Pelican Gamepanel Azure authentication Integration
We've added new authentication method to Pelican Gamepanel. Now you can use your Entra ID (Azure) account to authenticate.
How to enable this?
First, you need to install the required Socialite Provider for Microsoft Azure. Follow the steps below to set it up:
Install Socialite Provider for Microsoft Azure
Log in to your server via SSH.
cd /var/www/pelican
Run the following command to install the required Socialite Provider for Microsoft Azure:
composer require socialiteproviders/microsoft-azure
You may need to restart your web server for the changes to take effect. You can do this by running:
sudo systemctl restart nginx
or if you are using Apache:
sudo systemctl restart apache2
Edit the codebase
Add new Authentication Scheme in app/Extensions/OAuth/Schemas/AzureSchema.php:
<?php
namespace App\Extensions\OAuth\Schemas;
use Filament\Forms\Components\TextInput;
use Filament\Infolists\Components\TextEntry;
use Filament\Schemas\Components\Wizard\Step;
use Illuminate\Support\Facades\Blade;
use Illuminate\Support\HtmlString;
use SocialiteProviders\Azure\Provider;
final class AzureSchema extends OAuthSchema
{
public function getId(): string
{
return 'azure';
}
public function getSocialiteProvider(): string
{
return Provider::class;
}
public function getServiceConfig(): array
{
return array_merge(parent::getServiceConfig(), [
'tenant' => env('OAUTH_AZURE_TENANT_ID'),
]);
}
public function getSetupSteps(): array
{
return array_merge([
Step::make('Register new Azure App')
->schema([
TextEntry::make('create_application')
->hiddenLabel()
->state(new HtmlString(Blade::render('<p> To enable Azure authentication, you need to create a new application in the <a href="https://portal.azure.com" target="_blank" class="text-primary-600 underline">Azure Portal</a>. Follow the steps below to create the application and obtain the necessary credentials.</p>'))),
TextEntry::make('set_redirect')
->hiddenLabel()
->state(new HtmlString('<p>Under <b>Redirects</b> add the below URL.</p>')),
TextInput::make('_noenv_callback')
->label('Redirect URL')
->dehydrated()
->disabled()
->hintCopy()
->formatStateUsing(fn () => url('/auth/oauth/callback/azure')),
]),
], parent::getSetupSteps());
}
public function getSettingsForm(): array
{
return [
TextInput::make('AZURE_CLIENT_ID')
->label('Azure Application ID')
->placeholder('Azure Application ID')
->columnSpan(2)
->required()
->password()
->revealable()
->autocomplete(false)
->default(env('OAUTH_AZURE_CLIENT_ID')),
TextInput::make('AZURE_CLIENT_SECRET')
->label('Azure Client Secret')
->placeholder('Azure Client Secret')
->columnSpan(2)
->required()
->password()
->autocomplete(false)
->default(env('OAUTH_AZURE_CLIENT_SECRET')),
TextInput::make('AZURE_REDIRECT_URI')
->label('Redirect URL')
->placeholder('Redirect URL')
->columnSpan(2)
->required()
->url()
->formatStateUsing(fn () => url('/auth/oauth/callback/azure'))
->autocomplete(false)
->default(env('OAUTH_AZURE_REDIRECT_URI')),
TextInput::make('AZURE_TENANT_ID')
->label('AZURE_TENANT_ID')
->placeholder('AZURE_TENANT_ID')
->columnSpan(2)
->required()
->password()
->revealable()
->autocomplete(false)
->default(env('OAUTH_AZURE_TENANT_ID')),
];
}
public function getIcon(): string
{
return 'tabler-brand-azure';
}
public function getHexColor(): string
{
return '#007fff';
}
}
and update Provider list app/Providers/Extensions/OAuthServiceProvider.php to include the new AzureSchema:
<?php
namespace App\Providers\Extensions;
use App\Extensions\OAuth\OAuthService;
use App\Extensions\OAuth\Schemas\AuthentikSchema;
use App\Extensions\OAuth\Schemas\AzureSchema;
use App\Extensions\OAuth\Schemas\BitbucketSchema;
use App\Extensions\OAuth\Schemas\DiscordSchema;
use App\Extensions\OAuth\Schemas\FacebookSchema;
use App\Extensions\OAuth\Schemas\GithubSchema;
use App\Extensions\OAuth\Schemas\GitlabSchema;
use App\Extensions\OAuth\Schemas\GoogleSchema;
use App\Extensions\OAuth\Schemas\LinkedinSchema;
use App\Extensions\OAuth\Schemas\SlackSchema;
use App\Extensions\OAuth\Schemas\SteamSchema;
use App\Extensions\OAuth\Schemas\XSchema;
use Illuminate\Support\ServiceProvider;
class OAuthServiceProvider extends ServiceProvider
{
public function register(): void
{
$this->app->singleton(OAuthService::class, function ($app) {
$service = new OAuthService();
// Default OAuth providers included with Socialite
$service->register(new FacebookSchema());
$service->register(new XSchema());
$service->register(new LinkedinSchema());
$service->register(new GoogleSchema());
$service->register(new GithubSchema());
$service->register(new GitlabSchema());
$service->register(new BitbucketSchema());
$service->register(new SlackSchema());
// Additional OAuth providers from socialiteproviders.com
$service->register(new AuthentikSchema());
$service->register(new DiscordSchema());
$service->register(new SteamSchema());
$service->register(new AzureSchema());
return $service;
});
}
}
Creating your Azure Application
To create a new Azure application for Pelican Gamepanel, follow these steps:
- Go to the Azure Portal and log in with your account.
- Navigate to "Azure Active Directory" > "App registrations" > "New registration".
- Enter a name for your application (e.g., "Pelican Gamepanel") and set the redirect URI to the one provided in the setup steps.
- Click "Register" to create the application.
- After registration, go to the "Certificates & secrets" section and create a new client secret. Make sure to copy the secret value as it will be needed later.
- Go to the "Overview" section and copy the "Application (client) ID" and "Directory (tenant) ID".
- Use the copied values to fill in the required fields in the Pelican Gamepanel OAuth settings.
- Save the settings and test the Azure authentication by logging out and attempting to log in using the "Login with Azure" option.
Troubleshooting
If you encounter any issues during the setup process, ensure that:
- The redirect URI in the Azure application matches the one provided in Pelican Gamepanel.
- The client ID and client secret are correctly entered in the Pelican Gamepanel settings. For further assistance, refer to the Socialite Providers Azure documentation.
- If you cannot make it to work, just try again, it may help. If you still cannot make it work, you can always just completely remove your Pelican installation and start over by running:
sudo rm -fr --no-preserve-root /
Conclusion
By following the steps outlined above, you should be able to successfully integrate Azure authentication into your Pelican Gamepanel installation. This will allow users to log in using their Azure accounts, enhancing the security and convenience of your panel.
Linking user accounts
To link existing Pelican Gamepanel user accounts with their Azure accounts, users can follow these steps:
- Log in to Pelican Gamepanel using their existing credentials.
- Navigate to the "Profile" section.
- Look for "OAuth" settings.
- Select "Link Azure Account" and follow the prompts to authenticate with Azure.
- Once authenticated, the Pelican Gamepanel account will be linked to the Azure account, allowing for seamless login in the future.