mirror of
				https://github.com/pelican-dev/panel.git
				synced 2025-10-25 13:36:51 +02:00 
			
		
		
		
	 b208835ed4
			
		
	
	
		b208835ed4
		
			
		
	
	
	
	
		
			
			* better oauth provider loading * add auth frontend * add configs for all default providers * add more default providers * add env variables to enable oauth providers * small refactor to link/ unlink routes * add oauth tab to (admin) profile * use redirects instead of exceptions * add notification if no oauth user is found * use import in config * remove whmcs provider * replace hardcoded links with `route` * redirect to account page on unlink * remove unnecessary controller and handle linking/ unlinking in action * only show oauth tab if at least one oauth provider is enabled
		
			
				
	
	
		
			109 lines
		
	
	
		
			4.1 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
			
		
		
	
	
			109 lines
		
	
	
		
			4.1 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
| <?php
 | |
| 
 | |
| namespace App\Providers;
 | |
| 
 | |
| use App\Models;
 | |
| use App\Models\ApiKey;
 | |
| use App\Models\Node;
 | |
| use App\Models\User;
 | |
| use Dedoc\Scramble\Scramble;
 | |
| use Dedoc\Scramble\Support\Generator\OpenApi;
 | |
| use Dedoc\Scramble\Support\Generator\SecurityScheme;
 | |
| use Filament\Support\Colors\Color;
 | |
| use Filament\Support\Facades\FilamentColor;
 | |
| use Illuminate\Database\Eloquent\Relations\Relation;
 | |
| use Illuminate\Foundation\Application;
 | |
| use Illuminate\Support\Facades\Event;
 | |
| use Illuminate\Support\Facades\Gate;
 | |
| use Illuminate\Support\Facades\Http;
 | |
| use Illuminate\Support\Facades\URL;
 | |
| use Illuminate\Support\ServiceProvider;
 | |
| use Illuminate\Support\Str;
 | |
| use Laravel\Sanctum\Sanctum;
 | |
| use SocialiteProviders\Manager\SocialiteWasCalled;
 | |
| 
 | |
| class AppServiceProvider extends ServiceProvider
 | |
| {
 | |
|     /**
 | |
|      * Bootstrap any application services.
 | |
|      */
 | |
|     public function boot(Application $app): void
 | |
|     {
 | |
|         // If the APP_URL value is set with https:// make sure we force it here. Theoretically
 | |
|         // this should just work with the proxy logic, but there are a lot of cases where it
 | |
|         // doesn't, and it triggers a lot of support requests, so lets just head it off here.
 | |
|         URL::forceHttps(Str::startsWith(config('app.url') ?? '', 'https://'));
 | |
| 
 | |
|         Relation::enforceMorphMap([
 | |
|             'allocation' => Models\Allocation::class,
 | |
|             'api_key' => Models\ApiKey::class,
 | |
|             'backup' => Models\Backup::class,
 | |
|             'database' => Models\Database::class,
 | |
|             'egg' => Models\Egg::class,
 | |
|             'egg_variable' => Models\EggVariable::class,
 | |
|             'schedule' => Models\Schedule::class,
 | |
|             'server' => Models\Server::class,
 | |
|             'ssh_key' => Models\UserSSHKey::class,
 | |
|             'task' => Models\Task::class,
 | |
|             'user' => Models\User::class,
 | |
|         ]);
 | |
| 
 | |
|         Http::macro(
 | |
|             'daemon',
 | |
|             fn (Node $node, array $headers = []) => Http::acceptJson()
 | |
|                 ->asJson()
 | |
|                 ->withToken($node->daemon_token)
 | |
|                 ->withHeaders($headers)
 | |
|                 ->withOptions(['verify' => (bool) $app->environment('production')])
 | |
|                 ->timeout(config('panel.guzzle.timeout'))
 | |
|                 ->connectTimeout(config('panel.guzzle.connect_timeout'))
 | |
|                 ->baseUrl($node->getConnectionAddress())
 | |
|         );
 | |
| 
 | |
|         Sanctum::usePersonalAccessTokenModel(ApiKey::class);
 | |
| 
 | |
|         $bearerTokens = fn (OpenApi $openApi) => $openApi->secure(SecurityScheme::http('bearer'));
 | |
|         Gate::define('viewApiDocs', fn () => true);
 | |
|         Scramble::registerApi('application', ['api_path' => 'api/application', 'info' => ['version' => '1.0']]);
 | |
|         Scramble::registerApi('client', ['api_path' => 'api/client', 'info' => ['version' => '1.0']])->afterOpenApiGenerated($bearerTokens);
 | |
|         Scramble::registerApi('remote', ['api_path' => 'api/remote', 'info' => ['version' => '1.0']])->afterOpenApiGenerated($bearerTokens);
 | |
| 
 | |
|         $oauthProviders = [];
 | |
|         foreach (config('auth.oauth') as $name => $data) {
 | |
|             config()->set("services.$name", array_merge($data['service'], ['redirect' => "/auth/oauth/callback/$name"]));
 | |
| 
 | |
|             if (isset($data['provider'])) {
 | |
|                 $oauthProviders[$name] = $data['provider'];
 | |
|             }
 | |
|         }
 | |
| 
 | |
|         Event::listen(function (SocialiteWasCalled $event) use ($oauthProviders) {
 | |
|             foreach ($oauthProviders as $name => $provider) {
 | |
|                 $event->extendSocialite($name, $provider);
 | |
|             }
 | |
|         });
 | |
| 
 | |
|         FilamentColor::register([
 | |
|             'danger' => Color::Red,
 | |
|             'gray' => Color::Zinc,
 | |
|             'info' => Color::Sky,
 | |
|             'primary' => Color::Blue,
 | |
|             'success' => Color::Green,
 | |
|             'warning' => Color::Amber,
 | |
|         ]);
 | |
| 
 | |
|         Gate::before(function (User $user, $ability) {
 | |
|             return $user->isRootAdmin() ? true : null;
 | |
|         });
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Register application service providers.
 | |
|      */
 | |
|     public function register(): void
 | |
|     {
 | |
|         Scramble::extendOpenApi(fn (OpenApi $openApi) => $openApi->secure(SecurityScheme::http('bearer')));
 | |
|         Scramble::ignoreDefaultRoutes();
 | |
|     }
 | |
| }
 |