Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added OAuth2 Sign In support #1488

Closed
wants to merge 27 commits into from
Closed

Added OAuth2 Sign In support #1488

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
27 commits
Select commit Hold shift + click to select a range
47f2c6a
Added OAuth2 Sign In support
jer3m01 Feb 17, 2019
0c3df9f
Forgot to add files to git
jer3m01 Feb 17, 2019
3115312
Hot fix for an invalid if statement
jer3m01 Feb 17, 2019
2f125c0
Added OAuth2 user creation on new user admin page
jer3m01 Feb 17, 2019
3f07acc
Forgot to add config file and migration to git
jer3m01 Feb 17, 2019
fbcaf01
Added authorization scopes
jer3m01 Feb 17, 2019
60ca7f3
StyleCI diff
jer3m01 Feb 17, 2019
f66ab84
Re enabled password for OAuth2 users
jer3m01 Feb 17, 2019
5d8ac80
Changed != null to isset()
jer3m01 Feb 17, 2019
f0fa343
Forgot to add sftp notice yield
jer3m01 Feb 17, 2019
a59e1cf
Fixed yield & StyleCI
jer3m01 Feb 17, 2019
1f3ea88
Used Eloquent methods instead of DB
jer3m01 Feb 23, 2019
2a30466
Applied StyleCI
jer3m01 Feb 23, 2019
b6bceac
Use OAuth2::forgetCachedData() helper
jer3m01 Feb 23, 2019
1fb666d
Removed unused comment
jer3m01 Feb 26, 2019
930c42d
Rebuilt everything
jer3m01 Mar 9, 2019
616af9c
Merge remote-tracking branch 'origin/develop' into develop
jer3m01 Mar 9, 2019
97c524e
Fixed settings page
jer3m01 Mar 12, 2019
b18f5c0
Finished OAuth2 login
jer3m01 Mar 17, 2019
f077634
Added OAuth2 account linking
jer3m01 Mar 20, 2019
a6e7cb2
Applied StyleCI
jer3m01 Mar 20, 2019
04d7a63
Added oauth2_id field to the AccountControllerTest
jer3m01 Mar 20, 2019
6a1e9b1
Fixed requested changes
jer3m01 Mar 20, 2019
462f68a
Split the single controller into 2 separate controllers
jer3m01 Mar 20, 2019
e2a3d24
Unsplit the controller
jer3m01 Mar 21, 2019
0d2e074
Applied StyleCI
jer3m01 Mar 21, 2019
c128f32
Made requested changes
jer3m01 Mar 31, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
123 changes: 123 additions & 0 deletions app/Console/Commands/OAuth2/PackagesCommand.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,123 @@
<?php

namespace Pterodactyl\Console\Commands\OAuth2;

use Illuminate\Console\Command;
use Illuminate\Contracts\Config\Repository as ConfigRepository;
use Psr\Log\LoggerInterface as Log;
use Symfony\Component\Process\Process;
use Symfony\Component\Process\Exception\RuntimeException;

class PackagesCommand extends Command
{

/**
* @var \Illuminate\Contracts\Config\Repository
*/
protected $config;

/**
* @var \Psr\Log\LoggerInterface
*/
protected $log;

/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'p:oauth2:packages';

/**
* The console command description.
*
* @var string
*/
protected $description = 'Install packages used for OAuth2 providers.';

/**
* Create a new command instance.
*
* @param \Illuminate\Contracts\Config\Repository $config
* @param Log $log
*/
public function __construct(ConfigRepository $config, Log $log)
{
parent::__construct();

$this->config = $config;
$this->log = $log;
}

/**
* Execute the console command.
*
* @return mixed|void
*/
public function handle()
{
$packages = [];

foreach (preg_split('~,~', $this->config->get('oauth2.all_drivers')) as $provider) {
if (empty($this->config->get('oauth2.providers.' . $provider . '.package'))) {
continue;
}
$packages = array_merge($packages, [$provider => $this->config->get('oauth2.providers.' . $provider . '.package')]);
}

if (empty($packages)) {
$this->output->write(__('command/messages.environment.oauth2.no_packages'));

return;
}

$this->output->write(__('command/messages.environment.oauth2.packages', ['number' => count($packages)]) . "\r\n");

$command = 'composer';
if (file_exists('composer.phar')) {
$command = 'php composer.phar';
}

$bar = $this->output->createProgressBar(count($packages));

$bar->start();

$failed = 0;

$this->log->info('[OAuth2 Package Installer]: Starting Installation...');
foreach ($packages as $provider => $package) {
$this->log->info('[OAuth2 Package Installer]: Installing ' . $provider . ': ' . $package);
$this->output->write(' ' . __('command/messages.environment.oauth2.installing', ['package' => $provider . ': ' . $package]));

