feat: add provider Tailscale (#1413)

wivaku · atymic · web-flow · commit 0f28fe6ed795 · 2026-01-03T09:28:36.000+11:00
Co-authored-by: atymic &lt;atymicq@gmail.com&gt;
diff --git a/src/Tailscale/Provider.php b/src/Tailscale/Provider.php
@@ -0,0 +1,77 @@
+<?php
+
+namespace SocialiteProviders\Tailscale;
+
+use Illuminate\Support\Arr;
+use GuzzleHttp\RequestOptions;
+use SocialiteProviders\Manager\OAuth2\User;
+use SocialiteProviders\Manager\OAuth2\AbstractProvider;
+
+class Tailscale extends AbstractProvider
+{
+	const IDENTIFIER = 'TAILSCALE';
+
+	/**
+	 * {@inheritdoc}
+	 */
+	protected $scopes = ['openid', 'profile', 'email'];
+	protected $scopeSeparator = ' ';
+
+	public static function additionalConfigKeys()
+	{
+		return ['base_url'];
+	}
+
+	protected function getBaseUrl()
+	{
+		$baseurl = $this->getConfig('base_url');
+		if ($baseurl === null) {
+			throw new \InvalidArgumentException('Missing base_url');
+		}
+
+		return rtrim($baseurl, '/');
+	}
+
+	/**
+	 * {@inheritdoc}
+	 */
+	protected function getAuthUrl($state)
+	{
+		return $this->buildAuthUrlFromBase($this->getBaseUrl().'/authorize', $state);
+	}
+
+	/**
+	 * {@inheritdoc}
+	 */
+	protected function getTokenUrl()
+	{
+		return $this->getBaseUrl().'/token';
+	}
+
+	/**
+	 * {@inheritdoc}
+	 */
+	protected function getUserByToken($token)
+	{
+		$response = $this->getHttpClient()->get($this->getBaseUrl().'/userinfo', [
+			RequestOptions::HEADERS => [
+				'Authorization' => 'Bearer '.$token,
+			],
+		]);
+
+		return json_decode((string) $response->getBody(), true);
+	}
+
+	/**
+	 * {@inheritdoc}
+	 */
+	protected function mapUserToObject(array $user)
+	{
+		return (new User)->setRaw($user)->map([            
+			'id'       => Arr::get($user, 'sub'),
+			'email'    => Arr::get($user, 'email'),
+			'name'     => Arr::get($user, 'name'), 
+			'username' => Arr::get($user, 'username'),
+		]);
+	}
+}
diff --git a/src/Tailscale/README.md b/src/Tailscale/README.md
@@ -0,0 +1,70 @@
+# Tailscale (tsidp)
+
+```bash
+composer require socialiteproviders/tailscale
+```
+
+## Prerequisites
+
+Install [Tailscale OpenID Connect (OIDC) Identity Provider (tsidp)](https://github.com/tailscale/tsidp) and make it available on your Tailscale network.
+
+## Installation & Basic Usage
+
+Please see the [Base Installation Guide](https://socialiteproviders.com/usage/), then follow the provider specific instructions below.
+
+### Add configuration to `config/services.php`
+
+```php
+'tailscale' => [
+  'base_url' => env('TAILSCALE_BASE_URL'),
+  'client_id' => env('TAILSCALE_CLIENT_ID'),
+  'client_secret' => env('TAILSCALE_CLIENT_SECRET'),
+  'redirect' => env('TAILSCALE_REDIRECT_URI'),
+],
+```
+
+### Add provider event listener
+
+#### Laravel 11+
+
+In Laravel 11, the default `EventServiceProvider` provider was removed. Instead, add the listener using the `listen` method on the `Event` facade, in your `AppServiceProvider` `boot` method.
+
+* Note: You do not need to add anything for the built-in socialite providers unless you override them with your own providers.
+
+```php
+Event::listen(function (\SocialiteProviders\Manager\SocialiteWasCalled $event) {
+    $event->extendSocialite('tailscale', \SocialiteProviders\Tailscale\Provider::class);
+});
+```
+<details>
+<summary>
+Laravel 10 or below
+</summary>
+Configure the package's listener to listen for `SocialiteWasCalled` events.
+
+Add the event to your `listen[]` array in `app/Providers/EventServiceProvider`. See the [Base Installation Guide](https://socialiteproviders.com/usage/) for detailed instructions.
+
+```php
+protected $listen = [
+    \SocialiteProviders\Manager\SocialiteWasCalled::class => [
+        // ... other providers
+        \SocialiteProviders\Tailscale\TailscaleExtendSocialite::class.'@handle',
+    ],
+];
+```
+</details>
+
+### Usage
+
+You should now be able to use the provider like you would regularly use Socialite (assuming you have the facade installed):
+
+```php
+return Socialite::driver('tailscale')->redirect();
+```
+
+### Returned User fields
+
+- ``id``
+- ``email``
+- ``name``
+- ``username`` (same as `name`)
diff --git a/src/Tailscale/TailscaleExtendSocialite.php b/src/Tailscale/TailscaleExtendSocialite.php
@@ -0,0 +1,13 @@
+<?php
+
+namespace SocialiteProviders\Tailscale;
+
+use SocialiteProviders\Manager\SocialiteWasCalled;
+
+class TailscaleExtendSocialite
+{
+    public function handle(SocialiteWasCalled $socialiteWasCalled): void
+    {
+        $socialiteWasCalled->extendSocialite('tailscale', Provider::class);
+    }
+}
diff --git a/src/Tailscale/composer.json b/src/Tailscale/composer.json
@@ -0,0 +1,34 @@
+{
+    "name": "socialiteproviders/tailscale",
+    "description": "Tailscale OAuth2 Provider for Laravel Socialite",
+    "license": "MIT",
+    "keywords": [
+        "laravel",
+        "oauth",
+        "provider",
+        "socialite",
+        "tailscale",
+        "tsidp"
+    ],
+    "authors": [
+        {
+            "name": "Winfred van Kuijk",
+            "email": "winfred@vankuijk.net"
+        }
+    ],
+    "support": {
+        "issues": "https://github.com/socialiteproviders/providers/issues",
+        "source": "https://github.com/socialiteproviders/providers",
+        "docs": "https://socialiteproviders.com/tailscale"
+    },
+    "require": {
+        "php": "^8.3",
+        "ext-json": "*",
+        "socialiteproviders/manager": "^4.4"
+    },
+    "autoload": {
+        "psr-4": {
+            "SocialiteProviders\\Tailscale\\": ""
+        }
+    }
+}
