add passport installer option

.gitignore

@@ -7,5 +7,5 @@ docs
 phpunit.xml
 phpstan.neon
 testbench.yaml
-vendor
-node_modules
+/vendor
+node_modules

README.md

@@ -23,6 +23,10 @@ laravel new one-app --dev
 composer create project "laravel/laravel:11.x-dev" one-app
 ```
 
+```bash
+cd one-app
+```
+
 Then you can install the package via composer:
 
 ```bash
@@ -33,30 +37,60 @@ composer require envor/one-app
 php artisan one-app:install
 ```
 
-## SSO (Optional)
+To Configure your platform database (aka `central` or `landlord` database, etc..)
+
+Add the following key to your `.env` file:
 
-Install headerx/laravel-jestream-passport
+```ini
+PLATFORM_DB_CONNECTION=sqlite
+```
+
+> [!NOTE]  
+> Sqlite is the default. You can set it to the name of any other connection you wish.
+>
+
+Next, freshen your migrations, using the `database/migration/platform` path, and the name of your `PLATFORM_DB_CONNECTION`
 
 ```bash
-composer require headerx/laravel-jetstream-passport
+php artisan migrate:fresh --path=database/migrations/platform --database=sqlite
 ```
 
+You can now test your application to ensure everything is working properly!
+
 ```bash
-php artisan jetstream-passport:install
+php artisan test
 ```
 
-Move passport migrations to the platform folder
+## SSO (Optional)
+
+If you need it you can set up `one-app` to use laravel/passport instead of `laravel/sanctum` which will include a full OAuth2 Server, complete with self a token and client management ui.
+
+Install headerx/laravel-jetstream-passport
 
 ```bash
-mv database/migrations/*oauth*.php database/migrations/platform
+composer require headerx/laravel-jetstream-passport:^1.0
 ```
 
