Implement OIDC authentication via Laravel Socialite

app/Http/Controllers/Auth/SocialiteController.php

@@ -0,0 +1,58 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use App\User;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Laravel\Socialite\Facades\Socialite;
+use Illuminate\Support\Str;
+
+class SocialiteController extends Controller
+{
+    public function redirectToProvider($provider)
+    {
+        return Socialite::driver($provider)->redirect();
+    }
+
+    public function handleProviderCallback($provider)
+    {
+        try {
+            $socialUser = Socialite::driver($provider)->user();
+        } catch (\Exception $e) {
+            return redirect('/login')->with('error', 'Authentication failed.');
+        }
+
+        // Find user by provider_id
+        $user = User::where('provider_name', $provider)
+            ->where('provider_id', $socialUser->getId())
+            ->first();
+
+        if (!$user) {
+            // Find user by email to link
+            $user = User::where('email', $socialUser->getEmail())->first();
+
+            if ($user) {
+                // Link the account
+                $user->update([
+                    'provider_name' => $provider,
+                    'provider_id' => $socialUser->getId(),
+                ]);
+            } else {
+                // Optionally create a new user
+                $user = User::create([
+                    'name' => $socialUser->getName() ?? $socialUser->getNickname() ?? $socialUser->getEmail(),
+                    'email' => $socialUser->getEmail(),
+                    'provider_name' => $provider,
+                    'provider_id' => $socialUser->getId(),
+                    'password' => bcrypt(Str::random(24)),
+                ]);
+            }
+        }
+
+        Auth::login($user);
+
+        return redirect()->intended('/admin'); // Redirect to filament admin or home
+    }
+}

app/Providers/EventServiceProvider.php

@@ -16,6 +16,9 @@ class EventServiceProvider extends ServiceProvider
         'App\Events\Event' => [
             'App\Listeners\EventListener',
         ],
+        \SocialiteProviders\Manager\SocialiteWasCalled::class => [
+            \SocialiteProviders\OIDC\OIDCExtendSocialite::class.'@handle',
+        ],
     ];
 
     /**

app/Providers/Filament/AdminPanelProvider.php

@@ -18,8 +18,30 @@ use Illuminate\Routing\Middleware\SubstituteBindings;
 use Illuminate\Session\Middleware\StartSession;
 use Illuminate\View\Middleware\ShareErrorsFromSession;
 
+use Filament\Support\Facades\FilamentView;
+use Illuminate\Support\Facades\Blade;
+
 class AdminPanelProvider extends PanelProvider
 {
+    public function boot()
+    {
+        FilamentView::registerRenderHook(
+            'panels::auth.login.form.after',
+            fn (): string => Blade::render('
+                <div class="mt-4">
+                    <x-filament::button
+                        :href="url(\'auth/social/oidc\')"
+                        tag="a"
+                        color="info"
+                        class="w-full"
+                    >
+                        Login with OIDC
+                    </x-filament::button>
+                </div>
+            '),
+        );
+    }
+
     public function panel(Panel $panel): Panel
     {
         return $panel

app/User.php

@@ -18,7 +18,7 @@ class User extends Authenticatable implements FilamentUser, HasName
      * @var array
      */
     protected $fillable = [
-        'name', 'email', 'password',
+        'name', 'email', 'password', 'provider_name', 'provider_id',
     ];
 
     /**