$process = (new Process(preg_split('~\s+~', $command . str_replace(':package', $package, ' require :package --no-progress --no-suggest --no-update --no-scripts --update-no-dev'))))->setTimeout(null);

try {
$process->setTty(false);
} catch (RuntimeException $e) {
$this->output->writeln('Warning: '.$e->getMessage());
}
$process->run(function ($type, $line) {
if ($this->option('verbose')) {
$this->output->write('[Composer]: ' . $line);
}
$this->log->info('[OAuth2 Package Installer]: [Composer]: ' . $line);
});

if ($process->isSuccessful()) {
$this->log->info('[OAuth2 Package Installer]: Installed ' . $provider . ': ' . $package);
$this->output->write(' ' . __('command/messages.environment.oauth2.installed', ['package' => $provider . ': ' . $package]));
} else {
$failed++;
$this->log->info('[OAuth2 Package Installer]: Failed installation of ' . $provider . ': ' . $package);
$this->output->write(' ' . __('command/messages.environment.oauth2.failed', ['package' => $provider . ': ' . $package]));
}

$bar->advance();
}

$bar->finish();
$this->log->info('[OAuth2 Package Installer]: Installation finished');
$this->output->write("\r\n" . __('command/messages.environment.oauth2.done', ['number' => count($packages) - $failed]));
$this->output->write("\r\n" . __('command/messages.environment.oauth2.done_failed', ['number' => $failed]));
}
}
133 changes: 133 additions & 0 deletions app/Http/Controllers/Admin/Settings/OAuth2Controller.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,133 @@
<?php

namespace Pterodactyl\Http\Controllers\Admin\Settings;

use Illuminate\View\View;
use Illuminate\Support\Arr;
use Illuminate\Support\Str;
use Illuminate\Http\RedirectResponse;
use Prologue\Alerts\AlertsMessageBag;
use Illuminate\Contracts\Console\Kernel;
use Pterodactyl\Http\Controllers\Controller;
use Pterodactyl\Traits\Helpers\OAuth2Providers;
use Illuminate\Contracts\Config\Repository as ConfigRepository;
use Pterodactyl\Contracts\Repository\SettingsRepositoryInterface;
use Pterodactyl\Http\Requests\Admin\Settings\OAuth2SettingsFormRequest;

class OAuth2Controller extends Controller
{
use OAuth2Providers;

/**
* @var \Prologue\Alerts\AlertsMessageBag
*/
private $alert;

/**
* @var \Illuminate\Contracts\Config\Repository
*/
private $config;

/**
* @var \Illuminate\Contracts\Console\Kernel
*/
private $kernel;

/**
* @var \Pterodactyl\Contracts\Repository\SettingsRepositoryInterface
*/
private $settings;

/**
* OAuth2Controller constructor.
*
* @param \Prologue\Alerts\AlertsMessageBag $alert
* @param \Illuminate\Contracts\Config\Repository $config
* @param \Illuminate\Contracts\Console\Kernel $kernel
* @param \Pterodactyl\Contracts\Repository\SettingsRepositoryInterface $settings
*/
public function __construct(
AlertsMessageBag $alert,
ConfigRepository $config,
Kernel $kernel,
SettingsRepositoryInterface $settings
) {
$this->alert = $alert;
$this->config = $config;
$this->kernel = $kernel;
$this->settings = $settings;
}

/**
* Render OAuth2 settings UI.
*
* @return \Illuminate\View\View
*/
public function index(): View
{
$providers = $this->getAllProviderSettings();

return view('admin.settings.oauth2', compact('providers'));
}

/**
* @param \Pterodactyl\Http\Requests\Admin\Settings\OAuth2SettingsFormRequest $request
* @return \Illuminate\Http\RedirectResponse
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
*/
public function update(OAuth2SettingsFormRequest $request): RedirectResponse
{
$array = $request->normalize();

$all_drivers = array_merge(preg_split('~,~', $this->config->get('oauth2.all_drivers')), preg_split('~,~', $array['oauth2:providers:new']));

foreach (preg_split('~,~', $array['oauth2:providers:deleted']) as $provider) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why are these not just being JSON encoded before storage?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's easier to edit manually and to store in the php file & inside the html input fields.

if (($key = array_search($provider, $all_drivers)) !== false) {
unset($all_drivers[$key]);
}
}

$all_drivers = array_filter($all_drivers);

$this->settings->set('settings::oauth2:all_drivers', implode(',', $all_drivers));

foreach (preg_split('~,~', $array['oauth2:providers:deleted']) as $provider) {
$this->settings->forget('settings::oauth2:providers:' . $provider . ':status');
$this->settings->forget('settings::oauth2:providers:' . $provider . ':name');
$this->settings->forget('settings::oauth2:providers:' . $provider . ':package');
$this->settings->forget('settings::oauth2:providers:' . $provider . ':listener');
$this->settings->forget('settings::oauth2:providers:' . $provider . ':client_id');
$this->settings->forget('settings::oauth2:providers:' . $provider . ':client_secret');
$this->settings->forget('settings::oauth2:providers:' . $provider . ':scopes');
$this->settings->forget('settings::oauth2:providers:' . $provider . ':widget_html');
$this->settings->forget('settings::oauth2:providers:' . $provider . ':widget_css');
}

