laravel · hafezdivandari · Jul 30, 2024 · Jul 30, 2024 · Jul 31, 2024 · Aug 1, 2024
diff --git a/composer.json b/composer.json
@@ -24,6 +24,7 @@
     },
     "require-dev": {
         "inertiajs/inertia-laravel": "^1.0",
+        "laravel/passport": "13.x-dev",
         "laravel/sanctum": "^4.0",
         "livewire/livewire": "^3.3",
         "mockery/mockery": "^1.0",

diff --git a/routes/inertia.php b/routes/inertia.php
@@ -2,9 +2,12 @@
 
 use Illuminate\Support\Facades\Route;
 use Laravel\Jetstream\Http\Controllers\CurrentTeamController;
-use Laravel\Jetstream\Http\Controllers\Inertia\ApiTokenController;
+use Laravel\Jetstream\Http\Controllers\Inertia\ApiTokenController as SanctumApiTokenController;
 use Laravel\Jetstream\Http\Controllers\Inertia\CurrentUserController;
+use Laravel\Jetstream\Http\Controllers\Inertia\OAuthAppController;
+use Laravel\Jetstream\Http\Controllers\Inertia\OAuthConnectionController;
 use Laravel\Jetstream\Http\Controllers\Inertia\OtherBrowserSessionsController;
+use Laravel\Jetstream\Http\Controllers\Inertia\PassportApiTokenController;
 use Laravel\Jetstream\Http\Controllers\Inertia\PrivacyPolicyController;
 use Laravel\Jetstream\Http\Controllers\Inertia\ProfilePhotoController;
 use Laravel\Jetstream\Http\Controllers\Inertia\TeamController;
@@ -47,10 +50,26 @@
         Route::group(['middleware' => 'verified'], function () {
             // API...
             if (Jetstream::hasApiFeatures()) {
-                Route::get('/user/api-tokens', [ApiTokenController::class, 'index'])->name('api-tokens.index');
-                Route::post('/user/api-tokens', [ApiTokenController::class, 'store'])->name('api-tokens.store');
-                Route::put('/user/api-tokens/{token}', [ApiTokenController::class, 'update'])->name('api-tokens.update');
-                Route::delete('/user/api-tokens/{token}', [ApiTokenController::class, 'destroy'])->name('api-tokens.destroy');
+                if (Jetstream::hasOAuthFeatures()) {
+                    Route::get('/user/api-tokens', [PassportApiTokenController::class, 'index'])->name('api-tokens.index');
+                    Route::post('/user/api-tokens', [PassportApiTokenController::class, 'store'])->name('api-tokens.store');
+                    Route::delete('/user/api-tokens/{token}', [PassportApiTokenController::class, 'destroy'])->name('api-tokens.destroy');
+                } else {
+                    Route::get('/user/api-tokens', [SanctumApiTokenController::class, 'index'])->name('api-tokens.index');
+                    Route::post('/user/api-tokens', [SanctumApiTokenController::class, 'store'])->name('api-tokens.store');
+                    Route::put('/user/api-tokens/{token}', [SanctumApiTokenController::class, 'update'])->name('api-tokens.update');
+                    Route::delete('/user/api-tokens/{token}', [SanctumApiTokenController::class, 'destroy'])->name('api-tokens.destroy');
+                }
+            }
+
+            // OAuth...
+            if (Jetstream::hasOAuthFeatures()) {
+                Route::get('/user/oauth-apps', [OAuthAppController::class, 'index'])->name('oauth-apps.index');
+                Route::post('/user/oauth-apps', [OAuthAppController::class, 'store'])->name('oauth-apps.store');
+                Route::put('/user/oauth-apps/{app}', [OAuthAppController::class, 'update'])->name('oauth-apps.update');
+                Route::delete('/user/oauth-apps/{app}', [OAuthAppController::class, 'destroy'])->name('oauth-apps.destroy');
+
+                Route::delete('/user/oauth-connections/{app}', [OAuthConnectionController::class, 'destroy'])->name('oauth-connections.destroy');
             }
 
             // Teams...

