feat: add OIDC support

2026-01-13 15:07:49 +00:00 · 2025-08-03 11:58:00 +02:00 · 2025-08-03 11:58:00 +02:00 · 65b9162ef3
commit 65b9162ef3
parent d6dd1c5f31
12 changed files with 1256 additions and 644 deletions
--- a/app/Console/Commands/OidcTestCommand.php
+++ b/app/Console/Commands/OidcTestCommand.php
@ -0,0 +1,90 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use Laravel\Socialite\Facades\Socialite;
+
+class OidcTestCommand extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'oidc:test';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Test OIDC configuration and driver registration';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle()
+    {
+        $this->info('Testing OIDC Configuration...');
+        $this->newLine();
+
+        // Check if OIDC is enabled
+        $enabled = config('services.oidc.enabled');
+        $this->line("OIDC Enabled: " . ($enabled ? '✅ Yes' : '❌ No'));
+
+        // Check configuration values
+        $endpoint = config('services.oidc.endpoint');
+        $clientId = config('services.oidc.client_id');
+        $clientSecret = config('services.oidc.client_secret');
+        $redirect = config('services.oidc.redirect');
+        $scopes = config('services.oidc.scopes', []);
+
+        $this->line("OIDC Endpoint: " . ($endpoint ? "✅ {$endpoint}" : '❌ Not set'));
+        $this->line("Client ID: " . ($clientId ? "✅ {$clientId}" : '❌ Not set'));
+        $this->line("Client Secret: " . ($clientSecret ? '✅ Set' : '❌ Not set'));
+        $this->line("Redirect URL: " . ($redirect ? "✅ {$redirect}" : '❌ Not set'));
+        $this->line("Scopes: " . (empty($scopes) ? '❌ Not set' : '✅ ' . implode(', ', $scopes)));
+
+        $this->newLine();
+
+        // Test driver registration
+        try {
+            // Only test driver if we have basic configuration
+            if ($endpoint && $clientId && $clientSecret) {
+                $driver = Socialite::driver('oidc');
+                $this->line("OIDC Driver: ✅ Successfully registered and accessible");
+                
+                if ($enabled) {
+                    $this->info("✅ OIDC is fully configured and ready to use!");
+                    $this->line("You can test the login flow at: /auth/oidc/redirect");
+                } else {
+                    $this->warn("⚠️ OIDC driver is working but OIDC_ENABLED is false.");
+                }
+            } else {
+                $this->line("OIDC Driver: ✅ Registered (configuration test skipped due to missing values)");
+                $this->warn("⚠️ OIDC driver is registered but missing required configuration.");
+                $this->line("Please set the following environment variables:");
+                if (!$enabled) $this->line("  - OIDC_ENABLED=true");
+                if (!$endpoint) {
+                    $this->line("  - OIDC_ENDPOINT=https://your-oidc-provider.com  (base URL)");
+                    $this->line("    OR");
+                    $this->line("  - OIDC_ENDPOINT=https://your-oidc-provider.com/.well-known/openid-configuration  (full URL)");
+                }
+                if (!$clientId) $this->line("  - OIDC_CLIENT_ID=your-client-id");
+                if (!$clientSecret) $this->line("  - OIDC_CLIENT_SECRET=your-client-secret");
+            }
+        } catch (\InvalidArgumentException $e) {
+            if (str_contains($e->getMessage(), 'Driver [oidc] not supported')) {
+                $this->error("❌ OIDC Driver registration failed: Driver not supported");
+            } else {
+                $this->error("❌ OIDC Driver error: " . $e->getMessage());
+            }
+        } catch (\Exception $e) {
+            $this->warn("⚠️ OIDC Driver registered but configuration error: " . $e->getMessage());
+        }
+
+        $this->newLine();
+        return Command::SUCCESS;
+    }
+}