From 14e85e0ec5e4bd8f14dced1203fc6f3651cf9ff8 Mon Sep 17 00:00:00 2001 From: Yaj Date: Mon, 27 Jan 2025 00:30:35 +0530 Subject: [PATCH 1/2] Add authelia provider --- monorepo-builder.yml | 1 + src/Authelia/AutheliaExtendSocialite.php | 13 ++++ src/Authelia/Provider.php | 70 +++++++++++++++++++++ src/Authelia/README.md | 78 ++++++++++++++++++++++++ src/Authelia/composer.json | 33 ++++++++++ 5 files changed, 195 insertions(+) create mode 100644 src/Authelia/AutheliaExtendSocialite.php create mode 100644 src/Authelia/Provider.php create mode 100644 src/Authelia/README.md create mode 100644 src/Authelia/composer.json diff --git a/monorepo-builder.yml b/monorepo-builder.yml index 4d691b7b2..0c19fc5e7 100644 --- a/monorepo-builder.yml +++ b/monorepo-builder.yml @@ -13,6 +13,7 @@ parameters: src/Asana: 'git@github.com:SocialiteProviders/Asana.git' src/Atlassian: 'git@github.com:SocialiteProviders/Atlassian.git' src/Auth0: 'git@github.com:SocialiteProviders/Auth0.git' + src/Authelia: 'git@github.com:SocialiteProviders/Authelia.git' src/Authentik: 'git@github.com:SocialiteProviders/Authentik.git' src/AutodeskAPS: 'git@github.com:SocialiteProviders/AutodeskAPS.git' src/Aweber: 'git@github.com:SocialiteProviders/Aweber.git' diff --git a/src/Authelia/AutheliaExtendSocialite.php b/src/Authelia/AutheliaExtendSocialite.php new file mode 100644 index 000000000..43a188075 --- /dev/null +++ b/src/Authelia/AutheliaExtendSocialite.php @@ -0,0 +1,13 @@ +extendSocialite('authelia', Provider::class); + } +} diff --git a/src/Authelia/Provider.php b/src/Authelia/Provider.php new file mode 100644 index 000000000..6c9bd160e --- /dev/null +++ b/src/Authelia/Provider.php @@ -0,0 +1,70 @@ +getConfig('base_url'); + if ($baseurl === null) { + throw new InvalidArgumentException('Missing base_url'); + } + + return rtrim($baseurl, '/'); + } + + protected function getAuthUrl($state): string + { + return $this->buildAuthUrlFromBase($this->getBaseUrl() . '/api/oidc/authorization', $state); + } + + protected function getTokenUrl(): string + { + return $this->getBaseUrl() . '/api/oidc/token'; + } + + /** + * {@inheritdoc} + */ + protected function getUserByToken($token) + { + $response = $this->getHttpClient()->get($this->getBaseUrl() . '/api/oidc/userinfo', [ + RequestOptions::HEADERS => [ + 'Authorization' => 'Bearer ' . $token, + ], + ]); + + return json_decode((string) $response->getBody(), true); + } + + /** + * {@inheritdoc} + */ + protected function mapUserToObject(array $user) + { + return (new User)->setRaw($user)->map([ + 'email' => $user['email'] ?? null, + 'email_verified' => $user['email_verified'] ?? null, + 'alt_emails' => $user['alt_emails'] ?? null, + 'name' => $user['name'] ?? null, + 'preferred_username' => $user['preferred_username'], + 'groups' => $user['groups'] ?? null, + 'id' => $user['sub'], + ]); + } +} diff --git a/src/Authelia/README.md b/src/Authelia/README.md new file mode 100644 index 000000000..769543a6a --- /dev/null +++ b/src/Authelia/README.md @@ -0,0 +1,78 @@ +# Authelia + +```bash +composer require socialiteproviders/authelia +``` + +## Installation & Basic Usage + +Please see the [Base Installation Guide](https://socialiteproviders.com/usage/), then follow the provider specific instructions below. + +### Prepare OAuth provider & client in Authelia + +Create a new OAuth provider and client within Authelia, according to the Authelia Documentation \ +Client: (https://www.authelia.com/configuration/identity-providers/openid-connect/clients/) \ +Provider: (https://www.authelia.com/configuration/identity-providers/openid-connect/provider/) + + +### Add configuration to `config/services.php` + +```php +'authelia' => [ + 'base_url' => env('AUTHELIA_BASE_URL'), + 'client_id' => env('AUTHELIA_CLIENT_ID'), + 'client_secret' => env('AUTHELIA_CLIENT_SECRET'), + 'redirect' => env('AUTHELIA_REDIRECT_URI') +], +``` + +### Add provider event listener + +#### Laravel 11+ + +In Laravel 11, the default `EventServiceProvider` provider was removed. Instead, add the listener using the `listen` method on the `Event` facade, in your `AppServiceProvider` `boot` method. + +* Note: You do not need to add anything for the built-in socialite providers unless you override them with your own providers. + +```php +Event::listen(function (\SocialiteProviders\Manager\SocialiteWasCalled $event) { + $event->extendSocialite('authelia', \SocialiteProviders\Authelia\Provider::class); +}); +``` +
