Add MusicBrainz Provider (#768)

Co-authored-by: Lucas Michot <lucas@semalead.com>

Author: andrzejkupczyk

KeycloakExtendSocialite.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace SocialiteProviders\Keycloak;
+
+use SocialiteProviders\Manager\SocialiteWasCalled;
+
+class KeycloakExtendSocialite
+{
+    /**
+     * Register the provider.
+     *
+     * @param \SocialiteProviders\Manager\SocialiteWasCalled $socialiteWasCalled
+     */
+    public function handle(SocialiteWasCalled $socialiteWasCalled)
+    {
+        $socialiteWasCalled->extendSocialite('keycloak', Provider::class);
+    }
+}

Provider.php

@@ -0,0 +1,96 @@
+<?php
+
+namespace SocialiteProviders\Keycloak;
+
+use GuzzleHttp\RequestOptions;
+use Illuminate\Support\Arr;
+use SocialiteProviders\Manager\OAuth2\AbstractProvider;
+use SocialiteProviders\Manager\OAuth2\User;
+
+class Provider extends AbstractProvider
+{
+    /**
+     * Unique Provider Identifier.
+     */
+    public const IDENTIFIER = 'KEYCLOAK';
+
+    protected $scopeSeparator = ' ';
+
+    protected $scopes = ['openid'];
+
+    /**
+     * {@inheritdoc}
+     */
+    public static function additionalConfigKeys()
+    {
+        return ['base_url', 'realms'];
+    }
+
+    protected function getBaseUrl()
+    {
+        return rtrim(rtrim($this->getConfig('base_url'), '/').'/realms/'.$this->getConfig('realms', 'master'), '/');
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function getAuthUrl($state)
+    {
+        return $this->buildAuthUrlFromBase($this->getBaseUrl().'/protocol/openid-connect/auth', $state);
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function getTokenUrl()
+    {
+        return $this->getBaseUrl().'/protocol/openid-connect/token';
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function getUserByToken($token)
+    {
+        $response = $this->getHttpClient()->get($this->getBaseUrl().'/protocol/openid-connect/userinfo', [
+            RequestOptions::HEADERS => [
+                'Authorization' => 'Bearer '.$token,
+            ],
+        ]);
+
+        return json_decode((string) $response->getBody(), true);
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function mapUserToObject(array $user)
+    {
+        return (new User())->setRaw($user)->map([
+            'id'        => Arr::get($user, 'sub'),
+            'nickname'  => Arr::get($user, 'preferred_username'),
+            'name'      => Arr::get($user, 'name'),
+            'email'     => Arr::get($user, 'email'),
+        ]);
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function getTokenFields($code)
+    {
+        return array_merge(parent::getTokenFields($code), [
+            'grant_type' => 'authorization_code',
+        ]);
+    }
+
+    /**
+     * Return logout endpoint with redirect_uri query parameter.
+     *
+     * @return string
+     */
+    public function getLogoutUrl(string $redirectUri)
+    {
+        return $this->getBaseUrl().'/protocol/openid-connect/logout?redirect_uri='.urlencode($redirectUri);
+    }
+}

README.md

@@ -0,0 +1,63 @@
+# Keycloak
+
+```bash
+composer require socialiteproviders/keycloak
+```
+
+## Installation & Basic Usage
+
+Please see the [Base Installation Guide](https://socialiteproviders.com/usage/), then follow the provider specific instructions below.
+
+### Add configuration to `config/services.php`
+
+```php
+'keycloak' => [
+  'client_id' => env('KEYCLOAK_CLIENT_ID'),
+  'client_secret' => env('KEYCLOAK_CLIENT_SECRET'),
+  'redirect' => env('KEYCLOAK_REDIRECT_URI'),
+  'base_url' => env('KEYCLOAK_BASE_URL'),   // Specify your keycloak server URL here
+  'realms' => env('KEYCLOAK_REALM')         // Specify your keycloak realm
+],
+```
+
+### Add provider event listener
+
+Configure the package's listener to listen for `SocialiteWasCalled` events.
+
+Add the event to your `listen[]` array in `app/Providers/EventServiceProvider`. See the [Base Installation Guide](https://socialiteproviders.com/usage/) for detailed instructions.
+
+```php
+protected $listen = [
+    \SocialiteProviders\Manager\SocialiteWasCalled::class => [
+        // ... other providers
+        \SocialiteProviders\Keycloak\KeycloakExtendSocialite::class.'@handle',
+    ],
+];
+```
+
+### Usage
+
+You should now be able to use the provider like you would regularly use Socialite (assuming you have the facade installed):
+
+```php
+return Socialite::driver('keycloak')->redirect();
+```
+
+To logout of your app and Keycloak:
+```php
+public function logout() {
+    Auth::logout(); // Logout of your app
+    $redirectUri = Config::get('app.url'); // The URL the user is redirected to
+    return redirect(Socialite::driver('keycloak')->getLogoutUrl($redirectUri)); // Redirect to Keycloak
+}
+```
+
+#### Keycloak <= 3.2
+
+Keycloak below v3.2 requires no scopes to be set. Later versions require the `openid` scope for all requests.
+
+```php
+return Socialite::driver('keycloak')->scopes([])->redirect();
+```
+
+See [the upgrade guide](https://www.keycloak.org/docs/12.0/upgrading/#migrating-to-3-2-0).

composer.json

@@ -0,0 +1,33 @@
+{
+    "name": "socialiteproviders/keycloak",
+    "description": "Keycloak OAuth2 Provider for Laravel Socialite",
+    "keywords": [
+        "keycloak",
+        "laravel",
+        "oauth",
+        "provider",
+        "socialite"
+    ],
+    "license": "MIT",
+    "authors": [
+        {
+            "name": "Oleg Kuchumov",
+            "email": "voenniy@gmail.com"
+        }
+    ],
+    "require": {
+        "php": "^7.2 || ^8.0",
+        "ext-json": "*",
+        "socialiteproviders/manager": "~4.0"
+    },
+    "autoload": {
+        "psr-4": {
+            "SocialiteProviders\\Keycloak\\": ""
+        }
+    },
+    "support": {
+        "issues": "https://github.com/socialiteproviders/providers/issues",
+        "source": "https://github.com/socialiteproviders/providers",
+        "docs": "https://socialiteproviders.com/keycloak"
+    }
+}