type' => ['h-entry'],
                    'properties' => [
                        'content' => [$this->note->getRawOriginal('note')],
                    ],
                ],
            ]
        );
        // Parse for syndication URL
        if ($response->getStatusCode() === 201) {
            $this->note->bluesky_url = $response->getHeader('Location')[0];
            $this->note->save();
        }
    }
 }
--- a/app/Jobs/SyndicateNoteToMastodon.php
+++ b/app/Jobs/SyndicateNoteToMastodon.php
@ -22,8 +22,7 @@ class SyndicateNoteToMastodon implements ShouldQueue
     */
    public function __construct(
        protected Note $note
-    ) {
+    ) {}
    }
    /**
     * Execute the job.
--- a/app/Models/Article.php
+++ b/app/Models/Article.php
@ -58,10 +58,10 @@ class Article extends Model
    {
        return Attribute::get(
            get: function () {
-                $environment = new Environment();
+                $environment = new Environment;
-                $environment->addExtension(new CommonMarkCoreExtension());
+                $environment->addExtension(new CommonMarkCoreExtension);
-                $environment->addRenderer(FencedCode::class, new FencedCodeRenderer());
+                $environment->addRenderer(FencedCode::class, new FencedCodeRenderer);
-                $environment->addRenderer(IndentedCode::class, new IndentedCodeRenderer());
+                $environment->addRenderer(IndentedCode::class, new IndentedCodeRenderer);
                $markdownConverter = new MarkdownConverter($environment);
                return $markdownConverter->convert($this->main)->getContent();
--- a/app/Models/Bookmark.php
+++ b/app/Models/Bookmark.php
@ -26,7 +26,7 @@ class Bookmark extends Model
        return $this->belongsToMany('App\Models\Tag');
    }
-    protected function longurl(): Attribute
+    protected function local_uri(): Attribute
    {
        return Attribute::get(
            get: fn () => config('app.url') . '/bookmarks/' . $this->id,
--- a/app/Models/Media.php
+++ b/app/Models/Media.php
@ -33,7 +33,7 @@ class Media extends Model
                    return $attributes['path'];
                }
-                return config('filesystems.disks.s3.url') . '/' . $attributes['path'];
+                return config('app.url') . '/storage/' . $attributes['path'];
            }
        );
    }
@ -78,7 +78,7 @@ class Media extends Model
        $basename = $this->getBasename($path);
        $extension = $this->getExtension($path);
-        return config('filesystems.disks.s3.url') . '/' . $basename . '-' . $size . '.' . $extension;
+        return config('app.url') . '/storage/' . $basename . '-' . $size . '.' . $extension;
    }
    private function getBasename(string $path): string
--- a/app/Models/Note.php
+++ b/app/Models/Note.php
@ -124,7 +124,7 @@ class Note extends Model
    public function getNoteAttribute(?string $value): ?string
    {
        if ($value === null && $this->place !== null) {
-            $value = '📍: <a href="' . $this->place->longurl . '">' . $this->place->name . '</a>';
+            $value = '📍: <a href="' . $this->place->uri . '">' . $this->place->name . '</a>';
        }
        // if $value is still null, just return null
@ -172,16 +172,11 @@ class Note extends Model
        return (string) resolve(Numbers::class)->numto60($this->id);
    }
-    public function getLongurlAttribute(): string
+    public function getUriAttribute(): string
    {
        return config('app.url') . '/notes/' . $this->nb60id;
    }
    public function getShorturlAttribute(): string
    {
        return config('url.shorturl') . '/notes/' . $this->nb60id;
    }
    public function getIso8601Attribute(): string
    {
        return $this->updated_at->toISO8601String();
@ -271,7 +266,7 @@ class Note extends Model
            ]);
            if ($oEmbed->httpstatus >= 400) {
-                throw new Exception();
+                throw new Exception;
            }
        } catch (Exception $e) {
            return null;
@ -388,18 +383,18 @@ class Note extends Model
                'mentions_handle' => [
                    'prefix' => '@',
                    'pattern' => '([\w@.])+(\b)',
-                    'generator' => new MentionGenerator(),
+                    'generator' => new MentionGenerator,
                ],
            ],
        ];
        $environment = new Environment($config);
-        $environment->addExtension(new CommonMarkCoreExtension());
+        $environment->addExtension(new CommonMarkCoreExtension);
-        $environment->addExtension(new AutolinkExtension());
+        $environment->addExtension(new AutolinkExtension);
-        $environment->addExtension(new MentionExtension());
+        $environment->addExtension(new MentionExtension);
-        $environment->addRenderer(Mention::class, new MentionRenderer());
+        $environment->addRenderer(Mention::class, new MentionRenderer);
-        $environment->addRenderer(FencedCode::class, new FencedCodeRenderer());
+        $environment->addRenderer(FencedCode::class, new FencedCodeRenderer);
-        $environment->addRenderer(IndentedCode::class, new IndentedCodeRenderer());
+        $environment->addRenderer(IndentedCode::class, new IndentedCodeRenderer);
        $markdownConverter = new MarkdownConverter($environment);
        return $markdownConverter->convert($note)->getContent();
--- a/app/Models/Place.php
+++ b/app/Models/Place.php
@ -74,24 +74,10 @@ class Place extends Model
        ]));
    }
    protected function longurl(): Attribute
    {
        return Attribute::get(
            get: fn ($value, $attributes) => config('app.url') . '/places/' . $attributes['slug'],
        );
    }
    protected function shorturl(): Attribute
    {
        return Attribute::get(
            get: fn ($value, $attributes) => config('url.shorturl') . '/places/' . $attributes['slug'],
        );
    }
    protected function uri(): Attribute
    {
        return Attribute::get(
-            get: fn () => $this->longurl,
+            get: static fn ($value, $attributes) => config('app.url') . '/places/' . $attributes['slug'],
        );
    }
--- a/app/Models/WebMention.php
+++ b/app/Models/WebMention.php
@ -42,7 +42,7 @@ class WebMention extends Model
                    return null;
                }
-                $authorship = new Authorship();
+                $authorship = new Authorship;
                $hCard = $authorship->findAuthor(json_decode($attributes['mf2'], true));
                if ($hCard === false) {
@ -109,8 +109,16 @@ class WebMention extends Model
    /**
     * Create the photo link.
