WIP: Transform RT delete into SF form

src/Surfnet/StepupSelfService/SelfServiceBundle/Controller/RecoveryTokenController.php

@@ -34,6 +34,7 @@
 use Surfnet\StepupSelfService\SelfServiceBundle\Command\PromiseSafeStorePossessionCommand;
 use Surfnet\StepupSelfService\SelfServiceBundle\Command\RevokeRecoveryTokenCommand;
 use Surfnet\StepupSelfService\SelfServiceBundle\Exception\LogicException;
+use Surfnet\StepupSelfService\SelfServiceBundle\Form\Type\RevokeRecoveryTokenType;
 use Surfnet\StepupSelfService\SelfServiceBundle\Form\Type\PromiseSafeStorePossessionType;
 use Surfnet\StepupSelfService\SelfServiceBundle\Service\SecondFactorService;
 use Surfnet\StepupSelfService\SelfServiceBundle\Service\SelfAssertedTokens\AuthenticationRequestFactory;
@@ -47,6 +48,7 @@
 use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
 use Symfony\Component\Routing\Attribute\Route;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use function sprintf;
 
 /**
  * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
@@ -207,29 +209,42 @@ public function proveSmsPossession(Request $request): Response
     #[Route(
         path: '/recovery-token/delete/{recoveryTokenId}',
         name: 'ss_recovery_token_delete',
-        methods: ['GET'],
+        methods: ['GET', 'POST'],
     )]
-    public function delete(string $recoveryTokenId): Response
+    public function delete(Request $request, string $recoveryTokenId): Response
     {
         $this->assertRecoveryTokenInPossession($recoveryTokenId, $this->getUser()->getIdentity());
         try {
             $recoveryToken = $this->recoveryTokenService->getRecoveryToken($recoveryTokenId);
             $command = new RevokeRecoveryTokenCommand();
             $command->identity = $this->getUser()->getIdentity();
             $command->recoveryToken = $recoveryToken;
-            $executionResult = $this->safeStoreService->revokeRecoveryToken($command);
-            if ($executionResult->getErrors() !== []) {
-                $this->addFlash('error', 'ss.form.recovery_token.delete.success');
-                foreach ($executionResult->getErrors() as $error) {
-                    $this->logger->error(sprintf('Recovery Token revocation failed with message: "%s"', $error));
+
+            $form = $this->createForm(RevokeRecoveryTokenType::class, $command)->handleRequest($request);
+
+            if ($form->isSubmitted() && $form->isValid()) {
+                $executionResult = $this->safeStoreService->revokeRecoveryToken($command);
+
+                if ($executionResult->isSuccessful()) {
+                    $this->addFlash('error', 'ss.form.recovery_token.delete.success');
+                } else {
+                    foreach ($executionResult->getErrors() as $error) {
+                        $this->logger->error(sprintf('Recovery Token revocation failed with message: "%s"', $error));
+                    }
+                    $this->addFlash('error', 'ss.form.recovery_token.delete.failed');
                 }
-                return $this->redirect($this->generateUrl('ss_second_factor_list'));
+                return $this->redirectToRoute('ss_second_factor_list');
             }
         } catch (NotFoundException) {
             throw new LogicException('Identity %s tried to remove an unpossessed recovery token');
         }
-        $this->addFlash('success', 'ss.form.recovery_token.delete.success');
-        return $this->redirect($this->generateUrl('ss_second_factor_list'));
+        return $this->render(
+            'second_factor/revoke-recovery-token.html.twig',
+            [
+                'form'         => $form->createView(),
+                'recoveryTokenId' => $recoveryTokenId,
+            ]
+        );
     }
 
     /**

src/Surfnet/StepupSelfService/SelfServiceBundle/Form/Type/RevokeRecoveryTokenType.php

@@ -0,0 +1,55 @@
+<?php
+
+declare(strict_types = 1);
+
+/**
+ * Copyright 2025 SURFnet bv
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+namespace Surfnet\StepupSelfService\SelfServiceBundle\Form\Type;
+
+use Surfnet\StepupSelfService\SelfServiceBundle\Command\RevokeRecoveryTokenCommand;
+use Symfony\Component\Form\AbstractType;
+use Symfony\Component\Form\Extension\Core\Type\SubmitType;
+use Symfony\Component\Form\FormBuilderInterface;
+use Symfony\Component\OptionsResolver\OptionsResolver;
+
+class RevokeRecoveryTokenType extends AbstractType
+{
+    public function buildForm(FormBuilderInterface $builder, array $options): void
+    {
+        $builder->add('delete', SubmitType::class, [
+            'label' => 'ss.form.ss_revoke_recovery_token.revoke',
+            'attr' => [ 'class' => 'btn btn-danger pull-right' ],
+        ]);
+        $builder->add('cancel', AnchorType::class, [
+            'label' => 'ss.form.ss_revoke_recovery_token.cancel',
+            'attr' => [ 'class' => 'btn pull-right' ],
+            'route' => 'ss_second_factor_list',
+        ]);
+    }
+
+    public function configureOptions(OptionsResolver $resolver): void
+    {
+        $resolver->setDefaults([
+            'data_class' => RevokeRecoveryTokenCommand::class,
+        ]);
+    }
+
+    public function getBlockPrefix(): string
+    {
+        return 'ss_revoke_recovery_token';
+    }
+}

templates/second_factor/revoke-recovery-token.html.twig

@@ -0,0 +1,21 @@
+{% extends "base.html.twig" %}
+{% import _self as macro %}
+
+{% block page_title %}{{ 'ss.recovery_token.revoke.title'|trans }}{% endblock %}
+
+{% block content %}
+    <h2>{{ block('page_title') }}</h2>
+
+    <p>{{ 'ss.recovery_token.revoke.text.are_you_sure'|trans }}</p>
+
+    <table class="table table-bordered">
+        <tbody>
+        <tr>
+            <th scope="row">{{ 'ss.recovery_token.revoke.table_header.recovery_token.identifier'|trans }}</th>
+            <td>{{ recoveryTokenId }}</td>
+        </tr>
+        </tbody>
+    </table>
+
+    {{ form(form) }}
+{% endblock %}