pelican-dev · Boy132 · Nov 30, 2024 · Nov 18, 2024 · Nov 18, 2024 · Nov 18, 2024
@@ -3,9 +3,12 @@
 namespace App\Filament\Pages\Auth;
 
 use Coderflex\FilamentTurnstile\Forms\Components\Turnstile;
+use Filament\Forms\Components\Actions;
+use Filament\Forms\Components\Actions\Action;
 use Filament\Forms\Components\Component;
 use Filament\Forms\Components\TextInput;
 use Filament\Pages\Auth\Login as BaseLogin;
+use Illuminate\Support\Str;
 use Illuminate\Validation\ValidationException;
 
 class Login extends BaseLogin
@@ -19,6 +22,7 @@ protected function getForms(): array
                         $this->getLoginFormComponent(),
                         $this->getPasswordFormComponent(),
                         $this->getRememberFormComponent(),
+                        $this->getOAuthFormComponent(),
                         Turnstile::make('captcha')
                             ->hidden(!config('turnstile.turnstile_enabled'))
                             ->validationMessages([
@@ -49,6 +53,25 @@ protected function getLoginFormComponent(): Component
             ->extraInputAttributes(['tabindex' => 1]);
     }
 
+    protected function getOAuthFormComponent(): Component
+    {
+        $actions = [];
+
+        foreach (config('auth.oauth') as $name => $data) {
+            if (!$data['enabled']) {
+                continue;
+            }
+
+            $actions[] = Action::make("oauth_$name")
+                ->label(Str::title($name))
+                ->icon($data['icon'])
+                ->color($data['color'])
+                ->url(route('auth.oauth.redirect', ['driver' => $name], false));
+        }
+
+        return Actions::make($actions);
+    }
+
     protected function getCredentialsFromFormData(array $data): array
     {
         $loginType = filter_var($data['login'], FILTER_VALIDATE_EMAIL) ? 'email' : 'username';

@@ -9,13 +9,15 @@
 use App\Models\User;
 use App\Services\Users\ToggleTwoFactorService;
 use App\Services\Users\TwoFactorSetupService;
+use App\Services\Users\UserUpdateService;
 use chillerlan\QRCode\Common\EccLevel;
 use chillerlan\QRCode\Common\Version;
 use chillerlan\QRCode\QRCode;
 use chillerlan\QRCode\QROptions;
 use Closure;
 use DateTimeZone;
 use Exception;
+use Filament\Forms\Components\Actions;
 use Filament\Forms\Components\Actions\Action;
 use Filament\Forms\Components\Grid;
 use Filament\Forms\Components\Placeholder;
@@ -33,7 +35,9 @@
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\HtmlString;
+use Illuminate\Support\Str;
 use Illuminate\Validation\Rules\Password;
+use Laravel\Socialite\Facades\Socialite;
 
 /**
  * @method User getUser()
@@ -113,6 +117,53 @@ protected function getForms(): array
                                             ->options(fn (User $user) => $user->getAvailableLanguages()),
                                     ]),
 
+                                Tab::make('OAuth')
+                                    ->icon('tabler-brand-oauth')
+                                    ->visible(function () {
+                                        foreach (config('auth.oauth') as $name => $data) {
+                                            if ($data['enabled']) {
+                                                return true;
+                                            }
+                                        }
+
+                                        return false;
+                                    })
+                                    ->schema(function () {
+                                        $providers = [];
+
+                                        foreach (config('auth.oauth') as $name => $data) {
+                                            if (!$data['enabled']) {
+                                                continue;
+                                            }
+
+                                            $unlink = array_key_exists($name, $this->getUser()->oauth);
+
+                                            $providers[] = Action::make("oauth_$name")
+                                                ->label(($unlink ? 'Unlink ' : 'Link ') . Str::title($name))
+                                                ->icon($unlink ? 'tabler-unlink' : 'tabler-link')
+                                                ->color($data['color'])
+                                                ->action(function (UserUpdateService $updateService) use ($name, $unlink) {
+                                                    if ($unlink) {
+                                                        $oauth = auth()->user()->oauth;
+                                                        unset($oauth[$name]);
+
+                                                        $updateService->handle(auth()->user(), ['oauth' => $oauth]);
+
+                                                        $this->fillForm();
+
+                                                        Notification::make()
+                                                            ->title("OAuth provider '$name' unlinked")
+                                                            ->success()
+                                                            ->send();
+                                                    } elseif (config("auth.oauth.$name.enabled")) {
+                                                        redirect(Socialite::with($name)->redirect()->getTargetUrl());
+                                                    }
+                                                });
+                                        }
+
+                                        return [Actions::make($providers)];
+                                    }),
+
                                 Tab::make('2FA')
                                     ->icon('tabler-shield-lock')
                                     ->schema(function (TwoFactorSetupService $setupService) {