diff --git a/routes/livewire.php b/routes/livewire.php
@@ -3,6 +3,7 @@
 use Illuminate\Support\Facades\Route;
 use Laravel\Jetstream\Http\Controllers\CurrentTeamController;
 use Laravel\Jetstream\Http\Controllers\Livewire\ApiTokenController;
+use Laravel\Jetstream\Http\Controllers\Livewire\OAuthAppController;
 use Laravel\Jetstream\Http\Controllers\Livewire\PrivacyPolicyController;
 use Laravel\Jetstream\Http\Controllers\Livewire\TeamController;
 use Laravel\Jetstream\Http\Controllers\Livewire\TermsOfServiceController;
@@ -34,6 +35,11 @@
                 Route::get('/user/api-tokens', [ApiTokenController::class, 'index'])->name('api-tokens.index');
             }
 
+            // OAuth...
+            if (Jetstream::hasOAuthFeatures()) {
+                Route::get('/user/oauth-apps', [OAuthAppController::class, 'index'])->name('oauth-apps.index');
+            }
+
             // Teams...
             if (Jetstream::hasTeamFeatures()) {
                 Route::get('/teams/create', [TeamController::class, 'create'])->name('teams.create');

diff --git a/src/Console/InstallCommand.php b/src/Console/InstallCommand.php
@@ -33,6 +33,7 @@ class InstallCommand extends Command implements PromptsForMissingInput
                                               {--dark : Indicate that dark mode support should be installed}
                                               {--teams : Indicates if team support should be installed}
                                               {--api : Indicates if API support should be installed}
+                                              {--oauth : Indicates if OAuth support via Laravel Passport should be installed}
                                               {--verification : Indicates if email verification support should be installed}
                                               {--pest : Indicates if Pest should be installed}
                                               {--ssr : Indicates if Inertia SSR support should be installed}
@@ -87,6 +88,12 @@ public function handle()
             $this->replaceInFile('// Features::api(),', 'Features::api(),', config_path('jetstream.php'));
         }
 
+        // Configure OAuth...
+        if ($this->option('oauth')) {
+            $this->replaceInFile('// Features::oauth(),', 'Features::oauth(),', config_path('jetstream.php'));
+            $this->replaceInFile('sanctum', 'web', config_path('jetstream.php'));
+        }
+
         // Configure Email Verification...
         if ($this->option('verification')) {
             $this->replaceInFile('// Features::emailVerification(),', 'Features::emailVerification(),', config_path('fortify.php'));
@@ -156,6 +163,7 @@ protected function installLivewireStack()
 
         $this->call('install:api', [
             '--without-migration-prompt' => true,
+            '--passport' => $this->option('oauth'),
         ]);
 
         // Update Configuration...
@@ -202,6 +210,10 @@ protected function installLivewireStack()
         // Models...
         copy(__DIR__.'/../../stubs/app/Models/User.php', app_path('Models/User.php'));
 
+        if ($this->option('oauth')) {
+            $this->replaceInFile('Laravel\Sanctum\HasApiTokens', 'Laravel\Passport\HasApiTokens', app_path('Models/User.php'));
+        }
+
         // Factories...
         copy(__DIR__.'/../../database/factories/UserFactory.php', base_path('database/factories/UserFactory.php'));
 
@@ -227,9 +239,15 @@ protected function installLivewireStack()
         copy(__DIR__.'/../../stubs/livewire/resources/views/policy.blade.php', resource_path('views/policy.blade.php'));
 
         // Other Views...
-        (new Filesystem)->copyDirectory(__DIR__.'/../../stubs/livewire/resources/views/api', resource_path('views/api'));
         (new Filesystem)->copyDirectory(__DIR__.'/../../stubs/livewire/resources/views/profile', resource_path('views/profile'));
         (new Filesystem)->copyDirectory(__DIR__.'/../../stubs/livewire/resources/views/auth', resource_path('views/auth'));
+        (new Filesystem)->copyDirectory(__DIR__.'/../../stubs/livewire/resources/views/oauth', resource_path('views/oauth'));
+
+        if ($this->option('oauth')) {
+            (new Filesystem)->copyDirectory(__DIR__.'/../../stubs/livewire/resources/views/passport-api', resource_path('views/api'));
+        } else {
+            (new Filesystem)->copyDirectory(__DIR__.'/../../stubs/livewire/resources/views/api', resource_path('views/api'));
+        }
 
         if (! Str::contains(file_get_contents(base_path('routes/web.php')), "'/dashboard'")) {
             (new Filesystem)->append(base_path('routes/web.php'), $this->livewireRouteDefinition());
@@ -316,7 +334,7 @@ protected function livewireRouteDefinition()
         return <<<'EOF'
 