     */
-    public function createPhotoLink(string $url): string
+    public function createPhotoLink(string|array $url): string
    {
        if (is_array($url)) {
            if (! array_key_exists('value', $url)) {
                return '';
            }
            $url = $url['value'];
        }
        $url = normalize_url($url);
        $host = parse_url($url, PHP_URL_HOST);
@ -132,7 +140,7 @@ class WebMention extends Model
            return $profile_image;
        }
-        $filesystem = new Filesystem();
+        $filesystem = new Filesystem;
        if ($filesystem->exists(public_path() . '/assets/profile-images/' . $host . '/image')) {
            return '/assets/profile-images/' . $host . '/image';
        }
--- a/app/Observers/NoteObserver.php
+++ b/app/Observers/NoteObserver.php
@ -9,15 +9,10 @@ use App\Models\Tag;
 use Illuminate\Support\Arr;
 use Illuminate\Support\Collection;
 /**
 * @todo Do we need psalm-suppress for these observer methods?
 */
 class NoteObserver
 {
    /**
-     * Listen to the Note created event.
+     * Listen to the Note created event.=
     *
     * @psalm-suppress PossiblyUnusedMethod
     */
    public function created(Note $note): void
    {
@ -39,9 +34,7 @@ class NoteObserver
    }
    /**
-     * Listen to the Note updated event.
+     * Listen to the Note updated event.=
     *
     * @psalm-suppress PossiblyUnusedMethod
     */
    public function updated(Note $note): void
    {
@ -65,9 +58,7 @@ class NoteObserver
    }
    /**
-     * Listen to the Note deleting event.
+     * Listen to the Note deleting event.=
     *
     * @psalm-suppress PossiblyUnusedMethod
     */
    public function deleting(Note $note): void
    {
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@ -11,7 +11,6 @@ use Illuminate\Database\Eloquent\Model;
 use Illuminate\Pagination\LengthAwarePaginator;
 use Illuminate\Support\Collection;
 use Illuminate\Support\ServiceProvider;
 use Laravel\Dusk\DuskServiceProvider;
 use Lcobucci\JWT\Configuration;
 use Lcobucci\JWT\Signer\Hmac\Sha256;
 use Lcobucci\JWT\Signer\Key\InMemory;
@ -21,6 +20,14 @@ use Symfony\Component\HtmlSanitizer\HtmlSanitizerConfig;
 class AppServiceProvider extends ServiceProvider
 {
    /**
     * Register any application services.
     */
    public function register(): void
    {
        //
    }
    /**
     * Bootstrap any application services.
     */
@ -81,9 +88,9 @@ class AppServiceProvider extends ServiceProvider
        $this->app->bind('Lcobucci\JWT\Configuration', function () {
            $key = InMemory::plainText(config('app.key'));
-            $config = Configuration::forSymmetricSigner(new Sha256(), $key);
+            $config = Configuration::forSymmetricSigner(new Sha256, $key);
-            $config->setValidationConstraints(new SignedWith(new Sha256(), $key));
+            $config->setValidationConstraints(new SignedWith(new Sha256, $key));
            return $config;
        });
@ -91,7 +98,7 @@ class AppServiceProvider extends ServiceProvider
        // Configure HtmlSanitizer
        $this->app->bind(HtmlSanitizer::class, function () {
            return new HtmlSanitizer(
-                (new HtmlSanitizerConfig())
+                (new HtmlSanitizerConfig)
                    ->allowSafeElements()
                    ->forceAttribute('a', 'rel', 'noopener nofollow')
            );
@ -132,14 +139,4 @@ class AppServiceProvider extends ServiceProvider
        // Turn on Eloquent strict mode when developing
        Model::shouldBeStrict(! $this->app->isProduction());
    }
    /**
     * Register any application services.
     */
    public function register(): void
    {
        if ($this->app->environment('local', 'testing')) {
            $this->app->register(DuskServiceProvider::class);
        }
    }
 }
--- a/app/Providers/AuthServiceProvider.php
+++ b/app/Providers/AuthServiceProvider.php
@ -1,26 +0,0 @@
 <?php
 namespace App\Providers;
 // use Illuminate\Support\Facades\Gate;
 use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
 class AuthServiceProvider extends ServiceProvider
 {
    /**
     * The model to policy mappings for the application.
     *
     * @var array<class-string, class-string>
     */
    protected $policies = [
        //
    ];
    /**
     * Register any authentication / authorization services.
     */
    public function boot(): void
    {
        //
    }
 }
--- a/app/Providers/BroadcastServiceProvider.php
+++ b/app/Providers/BroadcastServiceProvider.php
@ -1,22 +0,0 @@
 <?php
 namespace App\Providers;
 use Illuminate\Support\Facades\Broadcast;
 use Illuminate\Support\ServiceProvider;
 /**
 * @codeCoverageIgnore
 */
 class BroadcastServiceProvider extends ServiceProvider
 {
    /**
     * Bootstrap any application services.
     */
    public function boot(): void
    {
        Broadcast::routes();
        require base_path('routes/channels.php');
    }
 }
--- a/app/Providers/EventServiceProvider.php
+++ b/app/Providers/EventServiceProvider.php
@ -1,29 +0,0 @@
 <?php
 namespace App\Providers;
 use Illuminate\Auth\Events\Registered;
 use Illuminate\Auth\Listeners\SendEmailVerificationNotification;
 use Illuminate\Foundation\Support\Providers\EventServiceProvider as ServiceProvider;
 class EventServiceProvider extends ServiceProvider
 {
    /**
     * The event to listener mappings for the application.
     *
     * @var array<class-string, array<int, class-string>>
     */
    protected $listen = [
        Registered::class => [
            SendEmailVerificationNotification::class,
        ],
    ];
    /**
     * Register any events for your application.
