diff --git a/app/Livewire/SettingsOauth.php b/app/Livewire/SettingsOauth.php
index c3884589f6..472d35ba0e 100644
--- a/app/Livewire/SettingsOauth.php
+++ b/app/Livewire/SettingsOauth.php
@@ -17,6 +17,7 @@ protected function rules()
$carry["oauth_settings_map.$setting->provider.client_secret"] = 'nullable';
$carry["oauth_settings_map.$setting->provider.redirect_uri"] = 'nullable';
$carry["oauth_settings_map.$setting->provider.tenant"] = 'nullable';
+ $carry["oauth_settings_map.$setting->provider.base_url"] = 'nullable';
return $carry;
}, []);
diff --git a/app/Providers/EventServiceProvider.php b/app/Providers/EventServiceProvider.php
index 7ba72e10d4..2147495fa6 100644
--- a/app/Providers/EventServiceProvider.php
+++ b/app/Providers/EventServiceProvider.php
@@ -21,6 +21,7 @@ class EventServiceProvider extends ServiceProvider
],
\SocialiteProviders\Manager\SocialiteWasCalled::class => [
\SocialiteProviders\Azure\AzureExtendSocialite::class.'@handle',
+ \SocialiteProviders\Authentik\AuthentikExtendSocialite::class.'@handle',
],
ProxyStarted::class => [
ProxyStartedNotification::class,
diff --git a/bootstrap/helpers/socialite.php b/bootstrap/helpers/socialite.php
index a23dc24d3e..2922f5a000 100644
--- a/bootstrap/helpers/socialite.php
+++ b/bootstrap/helpers/socialite.php
@@ -18,6 +18,17 @@ function get_socialite_provider(string $provider)
return Socialite::driver('azure')->setConfig($azure_config);
}
+ if ($provider == 'authentik') {
+ $authentik_config = new \SocialiteProviders\Manager\Config(
+ $oauth_setting->client_id,
+ $oauth_setting->client_secret,
+ $oauth_setting->redirect_uri,
+ ['base_url' => $oauth_setting->base_url],
+ );
+
+ return Socialite::driver('authentik')->setConfig($authentik_config);
+ }
+
$config = [
'client_id' => $oauth_setting->client_id,
'client_secret' => $oauth_setting->client_secret,
diff --git a/composer.json b/composer.json
index 17432c5320..3ee4abaaea 100644
--- a/composer.json
+++ b/composer.json
@@ -35,6 +35,7 @@
"pusher/pusher-php-server": "^7.2",
"resend/resend-laravel": "^0.13.0",
"sentry/sentry-laravel": "^4.6",
+ "socialiteproviders/authentik": "^5.2",
"socialiteproviders/microsoft-azure": "^5.1",
"spatie/laravel-activitylog": "^4.7.3",
"spatie/laravel-data": "^3.4.3",
diff --git a/composer.lock b/composer.lock
index fffb320d3c..066f926f11 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
- "content-hash": "96f8146407d0e6e897ff097c5eccd3a4",
+ "content-hash": "76aec5f8bea9ba4c6690d45cf692fdb0",
"packages": [
{
"name": "amphp/amp",
@@ -7581,6 +7581,56 @@
],
"time": "2024-08-15T19:03:01+00:00"
},
+ {
+ "name": "socialiteproviders/authentik",
+ "version": "5.2.0",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/SocialiteProviders/Authentik.git",
+ "reference": "4cf129cf04728a38e0531c54454464b162f0fa66"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/SocialiteProviders/Authentik/zipball/4cf129cf04728a38e0531c54454464b162f0fa66",
+ "reference": "4cf129cf04728a38e0531c54454464b162f0fa66",
+ "shasum": ""
+ },
+ "require": {
+ "ext-json": "*",
+ "php": "^8.0",
+ "socialiteproviders/manager": "^4.4"
+ },
+ "type": "library",
+ "autoload": {
+ "psr-4": {
+ "SocialiteProviders\\Authentik\\": ""
+ }
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "MIT"
+ ],
+ "authors": [
+ {
+ "name": "rf152",
+ "email": "git@rf152.co.uk"
+ }
+ ],
+ "description": "Authentik OAuth2 Provider for Laravel Socialite",
+ "keywords": [
+ "authentik",
+ "laravel",
+ "oauth",
+ "provider",
+ "socialite"
+ ],
+ "support": {
+ "docs": "https://socialiteproviders.com/authentik",
+ "issues": "https://github.com/socialiteproviders/providers/issues",
+ "source": "https://github.com/socialiteproviders/providers"
+ },
+ "time": "2023-11-07T22:21:16+00:00"
+ },
{
"name": "socialiteproviders/manager",
"version": "v4.6.0",
diff --git a/config/services.php b/config/services.php
index 9fd55870f2..46fd12ec33 100644
--- a/config/services.php
+++ b/config/services.php
@@ -38,4 +38,11 @@
'tenant' => env('AZURE_TENANT_ID'),
'proxy' => env('AZURE_PROXY'),
],
+
+ 'authentik' => [
+ 'base_url' => env('AUTHENTIK_BASE_URL'),
+ 'client_id' => env('AUTHENTIK_CLIENT_ID'),
+ 'client_secret' => env('AUTHENTIK_CLIENT_SECRET'),
+ 'redirect' => env('AUTHENTIK_REDIRECT_URI'),
+ ],
];
diff --git a/database/migrations/2024_09_29_163625_add_base_url_to_oauth_settings_table.php b/database/migrations/2024_09_29_163625_add_base_url_to_oauth_settings_table.php
new file mode 100644
index 0000000000..8df9b48a21
--- /dev/null
+++ b/database/migrations/2024_09_29_163625_add_base_url_to_oauth_settings_table.php
@@ -0,0 +1,32 @@
+string('base_url')->nullable();
+ });
+ });
+ }
+
+ /**
+ * Reverse the migrations.
+ */
+ public function down(): void
+ {
+ Schema::table('oauth_settings', function (Blueprint $table) {
+ Schema::table('oauth_settings', function (Blueprint $table) {
+ $table->dropColumn('base_url');
+ });
+ });
+ }
+};
diff --git a/database/seeders/OauthSettingSeeder.php b/database/seeders/OauthSettingSeeder.php
index 16abf9e04b..d0365c5424 100644
--- a/database/seeders/OauthSettingSeeder.php
+++ b/database/seeders/OauthSettingSeeder.php
@@ -32,5 +32,9 @@ public function run(): void
'id' => 4,
'provider' => 'google',
]);
+ OauthSetting::firstOrCreate([
+ 'id' => 5,
+ 'provider' => 'authentik',
+ ]);
}
}
diff --git a/lang/en.json b/lang/en.json
index fa69c7035a..383bbda025 100644
--- a/lang/en.json
+++ b/lang/en.json
@@ -1,5 +1,6 @@
{
"auth.login": "Login",
+ "auth.login.authentik": "Login with Authentik",
"auth.login.azure": "Login with Microsoft",
"auth.login.bitbucket": "Login with Bitbucket",
"auth.login.github": "Login with GitHub",
diff --git a/resources/views/livewire/settings-oauth.blade.php b/resources/views/livewire/settings-oauth.blade.php
index 9a94d3c2b1..2362ad8804 100644
--- a/resources/views/livewire/settings-oauth.blade.php
+++ b/resources/views/livewire/settings-oauth.blade.php
@@ -32,6 +32,10 @@
@endif
+ @if ($oauth_setting->provider == 'authentik')
+
+ @endif
@endforeach