Snipe-IT支持Oauth2登录

Snipe-IT默认支持的第3方登录为：SAML 和 Google Workspace。

不支持添加自定义Oauth2登录。

查了相关文档，

• https://snipe-it.readme.io/docs/saml

并用casdoork作为idp测试了SAML并没有成功，加上第1次用SAML且比较复杂，不想继续调试。

看到相关讨论

• Feature Request: OpenID Connect (oidc) relying party support

于是直接小修改几个源码就可以实现自定义Oauth登录了

---

更新参数检查

app/Models/Setting.php 删除参数限制，原来只支持google

           'thumbnail_max_h'                     => 'numeric|max:500|min:25',
-          'google_client_id'                    => 'nullable|ends_with:apps.googleusercontent.com'

修改URL及JWT

vendor/laravel/socialite/src/Two/GoogleProvider.php

     protected function getAuthUrl($state){
-        return $this->buildAuthUrlFromBase('https://accounts.google.com/o/oauth2/auth', $state);
+        return $this->buildAuthUrlFromBase('https://xxx.com/login/oauth/authorize', $state);}protected function getTokenUrl(){
-        return 'https://www.googleapis.com/oauth2/v4/token';
+        return 'https://xxx.com/api/login/oauth/access_token';}protected function getUserByToken($token){
-        if ($this->isJwtToken($token)) {
-            return $this->getUserFromJwtToken($token);
-        }
-
-        $response = $this->getHttpClient()->get('https://www.googleapis.com/oauth2/v3/userinfo', [
-            RequestOptions::QUERY => [
-                'prettyPrint' => 'false',
-            ],
-            RequestOptions::HEADERS => [
-                'Accept' => 'application/json',
-                'Authorization' => 'Bearer '.$token,
-            ],
+        $response = $this->getHttpClient()->get('https://xxx.com/api/userinfo', [
+            RequestOptions::QUERY => ['access_token' => $token],]);return json_decode((string) $response->getBody(), true);}