     */
    public function boot(): void
    {
        //
    }
 }
--- a/app/Providers/HorizonServiceProvider.php
+++ b/app/Providers/HorizonServiceProvider.php
@ -3,12 +3,8 @@
 namespace App\Providers;
 use Illuminate\Support\Facades\Gate;
 use Laravel\Horizon\Horizon;
 use Laravel\Horizon\HorizonApplicationServiceProvider;
 /**
 * @psalm-suppress UnusedClass
 */
 class HorizonServiceProvider extends HorizonApplicationServiceProvider
 {
    /**
@ -17,12 +13,6 @@ class HorizonServiceProvider extends HorizonApplicationServiceProvider
    public function boot(): void
    {
        parent::boot();
        // Horizon::routeSmsNotificationsTo('15556667777');
        // Horizon::routeMailNotificationsTo('example@example.com');
        // Horizon::routeSlackNotificationsTo('slack-webhook-url', '#channel');
        Horizon::night();
    }
    /**
--- a/app/Providers/MicropubServiceProvider.php
+++ b/app/Providers/MicropubServiceProvider.php
@ -0,0 +1,26 @@
 <?php
 declare(strict_types=1);
 namespace App\Providers;
 use App\Services\Micropub\CardHandler;
 use App\Services\Micropub\EntryHandler;
 use App\Services\Micropub\MicropubHandlerRegistry;
 use Illuminate\Support\ServiceProvider;
 class MicropubServiceProvider extends ServiceProvider
 {
    public function register(): void
    {
        $this->app->singleton(MicropubHandlerRegistry::class, function () {
            $registry = new MicropubHandlerRegistry;
            // Register handlers
            $registry->register('card', new CardHandler);
            $registry->register('entry', new EntryHandler);
            return $registry;
        });
    }
 }
--- a/app/Providers/RouteServiceProvider.php
+++ b/app/Providers/RouteServiceProvider.php
@ -1,40 +0,0 @@
 <?php
 namespace App\Providers;
 use Illuminate\Cache\RateLimiting\Limit;
 use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\RateLimiter;
 use Illuminate\Support\Facades\Route;
 class RouteServiceProvider extends ServiceProvider
 {
    /**
     * The path to your application's "home" route.
     *
     * Typically, users are redirected here after authentication.
     *
     * @var string
     */
    public const HOME = '/admin';
    /**
     * Define your route model bindings, pattern filters, and other route configuration.
     */
    public function boot(): void
    {
        RateLimiter::for('api', function (Request $request) {
            return Limit::perMinute(60)->by($request->user()?->id ?: $request->ip());
        });
        $this->routes(function () {
            Route::middleware('api')
                ->prefix('api')
                ->group(base_path('routes/api.php'));
            Route::middleware('web')
                ->group(base_path('routes/web.php'));
        });
    }
 }
--- a/app/Services/ArticleService.php
+++ b/app/Services/ArticleService.php
@ -6,13 +6,13 @@ namespace App\Services;
 use App\Models\Article;
-class ArticleService extends Service
+class ArticleService
 {
-    public function create(array $request, ?string $client = null): Article
+    public function create(array $data): Article
    {
        return Article::create([
-            'title' => $this->getDataByKey($request, 'name'),
+            'title' => $data['name'],
-            'main' => $this->getDataByKey($request, 'content'),
+            'main' => $data['content'],
            'published' => true,
        ]);
    }
--- a/app/Services/BookmarkService.php
+++ b/app/Services/BookmarkService.php
@ -10,28 +10,29 @@ use App\Models\Bookmark;
 use App\Models\Tag;
 use GuzzleHttp\Client;
 use GuzzleHttp\Exception\ClientException;
 use GuzzleHttp\Exception\GuzzleException;
 use Illuminate\Support\Arr;
 use Illuminate\Support\Str;
-class BookmarkService extends Service
+class BookmarkService
 {
    /**
     * Create a new Bookmark.
     */
-    public function create(array $request, ?string $client = null): Bookmark
+    public function create(array $data): Bookmark
    {
-        if (Arr::get($request, 'properties.bookmark-of.0')) {
+        if (Arr::get($data, 'properties.bookmark-of.0')) {
            // micropub request
-            $url = normalize_url(Arr::get($request, 'properties.bookmark-of.0'));
+            $url = normalize_url(Arr::get($data, 'properties.bookmark-of.0'));
-            $name = Arr::get($request, 'properties.name.0');
+            $name = Arr::get($data, 'properties.name.0');
-            $content = Arr::get($request, 'properties.content.0');
+            $content = Arr::get($data, 'properties.content.0');
-            $categories = Arr::get($request, 'properties.category');
+            $categories = Arr::get($data, 'properties.category');
        }
-        if (Arr::get($request, 'bookmark-of')) {
+        if (Arr::get($data, 'bookmark-of')) {
-            $url = normalize_url(Arr::get($request, 'bookmark-of'));
+            $url = normalize_url(Arr::get($data, 'bookmark-of'));
-            $name = Arr::get($request, 'name');
+            $name = Arr::get($data, 'name');
-            $content = Arr::get($request, 'content');
+            $content = Arr::get($data, 'content');
-            $categories = Arr::get($request, 'category');
+            $categories = Arr::get($data, 'category');
        }
        $bookmark = Bookmark::create([
@ -54,6 +55,7 @@ class BookmarkService extends Service
     * Given a URL, attempt to save it to the Internet Archive.
     *
     * @throws InternetArchiveException
     * @throws GuzzleException
     */
    public function getArchiveLink(string $url): string
    {
@ -62,7 +64,7 @@ class BookmarkService extends Service
            $response = $client->request('GET', 'https://web.archive.org/save/' . $url);
        } catch (ClientException $e) {
            // throw an exception to be caught
-            throw new InternetArchiveException();
+            throw new InternetArchiveException;
        }
        if ($response->hasHeader('Content-Location')) {
            if (Str::startsWith(Arr::get($response->getHeader('Content-Location'), 0), '/web')) {
@ -71,6 +73,6 @@ class BookmarkService extends Service
        }
        // throw an exception to be caught
-        throw new InternetArchiveException();
+        throw new InternetArchiveException;
    }
 }
--- a/app/Services/LikeService.php
+++ b/app/Services/LikeService.php
@ -8,19 +8,19 @@ use App\Jobs\ProcessLike;
 use App\Models\Like;
 use Illuminate\Support\Arr;
-class LikeService extends Service
+class LikeService
 {
    /**
     * Create a new Like.