+ +Laravel 10 or below + +Configure the package's listener to listen for `SocialiteWasCalled` events. + +Add the event to your `listen[]` array in `app/Providers/EventServiceProvider`. See the [Base Installation Guide](https://socialiteproviders.com/usage/) for detailed instructions. + +```php +protected $listen = [ + \SocialiteProviders\Manager\SocialiteWasCalled::class => [ + // ... other providers + \SocialiteProviders\Authelia\AutheliaExtendSocialite::class.'@handle', + ], +]; +``` +
+ +### Usage + +You should now be able to use the provider like you would regularly use Socialite (assuming you have the facade installed): + +```php +return Socialite::driver('authelia')->redirect(); +``` + +### Returned User Fields + +`Note`: For types and scope definitions refer https://www.authelia.com/integration/openid-connect/introduction/#scope-definitions \ + +- email +- email_verified +- alt_emails +- name +- preferred_username +- groups +- id \ No newline at end of file diff --git a/src/Authelia/composer.json b/src/Authelia/composer.json new file mode 100644 index 000000000..247b263fb --- /dev/null +++ b/src/Authelia/composer.json @@ -0,0 +1,33 @@ +{ + "name": "socialiteproviders/authelia", + "description": "Authelia OAuth2 Provider for Laravel Socialite", + "license": "MIT", + "keywords": [ + "authelia", + "laravel", + "oauth", + "provider", + "socialite" + ], + "authors": [ + { + "name": "yajtpg", + "email": "yajtpg@gmail.com" + } + ], + "support": { + "issues": "https://github.com/socialiteproviders/providers/issues", + "source": "https://github.com/socialiteproviders/providers", + "docs": "https://socialiteproviders.com/authentik" + }, + "require": { + "php": "^8.0", + "ext-json": "*", + "socialiteproviders/manager": "^4.8" + }, + "autoload": { + "psr-4": { + "SocialiteProviders\\Authelia\\": "" + } + } +} From 2fec0a521103165415d6ab21b3858105c60a3eef Mon Sep 17 00:00:00 2001 From: Yaj Date: Sun, 2 Feb 2025 18:17:41 +0530 Subject: [PATCH 2/2] Add requested changes --- src/Authelia/Provider.php | 11 +++++++---- src/Authelia/composer.json | 2 +- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/src/Authelia/Provider.php b/src/Authelia/Provider.php index 6c9bd160e..088b0abcd 100644 --- a/src/Authelia/Provider.php +++ b/src/Authelia/Provider.php @@ -11,7 +11,9 @@ class Provider extends AbstractProvider { public const IDENTIFIER = 'AUTHELIA'; - protected $scopes = ['openid profile email groups']; + protected $scopes = ['openid', 'profile', 'email', 'groups']; + + protected $scopeSeparator = ' '; public static function additionalConfigKeys(): array { @@ -20,12 +22,13 @@ public static function additionalConfigKeys(): array protected function getBaseUrl() { - $baseurl = $this->getConfig('base_url'); - if ($baseurl === null) { + $baseUrl = $this->getConfig('base_url'); + + if (empty($baseUrl)) { throw new InvalidArgumentException('Missing base_url'); } - return rtrim($baseurl, '/'); + return rtrim($baseUrl, '/'); } protected function getAuthUrl($state): string diff --git a/src/Authelia/composer.json b/src/Authelia/composer.json index 247b263fb..f9c30cb17 100644 --- a/src/Authelia/composer.json +++ b/src/Authelia/composer.json @@ -21,7 +21,7 @@ "docs": "https://socialiteproviders.com/authentik" }, "require": { - "php": "^8.0", + "php": "^8.2", "ext-json": "*", "socialiteproviders/manager": "^4.8" },