@@ -2,6 +2,8 @@
 
 namespace App\Http\Controllers\Auth;
 
+use App\Filament\Resources\UserResource\Pages\EditProfile;
+use Filament\Notifications\Notification;
 use Illuminate\Auth\AuthManager;
 use Illuminate\Http\RedirectResponse;
 use Laravel\Socialite\Facades\Socialite;
@@ -26,6 +28,11 @@ public function __construct(
      */
     protected function redirect(string $driver): RedirectResponse
     {
+        // Driver is disabled - redirect to normal login
+        if (!config("auth.oauth.$driver.enabled")) {
+            return redirect()->route('auth.login');
+        }
+
         return Socialite::with($driver)->redirect();
     }
 
@@ -34,6 +41,11 @@ protected function redirect(string $driver): RedirectResponse
      */
     protected function callback(Request $request, string $driver): RedirectResponse
     {
+        // Driver is disabled - redirect to normal login
+        if (!config("auth.oauth.$driver.enabled")) {
+            return redirect()->route('auth.login');
+        }
+
         $oauthUser = Socialite::driver($driver)->user();
 
         // User is already logged in and wants to link a new OAuth Provider
@@ -43,15 +55,21 @@ protected function callback(Request $request, string $driver): RedirectResponse
 
             $this->updateService->handle($request->user(), ['oauth' => $oauth]);
 
-            return redirect()->route('account');
+            return redirect(EditProfile::getUrl(['tab' => '-oauth-tab']));
         }
 
         try {
             $user = User::query()->whereJsonContains('oauth->'. $driver, $oauthUser->getId())->firstOrFail();
 
             $this->auth->guard()->login($user, true);
-        } catch (Exception $e) {
+        } catch (Exception) {
             // No user found - redirect to normal login
+            Notification::make()
+                ->title('No linked User found')
+                ->danger()
+                ->persistent()
+                ->send();
+
             return redirect()->route('auth.login');
         }
 

@@ -18,7 +18,6 @@
 use Illuminate\Support\Facades\Http;
 use Illuminate\Support\ServiceProvider;
 use Laravel\Sanctum\Sanctum;
-use SocialiteProviders\Discord\Provider;
 use SocialiteProviders\Manager\SocialiteWasCalled;
 
 class AppServiceProvider extends ServiceProvider
@@ -62,8 +61,19 @@ public function boot(Application $app): void
         Scramble::registerApi('client', ['api_path' => 'api/client', 'info' => ['version' => '1.0']])->afterOpenApiGenerated($bearerTokens);
         Scramble::registerApi('remote', ['api_path' => 'api/remote', 'info' => ['version' => '1.0']])->afterOpenApiGenerated($bearerTokens);
 
-        Event::listen(function (SocialiteWasCalled $event) {
-            $event->extendSocialite('discord', Provider::class);
+        $oauthProviders = [];
+        foreach (config('auth.oauth') as $name => $data) {
+            config()->set("services.$name", array_merge($data['service'], ['redirect' => "/auth/oauth/callback/$name"]));
+
+            if (isset($data['provider'])) {
+                $oauthProviders[$name] = $data['provider'];
+            }
+        }
+
+        Event::listen(function (SocialiteWasCalled $event) use ($oauthProviders) {
+            foreach ($oauthProviders as $name => $provider) {
+                $event->extendSocialite($name, $provider);
+            }
         });
 
         FilamentColor::register([

@@ -30,7 +30,9 @@
         "predis/predis": "~2.1.1",
         "ryangjchandler/blade-tabler-icons": "^2.3",
         "s1lentium/iptools": "~1.2.0",
+        "socialiteproviders/authentik": "^5.2",
         "socialiteproviders/discord": "^4.2",
+        "socialiteproviders/steam": "^4.2",
         "spatie/laravel-fractal": "^6.2",
         "spatie/laravel-permission": "^6.9",
         "spatie/laravel-query-builder": "^5.8.1",