     */
-    public function create(array $request, ?string $client = null): Like
+    public function create(array $data): Like
    {
-        if (Arr::get($request, 'properties.like-of.0')) {
+        if (Arr::get($data, 'properties.like-of.0')) {
            // micropub request
-            $url = normalize_url(Arr::get($request, 'properties.like-of.0'));
+            $url = normalize_url(Arr::get($data, 'properties.like-of.0'));
        }
-        if (Arr::get($request, 'like-of')) {
+        if (Arr::get($data, 'like-of')) {
-            $url = normalize_url(Arr::get($request, 'like-of'));
+            $url = normalize_url(Arr::get($data, 'like-of'));
        }
        $like = Like::create(['url' => $url]);
--- a/app/Services/Micropub/CardHandler.php
+++ b/app/Services/Micropub/CardHandler.php
@ -0,0 +1,34 @@
 <?php
 declare(strict_types=1);
 namespace App\Services\Micropub;
 use App\Exceptions\InvalidTokenScopeException;
 use App\Services\PlaceService;
 class CardHandler implements MicropubHandlerInterface
 {
    /**
     * @throws InvalidTokenScopeException
     */
    public function handle(array $data): array
    {
        // Handle h-card requests
        $scopes = $data['token_data']['scope'];
        if (is_string($scopes)) {
            $scopes = explode(' ', $scopes);
        }
        if (! in_array('create', $scopes, true)) {
            throw new InvalidTokenScopeException;
        }
        $location = resolve(PlaceService::class)->createPlace($data)->uri;
        return [
            'response' => 'created',
            'url' => $location,
        ];
    }
 }
--- a/app/Services/Micropub/EntryHandler.php
+++ b/app/Services/Micropub/EntryHandler.php
@ -0,0 +1,41 @@
 <?php
 declare(strict_types=1);
 namespace App\Services\Micropub;
 use App\Exceptions\InvalidTokenScopeException;
 use App\Services\ArticleService;
 use App\Services\BookmarkService;
 use App\Services\LikeService;
 use App\Services\NoteService;
 class EntryHandler implements MicropubHandlerInterface
 {
    /**
     * @throws InvalidTokenScopeException
     */
    public function handle(array $data)
    {
        $scopes = $data['token_data']['scope'];
        if (is_string($scopes)) {
            $scopes = explode(' ', $scopes);
        }
        if (! in_array('create', $scopes, true)) {
            throw new InvalidTokenScopeException;
        }
        $location = match (true) {
            isset($data['like-of']) => resolve(LikeService::class)->create($data)->url,
            isset($data['bookmark-of']) => resolve(BookmarkService::class)->create($data)->uri,
            isset($data['name']) => resolve(ArticleService::class)->create($data)->link,
            default => resolve(NoteService::class)->create($data)->uri,
        };
        return [
            'response' => 'created',
            'url' => $location,
        ];
    }
 }
--- a/app/Services/Micropub/HCardService.php
+++ b/app/Services/Micropub/HCardService.php
@ -1,32 +0,0 @@
 <?php
 declare(strict_types=1);
 namespace App\Services\Micropub;
 use App\Services\PlaceService;
 use Illuminate\Support\Arr;
 class HCardService
 {
    /**
     * Create a Place from h-card data, return the URL.
     */
    public function process(array $request): string
    {
        $data = [];
        if (Arr::get($request, 'properties.name')) {
            $data['name'] = Arr::get($request, 'properties.name');
            $data['description'] = Arr::get($request, 'properties.description');
            $data['geo'] = Arr::get($request, 'properties.geo');
        } else {
            $data['name'] = Arr::get($request, 'name');
            $data['description'] = Arr::get($request, 'description');
            $data['geo'] = Arr::get($request, 'geo');
            $data['latitude'] = Arr::get($request, 'latitude');
            $data['longitude'] = Arr::get($request, 'longitude');
        }
        return resolve(PlaceService::class)->createPlace($data)->longurl;
    }
 }
--- a/app/Services/Micropub/HEntryService.php
+++ b/app/Services/Micropub/HEntryService.php
@ -1,34 +0,0 @@
 <?php
 declare(strict_types=1);
 namespace App\Services\Micropub;
 use App\Services\ArticleService;
 use App\Services\BookmarkService;
 use App\Services\LikeService;
 use App\Services\NoteService;
 use Illuminate\Support\Arr;
 class HEntryService
 {
    /**
     * Create the relevant model from some h-entry data.
     */
    public function process(array $request, ?string $client = null): ?string
    {
        if (Arr::get($request, 'properties.like-of') || Arr::get($request, 'like-of')) {
            return resolve(LikeService::class)->create($request)->longurl;
        }
        if (Arr::get($request, 'properties.bookmark-of') || Arr::get($request, 'bookmark-of')) {
            return resolve(BookmarkService::class)->create($request)->longurl;
        }
        if (Arr::get($request, 'properties.name') || Arr::get($request, 'name')) {
            return resolve(ArticleService::class)->create($request)->longurl;
        }
        return resolve(NoteService::class)->create($request, $client)->longurl;
    }
 }
--- a/app/Services/Micropub/MicropubHandlerInterface.php
+++ b/app/Services/Micropub/MicropubHandlerInterface.php
@ -0,0 +1,10 @@
 <?php
 declare(strict_types=1);
 namespace App\Services\Micropub;
 interface MicropubHandlerInterface
 {
    public function handle(array $data);
 }
--- a/app/Services/Micropub/MicropubHandlerRegistry.php
+++ b/app/Services/Micropub/MicropubHandlerRegistry.php
@ -0,0 +1,34 @@
 <?php
 declare(strict_types=1);
 namespace App\Services\Micropub;
 use App\Exceptions\MicropubHandlerException;
 class MicropubHandlerRegistry
 {
    /**
     * @var MicropubHandlerInterface[]
     */
    protected array $handlers = [];
    public function register(string $type, MicropubHandlerInterface $handler): self
    {
        $this->handlers[$type] = $handler;
        return $this;
    }
    /**
     * @throws MicropubHandlerException
     */
    public function getHandler(string $type): MicropubHandlerInterface
    {
        if (! isset($this->handlers[$type])) {
            throw new MicropubHandlerException("No handler registered for '{$type}'");
        }
        return $this->handlers[$type];
    }
 }
--- a/app/Services/Micropub/UpdateHandler.php
+++ b/app/Services/Micropub/UpdateHandler.php
@ -4,21 +4,33 @@ declare(strict_types=1);
 namespace App\Services\Micropub;
 use App\Exceptions\InvalidTokenScopeException;
 use App\Models\Media;
 use App\Models\Note;
 use Illuminate\Database\Eloquent\ModelNotFoundException;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Support\Arr;
 use Illuminate\Support\Str;
-class UpdateService
+/*
 * @todo Implement this properly
 */
 class UpdateHandler implements MicropubHandlerInterface
 {
    /**
-     * Process a micropub request to update an entry.
