WIP Extend SSO implementation with proper naming, add basic tests, re…

…name ENV key from OAUTH_ to SSO_ (#174 #194)
Kovah · Sep 18, 2024 · a9d92e8 · a9d92e8
1 parent 96be6ca
commit a9d92e8
Show file tree

Hide file tree

Showing 12 changed files with 292 additions and 159 deletions.
diff --git a/app/Http/Controllers/SocialiteController.php b/app/Http/Controllers/SocialiteController.php
@@ -24,10 +24,10 @@ public function callback(string $provider)
 
         // If a user with the provided email address already exists, register the oauth login
         if ($user = User::where('email', $authUser->getEmail())->first()) {
-            if ($user->sso_provider !== $provider) {
+            if ($user->sso_provider !== null && $user->sso_provider !== $provider) {
                 abort(403, trans('auth.sso_wrong_provider', [
-                    'currentProvider' => $provider,
-                    'userProvider' => $user->sso_provider,
+                    'currentProvider' => trans('auth.sso.' . $provider),
+                    'userProvider' => trans('auth.sso.' . $user->sso_provider),
                 ]));
             }
 
@@ -67,8 +67,12 @@ public function callback(string $provider)
 
     protected function authorizeOauthRequest(string $provider): void
     {
-        if (config('auth.oauth.enabled') !== true || !in_array($provider, config('auth.oauth.providers'))) {
-            abort(403, 'Login unauthorized');
+        if (config('auth.sso.enabled') !== true || !in_array($provider, config('auth.sso.providers'))) {
+            abort(403, trans('auth.unauthorized'));
+        }
+
+        if (config('services.' . $provider . '.enabled') !== true) {
+            abort(403, trans('auth.sso_provider_disabled'));
         }
     }
 }
diff --git a/composer.json b/composer.json
@@ -41,7 +41,7 @@
     "spatie/laravel-settings": "^3.2.3",
     "symfony/http-client": "^6.0",
     "symfony/mailgun-mailer": "^6.0",
-    "kovah/laravel-socialite-oidc": "^0.1"
+    "kovah/laravel-socialite-oidc": "^0.2.0"
   },
   "require-dev": {
     "barryvdh/laravel-debugbar": "^3.2",
@@ -50,7 +50,7 @@
     "fakerphp/faker": "^1.12",
     "laravel/tinker": "^2.2",
     "mockery/mockery": "^1.3",
-    "nunomaduro/collision": "^6.1",
+    "nunomaduro/collision": "^v7.10",
     "phpunit/phpunit": "^10.0",
     "roave/security-advisories": "dev-latest",
     "squizlabs/php_codesniffer": "^3.5"

diff --git a/composer.lock b/composer.lock
diff --git a/config/auth.php b/config/auth.php
@@ -20,12 +20,12 @@
 
     /*
     |--------------------------------------------------------------------------
-    | OAuth Settings
+    | Single Sign On Settings
     |--------------------------------------------------------------------------
     */
 
-    'oauth' => [
-        'enabled' => env('OAUTH_ENABLED', false),
+    'sso' => [
+        'enabled' => env('SSO_ENABLED', false),
         'regular_login_disabled' => env('REGULAR_LOGIN_DISABLED', false),
         'providers' => [
             'auth0',