Add oauth support

- Support azure, bitbucket, github, gitlab, google providers - Add authentication page to settings Co-authored-by: Suraj Kumar <srjkmr1024@gmail.com> Co-authored-by: Michael Castanieto <mcastanieto@gmail.com> Co-authored-by: Mike Kim <m.kim4247@gmail.com>
2024-03-06 11:30:19 -05:00
parent 46ed17c99e
commit 1f37318f79
21 changed files with 563 additions and 4 deletions
--- a/app/Http/Controllers/OauthController.php
+++ b/app/Http/Controllers/OauthController.php
@@ -0,0 +1,35 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Http\Controllers\Controller;
+use App\Models\User;
+
+use Illuminate\Support\Facades\Auth;
+
+class OauthController extends Controller {
+    public function redirect(string $provider)
+    {
+        $socialite_provider = get_socialite_provider($provider);
+        return $socialite_provider->redirect();
+    }
+
+    public function callback(string $provider)
+    {
+        try {
+            $oauthUser = get_socialite_provider($provider)->user();
+            $user = User::whereEmail($oauthUser->email)->first();
+            if (!$user) {
+                $user = User::create([
+                    'name' => $oauthUser->name,
+                    'email' => $oauthUser->email,
+                ]);
+            }
+            Auth::login($user);
+            return redirect('/');
+        } catch (\Exception $e) {
+            ray($e->getMessage());
+            return redirect()->route('login')->withErrors([__('auth.failed.callback')]);
+        }
+    }
+}
--- a/app/Livewire/Settings/Auth.php
+++ b/app/Livewire/Settings/Auth.php
@@ -0,0 +1,43 @@
+<?php
+
+namespace App\Livewire\Settings;
+
+use Livewire\Component;
+use App\Models\OauthSetting;
+
+class Auth extends Component {
+    public $oauth_settings_map;
+
+    protected function rules() {
+        return OauthSetting::all()->reduce(function($carry, $setting) {
+            $carry["oauth_settings_map.$setting->provider.enabled"] = 'required';
+            $carry["oauth_settings_map.$setting->provider.client_id"] = 'nullable';
+            $carry["oauth_settings_map.$setting->provider.client_secret"] = 'nullable';
+            $carry["oauth_settings_map.$setting->provider.redirect_uri"] = 'nullable';
+            $carry["oauth_settings_map.$setting->provider.tenant"] = 'nullable';
+            return $carry;
+        }, []);
+    }
+
+    public function mount() {
+        $this->oauth_settings_map = OauthSetting::all()->reduce(function($carry, $setting) {
+            $carry[$setting->provider] = $setting;
+            return $carry;
+        }, []);
+    }
+
+    private function updateOauthSettings() {
+        foreach (array_values($this->oauth_settings_map) as &$setting) {
+            $setting->save();
+        }
+    }
+
+    public function instantSave() {
+        $this->updateOauthSettings();
+    }
+
+    public function submit() {
+        $this->updateOauthSettings();
+        $this->dispatch('success', 'Instance settings updated successfully!');
+    }
+}
--- a/app/Models/OauthSetting.php
+++ b/app/Models/OauthSetting.php
@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Casts\Attribute;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Support\Facades\Crypt;
+
+class OauthSetting extends Model
+{
+    use HasFactory;
+
+    protected function clientSecret(): Attribute
+    {
+        return Attribute::make(
+            get: fn (string | null $value) => empty($value) ? null : Crypt::decryptString($value),
+            set: fn (string | null $value) => empty($value) ? null : Crypt::encryptString($value),
+        );
+    }
+}
--- a/app/Providers/EventServiceProvider.php
+++ b/app/Providers/EventServiceProvider.php
@@ -20,6 +20,9 @@ class EventServiceProvider extends ServiceProvider
        // Registered::class => [
        //     SendEmailVerificationNotification::class,
        // ],
+        \SocialiteProviders\Manager\SocialiteWasCalled::class => [
+            \SocialiteProviders\Azure\AzureExtendSocialite::class.'@handle',
+        ],
    ];
    public function boot(): void
    {
--- a/app/Providers/FortifyServiceProvider.php
+++ b/app/Providers/FortifyServiceProvider.php
@@ -7,6 +7,7 @@ use App\Actions\Fortify\ResetUserPassword;
 use App\Actions\Fortify\UpdateUserPassword;
 use App\Actions\Fortify\UpdateUserProfileInformation;
 use App\Models\InstanceSettings;
+use App\Models\OauthSetting;
 use App\Models\User;
 use Illuminate\Cache\RateLimiting\Limit;
 use Illuminate\Http\Request;
@@ -56,13 +57,15 @@ class FortifyServiceProvider extends ServiceProvider

        Fortify::loginView(function () {
            $settings = InstanceSettings::get();
+            $enabled_oauth_providers = OauthSetting::where('enabled', true)->get();
            $users = User::count();
            if ($users == 0) {
                // If there are no users, redirect to registration
                return redirect()->route('register');
            }
            return view('auth.login', [
-                'is_registration_enabled' => $settings->is_registration_enabled
+                'is_registration_enabled' => $settings->is_registration_enabled,
+                'enabled_oauth_providers' => $enabled_oauth_providers,
            ]);
        });