+     * @throws InvalidTokenScopeException
     */
-    public function process(array $request): JsonResponse
+    public function handle(array $data)
    {
-        $urlPath = parse_url(Arr::get($request, 'url'), PHP_URL_PATH);
+        $scopes = $data['token_data']['scope'];
        if (is_string($scopes)) {
            $scopes = explode(' ', $scopes);
        }
        if (! in_array('update', $scopes, true)) {
            throw new InvalidTokenScopeException;
        }
        $urlPath = parse_url(Arr::get($data, 'url'), PHP_URL_PATH);
        // is it a note we are updating?
        if (mb_substr($urlPath, 1, 5) !== 'notes') {
@ -30,7 +42,7 @@ class UpdateService
        try {
            $note = Note::nb60(basename($urlPath))->firstOrFail();
-        } catch (ModelNotFoundException $exception) {
+        } catch (ModelNotFoundException) {
            return response()->json([
                'error' => 'invalid_request',
                'error_description' => 'No known note with given ID',
@ -38,8 +50,8 @@ class UpdateService
        }
        // got the note, are we dealing with a “replace” request?
-        if (Arr::get($request, 'replace')) {
+        if (Arr::get($data, 'replace')) {
-            foreach (Arr::get($request, 'replace') as $property => $value) {
+            foreach (Arr::get($data, 'replace') as $property => $value) {
                if ($property === 'content') {
                    $note->note = $value[0];
                }
@ -59,14 +71,14 @@ class UpdateService
            }
            $note->save();
-            return response()->json([
+            return [
                'response' => 'updated',
-            ]);
+            ];
        }
        // how about “add”
-        if (Arr::get($request, 'add')) {
+        if (Arr::get($data, 'add')) {
-            foreach (Arr::get($request, 'add') as $property => $value) {
+            foreach (Arr::get($data, 'add') as $property => $value) {
                if ($property === 'syndication') {
                    foreach ($value as $syndicationURL) {
                        if (Str::startsWith($syndicationURL, 'https://www.facebook.com')) {
@ -83,7 +95,7 @@ class UpdateService
                if ($property === 'photo') {
                    foreach ($value as $photoURL) {
                        if (Str::startsWith($photoURL, 'https://')) {
-                            $media = new Media();
+                            $media = new Media;
                            $media->path = $photoURL;
                            $media->type = 'image';
                            $media->save();
--- a/app/Services/NoteService.php
+++ b/app/Services/NoteService.php
@ -5,6 +5,7 @@ declare(strict_types=1);
 namespace App\Services;
 use App\Jobs\SendWebMentions;
 use App\Jobs\SyndicateNoteToBluesky;
 use App\Jobs\SyndicateNoteToMastodon;
 use App\Models\Media;
 use App\Models\Note;
@ -13,45 +14,52 @@ use App\Models\SyndicationTarget;
 use Illuminate\Support\Arr;
 use Illuminate\Support\Str;
-class NoteService extends Service
+class NoteService
 {
    /**
     * Create a new note.
     */
-    public function create(array $request, ?string $client = null): Note
+    public function create(array $data): Note
    {
        // Get the content we want to save
        if (is_string($data['content'])) {
            $content = $data['content'];
        } elseif (isset($data['content']['html'])) {
            $content = $data['content']['html'];
        } else {
            $content = null;
        }
        $note = Note::create(
            [
-                'note' => $this->getDataByKey($request, 'content'),
+                'note' => $content,
-                'in_reply_to' => $this->getDataByKey($request, 'in-reply-to'),
+                'in_reply_to' => $data['in-reply-to'],
-                'client_id' => $client,
+                'client_id' => $data['token_data']['client_id'],
            ]
        );
-        if ($this->getPublished($request)) {
+        if ($published = $this->getPublished($data)) {
-            $note->created_at = $note->updated_at = $this->getPublished($request);
+            $note->created_at = $note->updated_at = $published;
        }
-        $note->location = $this->getLocation($request);
+        $note->location = $this->getLocation($data);
-        if ($this->getCheckin($request)) {
+        if ($this->getCheckin($data)) {
-            $note->place()->associate($this->getCheckin($request));
+            $note->place()->associate($this->getCheckin($data));
-            $note->swarm_url = $this->getSwarmUrl($request);
+            $note->swarm_url = $this->getSwarmUrl($data);
        }
        $note->instagram_url = $this->getInstagramUrl($request);
        foreach ($this->getMedia($request) as $media) {
            $note->media()->save($media);
        }
        //
        //        $note->instagram_url = $this->getInstagramUrl($request);
        //
        //        foreach ($this->getMedia($request) as $media) {
        //            $note->media()->save($media);
        //        }
        $note->save();
        dispatch(new SendWebMentions($note));
-        if (in_array('mastodon', $this->getSyndicationTargets($request), true)) {
+        $this->dispatchSyndicationJobs($note, $data);
            dispatch(new SyndicateNoteToMastodon($note));
        }
        return $note;
    }
@ -59,14 +67,10 @@ class NoteService extends Service
    /**
     * Get the published time from the request to create a new note.
     */
-    private function getPublished(array $request): ?string
+    private function getPublished(array $data): ?string
    {
-        if (Arr::get($request, 'properties.published.0')) {
+        if ($data['published']) {
-            return carbon(Arr::get($request, 'properties.published.0'))
+            return carbon($data['published'])->toDateTimeString();
                ->toDateTimeString();
        }
        if (Arr::get($request, 'published')) {
            return carbon(Arr::get($request, 'published'))->toDateTimeString();
        }
        return null;
@ -75,12 +79,13 @@ class NoteService extends Service
    /**
     * Get the location data from the request to create a new note.
     */
-    private function getLocation(array $request): ?string
+    private function getLocation(array $data): ?string
    {
-        $location = Arr::get($request, 'properties.location.0') ?? Arr::get($request, 'location');
+        $location = Arr::get($data, 'location');
        if (is_string($location) && str_starts_with($location, 'geo:')) {
            preg_match_all(
-                '/([0-9\.\-]+)/',
+                '/([0-9.\-]+)/',
                $location,
                $matches
            );
@ -94,9 +99,9 @@ class NoteService extends Service
    /**
     * Get the checkin data from the request to create a new note. This will be a Place.
