Authentik OAuth2 Provider for Laravel Socialite

5.2.0 2023-11-07 22:21 UTC

This package is auto-updated.

Last update: 2024-05-01 23:54:06 UTC


README

composer require socialiteproviders/authentik

Installation & Basic Usage

Please see the Base Installation Guide, then follow the provider specific instructions below.

Prepare OAuth provider & application in Authentik

Create a new OAuth provider within Authentik, according to the Authentik Documentation (https://goauthentik.io/docs/providers/oauth2/)

Add configuration to config/services.php

'authentik' => [
  'base_url' => env('AUTHENTIK_BASE_URL'),
  'client_id' => env('AUTHENTIK_CLIENT_ID'),
  'client_secret' => env('AUTHENTIK_CLIENT_SECRET'),
  'redirect' => env('AUTHENTIK_REDIRECT_URI')
],

Add provider event listener

Laravel 11+

In Laravel 11, the default EventServiceProvider provider was removed. Instead, add the listener using the listen method on the Event facade, in your AppServiceProvider boot method.

  • Note: You do not need to add anything for the built-in socialite providers unless you override them with your own providers.
Event::listen(function (\SocialiteProviders\Manager\SocialiteWasCalled $event) {
    $event->extendSocialite('authentik', \SocialiteProviders\Authentik\Provider::class);
});
Laravel 10 or below Configure the package's listener to listen for `SocialiteWasCalled` events.

Add the event to your listen[] array in app/Providers/EventServiceProvider. See the Base Installation Guide for detailed instructions.

protected $listen = [
    \SocialiteProviders\Manager\SocialiteWasCalled::class => [
        // ... other providers
        \SocialiteProviders\Authentik\AuthentikExtendSocialite::class.'@handle',
    ],
];

Usage

You should now be able to use the provider like you would regularly use Socialite (assuming you have the facade installed):

return Socialite::driver('authentik')->redirect();

To redirect to the authentication, and then:

$user = Socialite::driver('authentik')->user()

In the return function. The user will contain a name and email field populated from the OAuth source.