 Route::middleware([
-    'auth:sanctum',
+    config('jetstream.guard') ? 'auth:'.config('jetstream.guard') : 'auth',
     config('jetstream.auth_session'),
     'verified',
 ])->group(function () {
@@ -342,6 +360,7 @@ protected function installInertiaStack()
 
         $this->call('install:api', [
             '--without-migration-prompt' => true,
+            '--passport' => $this->option('oauth'),
         ]);
 
         // Install NPM packages...
@@ -405,6 +424,10 @@ protected function installInertiaStack()
         // Models...
         copy(__DIR__.'/../../stubs/app/Models/User.php', app_path('Models/User.php'));
 
+        if ($this->option('oauth')) {
+            $this->replaceInFile('Laravel\Sanctum\HasApiTokens', 'Laravel\Passport\HasApiTokens', app_path('Models/User.php'));
+        }
+
         // Factories...
         copy(__DIR__.'/../../database/factories/UserFactory.php', base_path('database/factories/UserFactory.php'));
 
@@ -428,9 +451,15 @@ protected function installInertiaStack()
 
         (new Filesystem)->copyDirectory(__DIR__.'/../../stubs/inertia/resources/js/Components', resource_path('js/Components'));
         (new Filesystem)->copyDirectory(__DIR__.'/../../stubs/inertia/resources/js/Layouts', resource_path('js/Layouts'));
-        (new Filesystem)->copyDirectory(__DIR__.'/../../stubs/inertia/resources/js/Pages/API', resource_path('js/Pages/API'));
         (new Filesystem)->copyDirectory(__DIR__.'/../../stubs/inertia/resources/js/Pages/Auth', resource_path('js/Pages/Auth'));
         (new Filesystem)->copyDirectory(__DIR__.'/../../stubs/inertia/resources/js/Pages/Profile', resource_path('js/Pages/Profile'));
+        (new Filesystem)->copyDirectory(__DIR__.'/../../stubs/inertia/resources/js/Pages/OAuth', resource_path('js/Pages/OAuth'));
+
+        if ($this->option('oauth')) {
+            (new Filesystem)->copyDirectory(__DIR__.'/../../stubs/inertia/resources/js/Pages/PassportAPI', resource_path('js/Pages/API'));
+        } else {
+            (new Filesystem)->copyDirectory(__DIR__.'/../../stubs/inertia/resources/js/Pages/API', resource_path('js/Pages/API'));
+        }
 
         copy(__DIR__.'/../../stubs/inertia/routes/web.php', base_path('routes/web.php'));
 
@@ -537,6 +566,10 @@ protected function ensureApplicationIsTeamCompatible()
         copy(__DIR__.'/../../stubs/app/Models/TeamInvitation.php', app_path('Models/TeamInvitation.php'));
         copy(__DIR__.'/../../stubs/app/Models/UserWithTeams.php', app_path('Models/User.php'));
 
+        if ($this->option('oauth')) {
+            $this->replaceInFile('Laravel\Sanctum\HasApiTokens', 'Laravel\Passport\HasApiTokens', app_path('Models/User.php'));
+        }
+
         // Actions...
         copy(__DIR__.'/../../stubs/app/Actions/Jetstream/AddTeamMember.php', app_path('Actions/Jetstream/AddTeamMember.php'));
         copy(__DIR__.'/../../stubs/app/Actions/Jetstream/CreateTeam.php', app_path('Actions/Jetstream/CreateTeam.php'));
@@ -854,6 +887,7 @@ protected function afterPromptingForMissingArguments(InputInterface $input, Outp
             options: collect([
                 'teams' => 'Team support',
                 'api' => 'API support',
+                'oauth' => 'OAuth support via Laravel Passport',
                 'verification' => 'Email verification',
                 'dark' => 'Dark mode',
             ])->when(

diff --git a/src/Features.php b/src/Features.php
@@ -48,6 +48,16 @@ public static function hasApiFeatures()
         return static::enabled(static::api());
     }
 
+    /**
+     * Determine if the application is using any OAuth features.
+     *
+     * @return bool
+     */
+    public static function hasOAuthFeatures()
+    {
+        return static::enabled(static::oauth());
+    }
+
     /**
      * Determine if the application is using any team features.
      *
@@ -108,6 +118,16 @@ public static function api()
         return 'api';
     }
 