     */
-    private function getCheckin(array $request): ?Place
+    private function getCheckin(array $data): ?Place
    {
-        $location = Arr::get($request, 'location');
+        $location = Arr::get($data, 'location');
        if (is_string($location) && Str::startsWith($location, config('app.url'))) {
            return Place::where(
                'slug',
@ -108,12 +113,12 @@ class NoteService extends Service
                )
            )->first();
        }
-        if (Arr::get($request, 'checkin')) {
+        if (Arr::get($data, 'checkin')) {
            try {
                $place = resolve(PlaceService::class)->createPlaceFromCheckin(
-                    Arr::get($request, 'checkin')
+                    Arr::get($data, 'checkin')
                );
-            } catch (\InvalidArgumentException $e) {
+            } catch (\InvalidArgumentException) {
                return null;
            }
@ -137,34 +142,47 @@ class NoteService extends Service
    /**
     * Get the Swarm URL from the syndication data in the request to create a new note.
     */
-    private function getSwarmUrl(array $request): ?string
+    private function getSwarmUrl(array $data): ?string
    {
-        if (str_contains(Arr::get($request, 'properties.syndication.0', ''), 'swarmapp')) {
+        $syndication = Arr::get($data, 'syndication');
-            return Arr::get($request, 'properties.syndication.0');
+        if ($syndication === null) {
            return null;
        }
        if (str_contains($syndication, 'swarmapp')) {
            return $syndication;
        }
        return null;
    }
    /**
-     * Get the syndication targets from the request to create a new note.
+     * Dispatch syndication jobs based on the request data.
     */
-    private function getSyndicationTargets(array $request): array
+    private function dispatchSyndicationJobs(Note $note, array $request): void
    {
-        $syndication = [];
+        // If no syndication targets are specified, return early
-        $mpSyndicateTo = Arr::get($request, 'mp-syndicate-to') ?? Arr::get($request, 'properties.mp-syndicate-to');
+        if (empty($request['mp-syndicate-to'])) {
-        $mpSyndicateTo = Arr::wrap($mpSyndicateTo);
+            return;
        foreach ($mpSyndicateTo as $uid) {
            $target = SyndicationTarget::where('uid', $uid)->first();
            if ($target && $target->service_name === 'Twitter') {
                $syndication[] = 'twitter';
            }
            if ($target && $target->service_name === 'Mastodon') {
                $syndication[] = 'mastodon';
            }
        }
-        return $syndication;
+        // Get the configured syndication targets
        $syndicationTargets = SyndicationTarget::all();
        foreach ($syndicationTargets as $target) {
            // Check if the target is in the request data
            if (in_array($target->uid, $request['mp-syndicate-to'], true)) {
                // Dispatch the appropriate job based on the target service name
                switch ($target->service_name) {
                    case 'Mastodon':
                        dispatch(new SyndicateNoteToMastodon($note));
                        break;
                    case 'Bluesky':
                        dispatch(new SyndicateNoteToBluesky($note));
                        break;
                }
            }
        }
    }
    /**
--- a/app/Services/PlaceService.php
+++ b/app/Services/PlaceService.php
@ -25,7 +25,7 @@ class PlaceService
            $data['latitude'] = $matches[0][0];
            $data['longitude'] = $matches[0][1];
        }
-        $place = new Place();
+        $place = new Place;
        $place->name = $data['name'];
        $place->description = $data['description'];
        $place->latitude = $data['latitude'];
@ -53,7 +53,7 @@ class PlaceService
        if (Arr::has($checkin, 'properties.latitude') === false) {
            throw new \InvalidArgumentException('Missing required longitude/latitude');
        }
-        $place = new Place();
+        $place = new Place;
        $place->name = Arr::get($checkin, 'properties.name.0');
        $place->external_urls = Arr::get($checkin, 'properties.url.0');
        $place->latitude = Arr::get($checkin, 'properties.latitude.0');
--- a/app/Services/Service.php
+++ b/app/Services/Service.php
@ -1,30 +0,0 @@
 <?php
 declare(strict_types=1);
 namespace App\Services;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Support\Arr;
 abstract class Service
 {
    abstract public function create(array $request, ?string $client = null): Model;
    protected function getDataByKey(array $request, string $key): ?string
    {
        if (Arr::get($request, "properties.{$key}.0.html")) {
            return Arr::get($request, "properties.{$key}.0.html");
        }
        if (is_string(Arr::get($request, "properties.{$key}.0"))) {
            return Arr::get($request, "properties.{$key}.0");
        }
        if (is_string(Arr::get($request, "properties.{$key}"))) {
            return Arr::get($request, "properties.{$key}");
        }
        return Arr::get($request, $key);
    }
 }
--- a/app/Services/TokenService.php
+++ b/app/Services/TokenService.php
@ -7,7 +7,6 @@ namespace App\Services;
 use App\Jobs\AddClientToDatabase;
 use DateTimeImmutable;
 use Lcobucci\JWT\Configuration;
 use Lcobucci\JWT\Token;
 class TokenService
 {
@ -19,7 +18,7 @@ class TokenService
        $config = resolve(Configuration::class);
        $token = $config->builder()
-            ->issuedAt(new DateTimeImmutable())
+            ->issuedAt(new DateTimeImmutable)
            ->withClaim('client_id', $data['client_id'])
            ->withClaim('me', $data['me'])
            ->withClaim('scope', $data['scope'])
@ -30,20 +29,4 @@ class TokenService
        return $token->toString();
    }
    /**
     * Check the token signature is valid.
     */
    public function validateToken(string $bearerToken): Token
    {
        $config = resolve('Lcobucci\JWT\Configuration');
        $token = $config->parser()->parse($bearerToken);
        $constraints = $config->validationConstraints();
        $config->validator()->assert($token, ...$constraints);
        return $token;
    }
 }
--- a/51
+++ b/51
@ -1,53 +1,16 @@
 #!/usr/bin/env php
 <?php
 use Symfony\Component\Console\Input\ArgvInput;
 define('LARAVEL_START', microtime(true));
-/*
+// Register the Composer autoloader...
 |--------------------------------------------------------------------------
 | Register The Auto Loader
 |--------------------------------------------------------------------------
 |
 | Composer provides a convenient, automatically generated class loader
 | for our application. We just need to utilize it! We'll require it
 | into the script here so that we do not have to worry about the
 | loading of any of our classes manually. It's great to relax.
 |
 */
 require __DIR__.'/vendor/autoload.php';
-$app = require_once __DIR__.'/bootstrap/app.php';
+// Bootstrap Laravel and handle the command...
