Add authelia provider (#1326)

monorepo-builder.yml

@@ -13,6 +13,7 @@ parameters:
     src/Asana: 'git@github.com:SocialiteProviders/Asana.git'
     src/Atlassian: 'git@github.com:SocialiteProviders/Atlassian.git'
     src/Auth0: 'git@github.com:SocialiteProviders/Auth0.git'
+    src/Authelia: 'git@github.com:SocialiteProviders/Authelia.git'
     src/Authentik: 'git@github.com:SocialiteProviders/Authentik.git'
     src/AutodeskAPS: 'git@github.com:SocialiteProviders/AutodeskAPS.git'
     src/Aweber: 'git@github.com:SocialiteProviders/Aweber.git'

src/Authelia/AutheliaExtendSocialite.php

@@ -0,0 +1,13 @@
+<?php
+
+namespace SocialiteProviders\Authelia;
+
+use SocialiteProviders\Manager\SocialiteWasCalled;
+
+class AutheliaExtendSocialite
+{
+    public function handle(SocialiteWasCalled $socialiteWasCalled): void
+    {
+        $socialiteWasCalled->extendSocialite('authelia', Provider::class);
+    }
+}

src/Authelia/Provider.php

@@ -0,0 +1,73 @@
+<?php
+
+namespace SocialiteProviders\Authelia;
+
+use GuzzleHttp\RequestOptions;
+use InvalidArgumentException;
+use SocialiteProviders\Manager\OAuth2\AbstractProvider;
+use SocialiteProviders\Manager\OAuth2\User;
+
+class Provider extends AbstractProvider
+{
+    public const IDENTIFIER = 'AUTHELIA';
+
+    protected $scopes = ['openid', 'profile', 'email', 'groups'];
+
+    protected $scopeSeparator = ' ';
+
+    public static function additionalConfigKeys(): array
+    {
+        return ['base_url'];
+    }
+
+    protected function getBaseUrl()
+    {
+        $baseUrl = $this->getConfig('base_url');
+
+        if (empty($baseUrl)) {
+            throw new InvalidArgumentException('Missing base_url');
+        }
+
+        return rtrim($baseUrl, '/');
+    }
+
+    protected function getAuthUrl($state): string
+    {
+        return $this->buildAuthUrlFromBase($this->getBaseUrl() . '/api/oidc/authorization', $state);
+    }
+
+    protected function getTokenUrl(): string
+    {
+        return $this->getBaseUrl() . '/api/oidc/token';
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function getUserByToken($token)
+    {
+        $response = $this->getHttpClient()->get($this->getBaseUrl() . '/api/oidc/userinfo', [
+            RequestOptions::HEADERS => [
+                'Authorization' => 'Bearer ' . $token,
+            ],
+        ]);
+
+        return json_decode((string) $response->getBody(), true);
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function mapUserToObject(array $user)
+    {
+        return (new User)->setRaw($user)->map([
+            'email'              => $user['email'] ?? null,
+            'email_verified'     => $user['email_verified'] ?? null,
+            'alt_emails'         => $user['alt_emails'] ?? null,
+            'name'               => $user['name'] ?? null,
+            'preferred_username' => $user['preferred_username'],
+            'groups'             => $user['groups'] ?? null,
+            'id'                 => $user['sub'],
+        ]);
+    }
+}

src/Authelia/README.md

@@ -0,0 +1,78 @@
+# Authelia
+
+```bash
+composer require socialiteproviders/authelia
+```
+
+## Installation & Basic Usage
+
+Please see the [Base Installation Guide](https://socialiteproviders.com/usage/), then follow the provider specific instructions below.
+
+### Prepare OAuth provider & client in Authelia
+
+Create a new OAuth provider and client within Authelia, according to the Authelia Documentation \
+Client: (https://www.authelia.com/configuration/identity-providers/openid-connect/clients/) \
+Provider: (https://www.authelia.com/configuration/identity-providers/openid-connect/provider/)
+
+
+### Add configuration to `config/services.php`
+
+```php
+'authelia' => [
+  'base_url' => env('AUTHELIA_BASE_URL'),
+  'client_id' => env('AUTHELIA_CLIENT_ID'),
+  'client_secret' => env('AUTHELIA_CLIENT_SECRET'),
+  'redirect' => env('AUTHELIA_REDIRECT_URI')
+],
+```
+
+### Add provider event listener
+
+#### Laravel 11+
+
+In Laravel 11, the default `EventServiceProvider` provider was removed. Instead, add the listener using the `listen` method on the `Event` facade, in your `AppServiceProvider` `boot` method.
+
+* Note: You do not need to add anything for the built-in socialite providers unless you override them with your own providers.
+
+```php
+Event::listen(function (\SocialiteProviders\Manager\SocialiteWasCalled $event) {
+    $event->extendSocialite('authelia', \SocialiteProviders\Authelia\Provider::class);
+});
+```
+<details>
+<summary>
+Laravel 10 or below
+</summary>
+Configure the package's listener to listen for `SocialiteWasCalled` events.
+
+Add the event to your `listen[]` array in `app/Providers/EventServiceProvider`. See the [Base Installation Guide](https://socialiteproviders.com/usage/) for detailed instructions.
+
+```php
+protected $listen = [
+    \SocialiteProviders\Manager\SocialiteWasCalled::class => [
+        // ... other providers
+        \SocialiteProviders\Authelia\AutheliaExtendSocialite::class.'@handle',
+    ],
+];
+```
+</details>
+
+### Usage
+
+You should now be able to use the provider like you would regularly use Socialite (assuming you have the facade installed):
+
+```php
+return Socialite::driver('authelia')->redirect();
+```
+
+### Returned User Fields
+
+`Note`: For types and scope definitions refer https://www.authelia.com/integration/openid-connect/introduction/#scope-definitions \
+
+- email
+- email_verified
+- alt_emails
+- name
+- preferred_username
+- groups
+- id

src/Authelia/composer.json

@@ -0,0 +1,33 @@
+{
+    "name": "socialiteproviders/authelia",
+    "description": "Authelia OAuth2 Provider for Laravel Socialite",
+    "license": "MIT",
+    "keywords": [
+        "authelia",
+        "laravel",
+        "oauth",
+        "provider",
+        "socialite"
+    ],
+    "authors": [
+        {
+            "name": "yajtpg",
+            "email": "yajtpg@gmail.com"
+        }
+    ],
+    "support": {
+        "issues": "https://github.com/socialiteproviders/providers/issues",
+        "source": "https://github.com/socialiteproviders/providers",
+        "docs": "https://socialiteproviders.com/authentik"
+    },
+    "require": {
+        "php": "^8.2",
+        "ext-json": "*",
+        "socialiteproviders/manager": "^4.8"
+    },
+    "autoload": {
+        "psr-4": {
+            "SocialiteProviders\\Authelia\\": ""
+        }
+    }
+}