+    /**
+     * Enable the OAuth feature.
+     *
+     * @return string
+     */
+    public static function oauth()
+    {
+        return 'oauth';
+    }
+
     /**
      * Enable the teams feature.
      *

diff --git a/src/HasTeams.php b/src/HasTeams.php
@@ -3,7 +3,8 @@
 namespace Laravel\Jetstream;
 
 use Illuminate\Support\Str;
-use Laravel\Sanctum\HasApiTokens;
+use Laravel\Passport\HasApiTokens as PassportHasApiTokens;
+use Laravel\Sanctum\HasApiTokens as SanctumHasApiTokens;
 
 trait HasTeams
 {
@@ -207,7 +208,8 @@ public function hasTeamPermission($team, string $permission)
             return false;
         }
 
-        if (in_array(HasApiTokens::class, class_uses_recursive($this)) &&
+        if ((in_array(SanctumHasApiTokens::class, $traits = class_uses_recursive($this)) ||
+            in_array(PassportHasApiTokens::class, $traits)) &&
             ! $this->tokenCan($permission) &&
             $this->currentAccessToken() !== null) {
             return false;

diff --git a/src/Http/Controllers/Inertia/OAuthAppController.php b/src/Http/Controllers/Inertia/OAuthAppController.php
@@ -0,0 +1,100 @@
+<?php
+
+namespace Laravel\Jetstream\Http\Controllers\Inertia;
+
+use Illuminate\Http\Request;
+use Illuminate\Routing\Controller;
+use Illuminate\Support\Facades\Date;
+use Laravel\Jetstream\Jetstream;
+use Laravel\Passport\Client;
+use Laravel\Passport\Contracts\CreatesClients;
+use Laravel\Passport\Contracts\UpdatesClients;
+use Laravel\Passport\Token;
+
+class OAuthAppController extends Controller
+{
+    /**
+     * Show the user OAuth app screen.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Inertia\Response
+     */
+    public function index(Request $request)
+    {
+        return Jetstream::inertia()->render($request, 'OAuth/Index', [
+            'connections' => $request->user()->tokens()
+                ->with('client')
+                ->where('revoked', false)
+                ->where('expires_at', '>', Date::now())
+                ->get()
+                ->reject(fn (Token $token) => $token->client->revoked || $token->client->hasGrantType('personal_access'))
+                ->groupBy('client_id')
+                ->map(fn ($tokens) => [
+                    'client' => $tokens->first()->client,
+                    'scopes' => $tokens->pluck('scopes')->flatten()->unique()->values()->all(),
+                    'tokens_count' => $tokens->count(),
+                ])
+                ->values(),
+            'apps' => $request->user()->clients()
+                ->where('revoked', false)
+                ->get()
+                ->map(fn (Client $client) => $client->toArray() + [
+                    'is_confidential' => $client->confidential(),
+                    'created_date' => $client->created_at->toFormattedDateString(),
+                ]),
+        ]);
+    }
+
+    /**
+     * Create a new OAuth app.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store(Request $request)
+    {
+        $client = app(CreatesClients::class)->create($request->all());
+
+        return back()->with('flash', [
+            'client_id' => $client->id,
+            'client_secret' => $client->plainSecret,
+        ]);
+    }
+
+    /**
+     * Update the given OAuth app.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  string  $clientId
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function update(Request $request, $clientId)
+    {
+        $client = $request->user()->clients()->findOrFail($clientId);
+
+        app(UpdatesClients::class)->update($client, $request->all());
+
+        return back(303);
+    }
+
+    /**
+     * Delete the given OAuth App.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  string  $clientId
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy(Request $request, $clientId)
+    {
+        $client = $request->user()->clients()->find($clientId);
+
+        $client->tokens()->each(function (Token $token) {
+            $token->refreshToken()->delete();
+            $token->delete();
+        });
+
+        $client->delete();
+
+        return back(303);
+    }
+}
diff --git a/src/Http/Controllers/Inertia/OAuthConnectionController.php b/src/Http/Controllers/Inertia/OAuthConnectionController.php
@@ -0,0 +1,29 @@
+<?php
+
+namespace Laravel\Jetstream\Http\Controllers\Inertia;
+
+use Illuminate\Http\Request;
+use Illuminate\Routing\Controller;
+use Laravel\Passport\Token;
+
+class OAuthConnectionController extends Controller
+{
+    /**
+     * Delete the given OAuth connection.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  string  $clientId
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy(Request $request, $clientId)
+    {
+        $request->user()->tokens()
+            ->where('client_id', $clientId)
+            ->each(function (Token $token) {
+                $token->refreshToken()->delete();
+                $token->delete();
+            });
+
+        return back(303);
+    }
+}