-
+$status = (require_once __DIR__.'/bootstrap/app.php')
-/*
+    ->handleCommand(new ArgvInput);
 |--------------------------------------------------------------------------
 | Run The Artisan Application
 |--------------------------------------------------------------------------
 |
 | When we run the console application, the current CLI command will be
 | executed in this console and the response sent back to a terminal
 | or another output device for the developers. Here goes nothing!
 |
 */
 $kernel = $app->make(Illuminate\Contracts\Console\Kernel::class);
 $status = $kernel->handle(
    $input = new Symfony\Component\Console\Input\ArgvInput,
    new Symfony\Component\Console\Output\ConsoleOutput
 );
 /*
 |--------------------------------------------------------------------------
 | Shutdown The Application
 |--------------------------------------------------------------------------
 |
 | Once Artisan has finished running, we will fire off the shutdown events
 | so that any final work may be done by the application before we shut
 | down the process. This is the last thing to happen to the request.
 |
 */
 $kernel->terminate($input, $status);
 exit($status);
--- a/bootstrap/app.php
+++ b/bootstrap/app.php
@ -1,55 +1,28 @@
 <?php
-/*
+use App\Http\Middleware\LinkHeadersMiddleware;
-|--------------------------------------------------------------------------
+use Illuminate\Foundation\Application;
-| Create The Application
+use Illuminate\Foundation\Configuration\Exceptions;
-|--------------------------------------------------------------------------
+use Illuminate\Foundation\Configuration\Middleware;
 |
 | The first thing we will do is create a new Laravel application instance
 | which serves as the "glue" for all the components of Laravel, and is
 | the IoC container for the system binding all of the various parts.
 |
 */
-$app = new Illuminate\Foundation\Application(
+return Application::configure(basePath: dirname(__DIR__))
-    $_ENV['APP_BASE_PATH'] ?? dirname(__DIR__)
+    ->withRouting(
-);
+        web: __DIR__.'/../routes/web.php',
-
+        commands: __DIR__.'/../routes/console.php',
-/*
+        health: '/up',
-|--------------------------------------------------------------------------
+    )
-| Bind Important Interfaces
+    ->withMiddleware(function (Middleware $middleware) {
-|--------------------------------------------------------------------------
+        $middleware
-|
+            ->append(LinkHeadersMiddleware::class)
-| Next, we need to bind some important interfaces into the container so
+            ->validateCsrfTokens(except: [
-| we will be able to resolve them when needed. The kernels serve the
+                'auth',  // This is the IndieAuth auth endpoint
-| incoming requests to this application from both the web and CLI.
+                'token', // This is the IndieAuth token endpoint
-|
+                'api/post',
-*/
+                'api/media',
-
+                'micropub/places',
-$app->singleton(
+                'webmention',
-    Illuminate\Contracts\Http\Kernel::class,
+            ]);
-    App\Http\Kernel::class
+    })
-);
+    ->withExceptions(function (Exceptions $exceptions) {
-
+        //
-$app->singleton(
+    })->create();
    Illuminate\Contracts\Console\Kernel::class,
    App\Console\Kernel::class
 );
 $app->singleton(
    Illuminate\Contracts\Debug\ExceptionHandler::class,
    App\Exceptions\Handler::class
 );
 /*
 |--------------------------------------------------------------------------
 | Return The Application
 |--------------------------------------------------------------------------
 |
 | This script returns the application instance. The instance is given to
 | the calling script so we can separate the building of the instances
 | from the actual running of the application and sending responses.
 |
 */
 return $app;
--- a/bootstrap/providers.php
+++ b/bootstrap/providers.php
@ -0,0 +1,7 @@
 <?php
 return [
    App\Providers\AppServiceProvider::class,
    App\Providers\HorizonServiceProvider::class,
    App\Providers\MicropubServiceProvider::class,
 ];
--- a/composer.json
+++ b/composer.json
@ -1,7 +1,8 @@
 {
    "$schema": "https://getcomposer.org/schema.json",
    "name": "jonnybarnes/jonnybarnes.uk",
    "type": "project",
-    "description": "The code for jonnybarnes.uk, based on Laravel 10",
+    "description": "The code for jonnybarnes.uk, based on Laravel 11",
    "keywords": ["laravel", "framework", "indieweb"],
    "license": "CC0-1.0",
    "require": {
@ -10,43 +11,46 @@
        "ext-intl": "*",
        "ext-json": "*",
        "ext-pgsql": "*",
-        "cviebrock/eloquent-sluggable": "^10.0",
+        "ext-sodium": "*",
        "cviebrock/eloquent-sluggable": "^12.0",
        "guzzlehttp/guzzle": "^7.2",
        "indieauth/client": "^1.1",
        "intervention/image": "^3",
        "jonnybarnes/indieweb": "~0.2",
        "jonnybarnes/webmentions-parser": "~0.5",
        "jublonet/codebird-php": "4.0.0-beta.1",
-        "laravel/framework": "^10.10",
+        "laravel/framework": "^12.0",
        "laravel/horizon": "^5.0",
-        "laravel/sanctum": "^3.2",
+        "laravel/sanctum": "^4.0",
        "laravel/scout": "^10.1",
        "laravel/tinker": "^2.8",
        "lcobucci/jwt": "^5.0",
        "league/commonmark": "^2.0",
        "league/flysystem-aws-s3-v3": "^3.0",
        "mf2/mf2": "~0.3",
        "phpdocumentor/reflection-docblock": "^5.3",
        "spatie/commonmark-highlighter": "^3.0",
        "spatie/laravel-ignition": "^2.1",
        "symfony/html-sanitizer": "^7.0",
-        "web-auth/webauthn-lib": "^4.7"
+        "symfony/property-access": "^7.0",
        "symfony/serializer": "^7.0",
        "web-auth/webauthn-lib": "^5.0"
    },
    "require-dev": {
        "barryvdh/laravel-debugbar": "^3.0",
-        "barryvdh/laravel-ide-helper": "^2.6",
+        "barryvdh/laravel-ide-helper": "^3.0",
        "beyondcode/laravel-dump-server": "^1.0",
        "fakerphp/faker": "^1.9.2",
-        "laravel/dusk": "^7.0",
+        "laravel/dusk": "^8.0",
        "laravel/pail": "^1.2",
        "laravel/pint": "^1.0",
        "laravel/sail": "^1.18",
        "mockery/mockery": "^1.4.4",
-        "nunomaduro/collision": "^7.0",
+        "nunomaduro/collision": "^8.1",
-        "openai-php/client": "^0.8.0",
+        "openai-php/client": "^0.10.1",
-        "phpunit/php-code-coverage": "^10.0",
+        "phpunit/php-code-coverage": "^11.0",
-        "phpunit/phpunit": "^10.1",
+        "phpunit/phpunit": "^11.0",
        "psalm/plugin-laravel": "^2.8",
        "spatie/laravel-ray": "^1.12",
-        "vimeo/psalm": "^5.0"
+        "spatie/x-ray": "^1.2"
    },
    "autoload": {
        "psr-4": {
@ -75,7 +79,13 @@
            "@php -r \"file_exists('.env') || copy('.env.example', '.env');\""
        ],
        "post-create-project-cmd": [
-            "@php artisan key:generate --ansi"
+            "@php artisan key:generate --ansi",
            "@php -r \"file_exists('database/database.sqlite') || touch('database/database.sqlite');\"",
            "@php artisan migrate --graceful --ansi"
        ],
        "dev": [
            "Composer\\Config::disableProcessTimeout",
            "npx concurrently -c \"#93c5fd,#c4b5fd,#fb7185,#fdba74\" \"php artisan serve\" \"php artisan queue:listen --tries=1\" \"php artisan pail --timeout=0\" \"npm run dev\" --names=server,queue,logs,vite"
        ]
    },
    "extra": {
--- a/composer.lock
+++ b/composer.lock
--- a/config/app.php
+++ b/config/app.php
@ -1,8 +1,5 @@
 <?php
 use Illuminate\Support\Facades\Facade;
 use Illuminate\Support\ServiceProvider;
 return [
    /*
@ -10,9 +7,9 @@ return [
    | Application Name
    |--------------------------------------------------------------------------
    |
-    | This value is the name of your application. This value is used when the
+    | This value is the name of your application, which will be used when the
    | framework needs to place the application's name in a notification or
-    | any other location as required by the application or its packages.