$array = Arr::except($array, ['oauth2:providers:new', 'oauth2:providers:deleted']);
foreach ($array as $key => $value) {
// Unescape
if (Str::endsWith($key, ':widget_html') || Str::endsWith($key, ':widget_css')) {
$value = html_entity_decode(preg_replace('/%u([0-9a-f]{3,4})/i', '&#x\\1;', urldecode($value)), null, 'UTF-8');
}
// Replace escaped slash
if (Str::endsWith($key, ':listener')) {
$value = preg_replace('~//~', '/', preg_replace('~\\\\\\\\~', '\\\\', $value));
}
$this->settings->set('settings::' . $key, $value);
}

// Enable default driver
$this->settings->set('settings::oauth2:providers:' . $array['oauth2:default_driver'] . ':status', 'true');

app('oauth2ServiceProvider')->updateConfig();

if (array_key_exists('oauth2:providers:new', $array)) {
$this->kernel->call('p:oauth2:packages');
}
$this->kernel->call('queue:restart');
$this->alert->success(__('admin/settings.oauth2.success_response'))->flash();

return redirect()->route('admin.settings.oauth2');
}
}
14 changes: 13 additions & 1 deletion app/Http/Controllers/Admin/UserController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,23 +7,30 @@
use Prologue\Alerts\AlertsMessageBag;
use Pterodactyl\Exceptions\DisplayException;
use Pterodactyl\Http\Controllers\Controller;
use Pterodactyl\Traits\Helpers\OAuth2Providers;
use Illuminate\Contracts\Translation\Translator;
use Pterodactyl\Services\Users\UserUpdateService;
use Pterodactyl\Traits\Helpers\AvailableLanguages;
use Pterodactyl\Services\Users\UserCreationService;
use Pterodactyl\Services\Users\UserDeletionService;
use Pterodactyl\Http\Requests\Admin\UserFormRequest;
use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
use Illuminate\Contracts\Config\Repository as ConfigRepository;

class UserController extends Controller
{
use AvailableLanguages;
use AvailableLanguages, OAuth2Providers;

/**
* @var \Prologue\Alerts\AlertsMessageBag
*/
protected $alert;

/**
* @var \Illuminate\Contracts\Config\Repository
*/
private $config;

/**
* @var \Pterodactyl\Services\Users\UserCreationService
*/
Expand Down Expand Up @@ -61,13 +68,15 @@ class UserController extends Controller
*/
public function __construct(
AlertsMessageBag $alert,
ConfigRepository $config,
UserCreationService $creationService,
UserDeletionService $deletionService,
Translator $translator,
UserUpdateService $updateService,
UserRepositoryInterface $repository
) {
$this->alert = $alert;
$this->config = $config;
$this->creationService = $creationService;
$this->deletionService = $deletionService;
$this->repository = $repository;
Expand Down Expand Up @@ -97,6 +106,7 @@ public function create()
{
return view('admin.users.new', [
'languages' => $this->getAvailableLanguages(true),
'enabled_providers' => $this->config->get('oauth2.enabled') ? implode(',', array_keys($this->getEnabledProviderSettings())) : '',
]);
}

Expand All @@ -111,6 +121,7 @@ public function view(User $user)
return view('admin.users.view', [
'user' => $user,
'languages' => $this->getAvailableLanguages(true),
'enabled_providers' => $this->config->get('oauth2.enabled') ? implode(',', array_keys($this->getEnabledProviderSettings())) : '',
]);
}

Expand Down Expand Up @@ -165,6 +176,7 @@ public function store(UserFormRequest $request)
public function update(UserFormRequest $request, User $user)
{
$this->updateService->setUserLevel(User::USER_LEVEL_ADMIN);

$data = $this->updateService->handle($user, $request->normalize());

if (! empty($data->get('exceptions'))) {
Expand Down
19 changes: 18 additions & 1 deletion app/Http/Controllers/Auth/LoginController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
use Pterodactyl\Http\Controllers\Controller;
use Illuminate\Contracts\Auth\Authenticatable;
use Illuminate\Contracts\Encryption\Encrypter;
use Pterodactyl\Traits\Helpers\OAuth2Providers;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Contracts\Cache\Repository as CacheRepository;
use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
Expand All @@ -18,7 +19,7 @@

class LoginController extends Controller
{
use AuthenticatesUsers;
use AuthenticatesUsers, OAuth2Providers;

const USER_INPUT_FIELD = 'user';

Expand Down Expand Up @@ -102,6 +103,18 @@ public function __construct(
$this->maxLoginAttempts = $this->config->get('auth.lockout.attempts');
}

/**
* Show the application's login form.
*
* @return \Illuminate\Http\Response
*/
public function showLoginForm()
{
$providers = $this->getEnabledProviderSettings();

return view('auth.login', compact('providers'));
}

/**
* Handle a login request to the application.
*
Expand All @@ -126,6 +139,10 @@ public function login(Request $request)
return $this->sendFailedLoginResponse($request);
}

if ($this->config->get('oauth2.required') == 2 or ($user->root_admin == true and $this->config->get('oauth2.required') == 1)) {
return $this->sendFailedLoginResponse($request);
}

$validCredentials = password_verify($request->input('password'), $user->password);
if ($user->use_totp) {
$token = str_random(64);
Expand Down
Loading