From 4a0cab8be3320e83a7f79defc8ab2e7b4b9c91bc Mon Sep 17 00:00:00 2001
From: Mike M <mikester70387@gmail.com>
Date: Sun, 16 Feb 2025 16:44:22 -0800
Subject: [PATCH] Added support for passing hd parameter to Google via existing
 tenant column in oauth_settings

---
 app/Providers/EventServiceProvider.php        |  2 +
 bootstrap/helpers/socialite.php               | 13 +++++-
 composer.json                                 |  3 +-
 composer.lock                                 | 43 ++++++++++++++++++-
 config/services.php                           |  8 ++++
 .../views/livewire/settings-oauth.blade.php   |  5 +++
 6 files changed, 71 insertions(+), 3 deletions(-)

diff --git a/app/Providers/EventServiceProvider.php b/app/Providers/EventServiceProvider.php
index 428f78cb5..d76ec3037 100644
--- a/app/Providers/EventServiceProvider.php
+++ b/app/Providers/EventServiceProvider.php
@@ -11,6 +11,7 @@ use Illuminate\Foundation\Events\MaintenanceModeEnabled;
 use Illuminate\Foundation\Support\Providers\EventServiceProvider as ServiceProvider;
 use SocialiteProviders\Authentik\AuthentikExtendSocialite;
 use SocialiteProviders\Azure\AzureExtendSocialite;
+use SocialiteProviders\Google\GoogleExtendSocialite;
 use SocialiteProviders\Infomaniak\InfomaniakExtendSocialite;
 use SocialiteProviders\Manager\SocialiteWasCalled;
 
@@ -26,6 +27,7 @@ class EventServiceProvider extends ServiceProvider
         SocialiteWasCalled::class => [
             AzureExtendSocialite::class.'@handle',
             AuthentikExtendSocialite::class.'@handle',
+            GoogleExtendSocialite::class.'@handle',
             InfomaniakExtendSocialite::class.'@handle',
         ],
         ProxyStarted::class => [
diff --git a/bootstrap/helpers/socialite.php b/bootstrap/helpers/socialite.php
index 09dffb78a..16870e33d 100644
--- a/bootstrap/helpers/socialite.php
+++ b/bootstrap/helpers/socialite.php
@@ -29,6 +29,18 @@ function get_socialite_provider(string $provider)
         return Socialite::driver('authentik')->setConfig($authentik_config);
     }
 
+    if ($provider == 'google') {
+        $google_config = new \SocialiteProviders\Manager\Config(
+            $oauth_setting->client_id,
+            $oauth_setting->client_secret,
+            $oauth_setting->redirect_uri
+        );
+
+        return Socialite::driver('google')
+            ->setConfig($google_config)
+            ->with(['hd' => $oauth_setting->tenant]);
+    }
+
     $config = [
         'client_id' => $oauth_setting->client_id,
         'client_secret' => $oauth_setting->client_secret,
@@ -39,7 +51,6 @@ function get_socialite_provider(string $provider)
         'bitbucket' => \Laravel\Socialite\Two\BitbucketProvider::class,
         'github' => \Laravel\Socialite\Two\GithubProvider::class,
         'gitlab' => \Laravel\Socialite\Two\GitlabProvider::class,
-        'google' => \Laravel\Socialite\Two\GoogleProvider::class,
         'infomaniak' => \SocialiteProviders\Infomaniak\Provider::class,
     ];
 
diff --git a/composer.json b/composer.json
index f01913b5f..e5aeb6126 100644
--- a/composer.json
+++ b/composer.json
@@ -40,6 +40,7 @@
         "resend/resend-laravel": "^0.15.0",
         "sentry/sentry-laravel": "^4.6",
         "socialiteproviders/authentik": "^5.2",
+        "socialiteproviders/google": "^4.1",
         "socialiteproviders/infomaniak": "^4.0",
         "socialiteproviders/microsoft-azure": "^5.1",
         "spatie/laravel-activitylog": "^4.7.3",
@@ -125,4 +126,4 @@
             "@php artisan key:generate --ansi"
         ]
     }
-}
\ No newline at end of file
+}
diff --git a/composer.lock b/composer.lock
index 97b40f7c7..5a7e04bbc 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "9c1a0833be38d1f058f216dcaa522077",
+    "content-hash": "dcf6b2f554372a570628d7f85184df7b",
     "packages": [
         {
             "name": "3sidedcube/laravel-redoc",
@@ -7474,6 +7474,47 @@
             },
             "time": "2023-11-07T22:21:16+00:00"
         },
+        {
+            "name": "socialiteproviders/google",
+            "version": "4.1.0",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/SocialiteProviders/Google-Plus.git",
+                "reference": "1cb8f6fb2c0dd0fc8b34e95f69865663fdf0b401"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/SocialiteProviders/Google-Plus/zipball/1cb8f6fb2c0dd0fc8b34e95f69865663fdf0b401",
+                "reference": "1cb8f6fb2c0dd0fc8b34e95f69865663fdf0b401",
+                "shasum": ""
+            },
+            "require": {
+                "ext-json": "*",
+                "php": "^7.2 || ^8.0",
+                "socialiteproviders/manager": "~4.0"
+            },
+            "type": "library",
+            "autoload": {
+                "psr-4": {
+                    "SocialiteProviders\\Google\\": ""
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "xstoop",
+                    "email": "myenglishnameisx@gmail.com"
+                }
+            ],
+            "description": "Google OAuth2 Provider for Laravel Socialite",
+            "support": {
+                "source": "https://github.com/SocialiteProviders/Google-Plus/tree/4.1.0"
+            },
+            "time": "2020-12-01T23:10:59+00:00"
+        },
         {
             "name": "socialiteproviders/infomaniak",
             "version": "4.0.0",
diff --git a/config/services.php b/config/services.php
index 46fd12ec3..d1c4a3699 100644
--- a/config/services.php
+++ b/config/services.php
@@ -45,4 +45,12 @@ return [
         'client_secret' => env('AUTHENTIK_CLIENT_SECRET'),
         'redirect' => env('AUTHENTIK_REDIRECT_URI'),
     ],
+
+    'google' => [
+        'client_id' => env('GOOGLE_CLIENT_ID'),
+        'client_secret' => env('GOOGLE_CLIENT_SECRET'),
+        'redirect' => env('GOOGLE_REDIRECT_URI'),
+        'tenant' => env('GOOGLE_TENANT'),
+    ],
+
 ];
diff --git a/resources/views/livewire/settings-oauth.blade.php b/resources/views/livewire/settings-oauth.blade.php
index 2f0d28cfc..7062ef4d4 100644
--- a/resources/views/livewire/settings-oauth.blade.php
+++ b/resources/views/livewire/settings-oauth.blade.php
@@ -32,6 +32,11 @@
                             <x-forms.input id="oauth_settings_map.{{ $oauth_setting->provider }}.tenant"
                                 label="Tenant" />
                         @endif
+                        @if ($oauth_setting->provider == 'google')
+                            <x-forms.input id="oauth_settings_map.{{ $oauth_setting->provider }}.tenant"
+                                helper="Optional parameter that supplies a hosted domain (HD) to Google, which<br>triggers a login hint to be displayed on the OAuth screen with this domain.<br><br><a class='underline dark:text-warning text-coollabs' href='https://developers.google.com/identity/openid-connect/openid-connect#hd-param' target='_blank'>Google Documentation</a>"
+                                label="Tenant" />
+                        @endif
                         @if ($oauth_setting->provider == 'authentik')
                             <x-forms.input id="oauth_settings_map.{{ $oauth_setting->provider }}.base_url"
                                 label="Base URL" />