+    | other UI elements where an application name needs to be displayed.
    |
    */
@ -51,22 +48,20 @@ return [
    |
    | This URL is used by the console to properly generate URLs when using
    | the Artisan command line tool. You should set this to the root of
-    | your application so that it is used when running Artisan tasks.
+    | the application so that it's available within Artisan commands.
    |
    */
    'url' => env('APP_URL', 'http://localhost'),
    'asset_url' => env('ASSET_URL'),
    /*
    |--------------------------------------------------------------------------
    | Application Timezone
    |--------------------------------------------------------------------------
    |
    | Here you may specify the default timezone for your application, which
-    | will be used by the PHP date and date-time functions. We have gone
+    | will be used by the PHP date and date-time functions. The timezone
-    | ahead and set this to a sensible default for you out of the box.
+    | is set to "UTC" by default as it is suitable for most use cases.
    |
    */
@ -78,53 +73,37 @@ return [
    |--------------------------------------------------------------------------
    |
    | The application locale determines the default locale that will be used
-    | by the translation service provider. You are free to set this value
+    | by Laravel's translation / localization methods. This option can be
-    | to any of the locales which will be supported by the application.
+    | set to any locale for which you plan to have translation strings.
    |
    */
-    'locale' => 'en',
+    'locale' => env('APP_LOCALE', 'en'),
-    /*
+    'fallback_locale' => env('APP_FALLBACK_LOCALE', 'en'),
    |--------------------------------------------------------------------------
    | Application Fallback Locale
    |--------------------------------------------------------------------------
    |
    | The fallback locale determines the locale to use when the current one
    | is not available. You may change the value to correspond to any of
    | the language folders that are provided through your application.
    |
    */
-    'fallback_locale' => 'en',
+    'faker_locale' => env('APP_FAKER_LOCALE', 'en_US'),
    /*
    |--------------------------------------------------------------------------
    | Faker Locale
    |--------------------------------------------------------------------------
    |
    | This locale will be used by the Faker PHP library when generating fake
    | data for your database seeds. For example, this will be used to get
    | localized telephone numbers, street address information and more.
    |
    */
    'faker_locale' => 'en_US',
    /*
    |--------------------------------------------------------------------------
    | Encryption Key
    |--------------------------------------------------------------------------
    |
-    | This key is used by the Illuminate encrypter service and should be set
+    | This key is utilized by Laravel's encryption services and should be set
-    | to a random, 32 character string, otherwise these encrypted strings
+    | to a random, 32 character string to ensure that all encrypted values
-    | will not be safe. Please do this before deploying an application!
+    | are secure. You should do this prior to deploying the application.
    |
    */
    'cipher' => 'AES-256-CBC',
    'key' => env('APP_KEY'),
-    'cipher' => 'AES-256-CBC',
+    'previous_keys' => [
        ...array_filter(
            explode(',', env('APP_PREVIOUS_KEYS', ''))
        ),
    ],
    /*
    |--------------------------------------------------------------------------
@ -140,50 +119,8 @@ return [
    */
    'maintenance' => [
-        'driver' => 'file',
+        'driver' => env('APP_MAINTENANCE_DRIVER', 'file'),
-        // 'store'  => 'redis',
+        'store' => env('APP_MAINTENANCE_STORE', 'database'),
    ],
    /*
    |--------------------------------------------------------------------------
    | Autoloaded Service Providers
    |--------------------------------------------------------------------------
    |
    | The service providers listed here will be automatically loaded on the
    | request to your application. Feel free to add your own services to
    | this array to grant expanded functionality to your applications.
    |
    */
    'providers' => ServiceProvider::defaultProviders()->merge([
        /*
         * Package Service Providers...
         */
        /*
         * Application Service Providers...
         */
        App\Providers\AppServiceProvider::class,
        App\Providers\AuthServiceProvider::class,
        // App\Providers\BroadcastServiceProvider::class,
        App\Providers\EventServiceProvider::class,
        App\Providers\HorizonServiceProvider::class,
        App\Providers\RouteServiceProvider::class,
    ])->toArray(),
    /*
    |--------------------------------------------------------------------------
    | Class Aliases
    |--------------------------------------------------------------------------
    |
    | This array of class aliases will be registered when this application
    | is started. However, feel free to register as many as you wish as
    | the aliases are "lazy" loaded so they don't hinder performance.
    |
    */
    'aliases' => Facade::defaultAliases()->merge([
        // 'Example' => App\Facades\Example::class,
    ])->toArray(),
 ];
--- a/Show more
+++ b/Show more