feat: 🛂 integrate Authentik authentication with Coolify

- Configured Authentik as the OAuth provider in Coolify.
coollabsio · Oct 13, 2024 · 96ef0ef · 96ef0ef
1 parent d54fa6a
commit 96ef0ef
Show file tree

Hide file tree

Showing 10 changed files with 112 additions and 0 deletions.
diff --git a/app/Livewire/SettingsOauth.php b/app/Livewire/SettingsOauth.php
@@ -17,6 +17,7 @@ protected function rules()
             $carry["oauth_settings_map.$setting->provider.client_secret"] = 'nullable';
             $carry["oauth_settings_map.$setting->provider.redirect_uri"] = 'nullable';
             $carry["oauth_settings_map.$setting->provider.tenant"] = 'nullable';
+            $carry["oauth_settings_map.$setting->provider.base_url"] = 'nullable';
 
             return $carry;
         }, []);

diff --git a/app/Providers/EventServiceProvider.php b/app/Providers/EventServiceProvider.php
@@ -21,6 +21,7 @@ class EventServiceProvider extends ServiceProvider
         ],
         \SocialiteProviders\Manager\SocialiteWasCalled::class => [
             \SocialiteProviders\Azure\AzureExtendSocialite::class.'@handle',
+            \SocialiteProviders\Authentik\AuthentikExtendSocialite::class.'@handle',
         ],
         ProxyStarted::class => [
             ProxyStartedNotification::class,

diff --git a/bootstrap/helpers/socialite.php b/bootstrap/helpers/socialite.php
@@ -18,6 +18,17 @@ function get_socialite_provider(string $provider)
         return Socialite::driver('azure')->setConfig($azure_config);
     }
 
+    if ($provider == 'authentik') {
+        $authentik_config = new \SocialiteProviders\Manager\Config(
+            $oauth_setting->client_id,
+            $oauth_setting->client_secret,
+            $oauth_setting->redirect_uri,
+            ['base_url' => $oauth_setting->base_url],
+        );
+
+        return Socialite::driver('authentik')->setConfig($authentik_config);
+    }
+
     $config = [
         'client_id' => $oauth_setting->client_id,
         'client_secret' => $oauth_setting->client_secret,

diff --git a/composer.json b/composer.json
@@ -35,6 +35,7 @@
         "pusher/pusher-php-server": "^7.2",
         "resend/resend-laravel": "^0.13.0",
         "sentry/sentry-laravel": "^4.6",
+        "socialiteproviders/authentik": "^5.2",
         "socialiteproviders/microsoft-azure": "^5.1",
         "spatie/laravel-activitylog": "^4.7.3",
         "spatie/laravel-data": "^3.4.3",

diff --git a/composer.lock b/composer.lock
diff --git a/config/services.php b/config/services.php
@@ -38,4 +38,11 @@
         'tenant' => env('AZURE_TENANT_ID'),
         'proxy' => env('AZURE_PROXY'),
     ],
+
+    'authentik' => [
+        'base_url' => env('AUTHENTIK_BASE_URL'),
+        'client_id' => env('AUTHENTIK_CLIENT_ID'),
+        'client_secret' => env('AUTHENTIK_CLIENT_SECRET'),
+        'redirect' => env('AUTHENTIK_REDIRECT_URI'),
+    ],
 ];
diff --git a/database/migrations/2024_09_29_163625_add_base_url_to_oauth_settings_table.php b/database/migrations/2024_09_29_163625_add_base_url_to_oauth_settings_table.php
@@ -0,0 +1,32 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+        Schema::table('oauth_settings', function (Blueprint $table) {
+            Schema::table('oauth_settings', function (Blueprint $table) {
+                $table->string('base_url')->nullable();
+            });
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+        Schema::table('oauth_settings', function (Blueprint $table) {
+            Schema::table('oauth_settings', function (Blueprint $table) {
+                $table->dropColumn('base_url');
+            });
+        });
+    }
+};
diff --git a/database/seeders/OauthSettingSeeder.php b/database/seeders/OauthSettingSeeder.php
@@ -32,5 +32,9 @@ public function run(): void
             'id' => 4,
             'provider' => 'google',
         ]);
+        OauthSetting::firstOrCreate([
+            'id' => 5,
+            'provider' => 'authentik',
+        ]);
     }
 }
diff --git a/lang/en.json b/lang/en.json
@@ -1,5 +1,6 @@
 {
     "auth.login": "Login",
+    "auth.login.authentik": "Login with Authentik",
     "auth.login.azure": "Login with Microsoft",
     "auth.login.bitbucket": "Login with Bitbucket",
     "auth.login.github": "Login with GitHub",

diff --git a/resources/views/livewire/settings-oauth.blade.php b/resources/views/livewire/settings-oauth.blade.php
@@ -32,6 +32,10 @@
                             <x-forms.input id="oauth_settings_map.{{ $oauth_setting->provider }}.tenant"
                                 label="Tenant" />
                         @endif
+                        @if ($oauth_setting->provider == 'authentik')
+                            <x-forms.input id="oauth_settings_map.{{ $oauth_setting->provider }}.base_url"
+                                label="Base URL" />
+                        @endif
                     </div>
                 </div>
             @endforeach