 ```bash
-php artisan migrate:fresh --path="database/migrations/platform" --database="sqlite"
+php artisan one-app:passport
+```
+
+Then run migrations
+
+```bash
+php artisan migrate --path="database/migrations/platform" --database="sqlite"
 ```
 
+Then run tests again!
+
 ## Testing
 
+```bash
+php artisan test
+```
+
+or
+
 ```bash
 composer test
 ```

composer.json

@@ -20,6 +20,7 @@
         "envor/laravel-datastore": "^1.2",
         "envor/laravel-schema-macros": "^1.1",
         "envor/platform": "^1.5",
+        "headerx/laravel-jetstream-passport": "^1.0",
         "illuminate/contracts": "^11.0",
         "inmanturbo/turbohx": "^1.1",
         "laravel/jetstream": "^5.0@dev",

passport/stubs/app/Models/Passport/AuthCode.php

@@ -0,0 +1,11 @@
+<?php
+
+namespace App\Models\Passport;
+
+use Envor\Platform\Concerns\UsesPlatformConnection;
+use Laravel\Passport\AuthCode as PassportAuthCode;
+
+class AuthCode extends PassportAuthCode
+{
+    use UsesPlatformConnection;
+}

passport/stubs/app/Models/Passport/Client.php

@@ -0,0 +1,11 @@
+<?php
+
+namespace App\Models\Passport;
+
+use Envor\Platform\Concerns\UsesPlatformConnection;
+use Laravel\Passport\Client as PassportClient;
+
+class Client extends PassportClient
+{
+    use UsesPlatformConnection;
+}

passport/stubs/app/Models/Passport/PersonalAccessClient.php

@@ -0,0 +1,11 @@
+<?php
+
+namespace App\Models\Passport;
+
+use Envor\Platform\Concerns\UsesPlatformConnection;
+use Laravel\Passport\PersonalAccessClient as PassportPersonalAccessClient;
+
+class PersonalAccessClient extends PassportPersonalAccessClient
+{
+    use UsesPlatformConnection;
+}

passport/stubs/app/Models/Passport/RefreshToken.php

@@ -0,0 +1,11 @@
+<?php
+
+namespace App\Models\Passport;
+
+use Envor\Platform\Concerns\UsesPlatformConnection;
+use Laravel\Passport\RefreshToken as PassportRefreshToken;
+
+class RefreshToken extends PassportRefreshToken
+{
+    use UsesPlatformConnection;
+}

passport/stubs/app/Models/Passport/Token.php

@@ -0,0 +1,11 @@
+<?php
+
+namespace App\Models\Passport;
+
+use Envor\Platform\Concerns\UsesPlatformConnection;
+use Laravel\Passport\Token as PassportToken;
+
+class Token extends PassportToken
+{
+    use UsesPlatformConnection;
+}

passport/stubs/app/Providers/ApiServiceProvider.php

@@ -0,0 +1,49 @@
+<?php
+
+namespace App\Providers;
+
+use App\Models\Passport\AuthCode;
+use App\Models\Passport\Client;
+use App\Models\Passport\PersonalAccessClient;
+use App\Models\Passport\RefreshToken;
+use App\Models\Passport\Token;
+use Illuminate\Support\ServiceProvider;
+use Laravel\Passport\Passport;
+
+class ApiServiceProvider extends ServiceProvider
+{
+    /**
+     * Register services.
+     */
+    public function register(): void
+    {
+        //
+    }
+
+    /**
+     * Bootstrap services.
+     */
+    public function boot(): void
+    {
+        Passport::tokensCan([
+            'create' => 'Create resources',
+            'read' => 'Read Resources',
+            'update' => 'Update Resources',
+            'delete' => 'Delete Resources',
+        ]);
+
+        // default scope for passport tokens
+        Passport::setDefaultScope([
+            // 'create',
+            'read',
+            // 'update',
+            // 'delete',
+        ]);
+
+        Passport::useTokenModel(Token::class);
+        Passport::useRefreshTokenModel(RefreshToken::class);
+        Passport::useAuthCodeModel(AuthCode::class);
+        Passport::useClientModel(Client::class);
+        Passport::usePersonalAccessClientModel(PersonalAccessClient::class);
+    }
+}

passport/stubs/config/auth.php

@@ -0,0 +1,63 @@
+<?php
+
+return [
+
+    /*
+    |--------------------------------------------------------------------------
+    | Authentication Guards
+    |--------------------------------------------------------------------------
+    |
+    | Next, you may define every authentication guard for your application.
+    | Of course, a great default configuration has been defined for you
+    | which utilizes session storage plus the Eloquent user provider.
+    |
+    | All authentication guards have a user provider, which defines how the
+    | users are actually retrieved out of your database or other storage
+    | system used by the application. Typically, Eloquent is utilized.
+    |
+    | Supported: "session"
+    |
+    */
+
+    'guards' => [
+        'web' => [
+            'driver' => 'session',
+            'provider' => 'users',
+        ],
+
+        'api' => [
+            'driver' => 'passport',
+            'provider' => 'users',
+            'hash' => false,
+        ],
+    ],
+
+    /*
+    |--------------------------------------------------------------------------
+    | Resetting Passwords
+    |--------------------------------------------------------------------------
+    |
+    | These configuration options specify the behavior of Laravel's password
+    | reset functionality, including the table utilized for token storage
+    | and the user provider that is invoked to actually retrieve users.
+    |
+    | The expiry time is the number of minutes that each reset token will be
+    | considered valid. This security feature keeps tokens short-lived so
+    | they have less time to be guessed. You may change this as needed.
+    |
+    | The throttle setting is the number of seconds a user must wait before
+    | generating more password reset tokens. This prevents the user from
+    | quickly generating a very large amount of password reset tokens.
+    |
+    */
+
+    'passwords' => [
+        'users' => [
+            'provider' => 'users',
+            'table' => 'password_reset_tokens',
+            'connection' => env('PLATFORM_DB_CONNECTION', 'sqlite'),
+            'expire' => 60,
+            'throttle' => 60,
+        ],
+    ],
+];

passport/stubs/resources/views/api/index.blade.php

@@ -0,0 +1,21 @@
+<x-app-layout>
+    <x-slot name="header">
+        <h2 class="text-xl font-semibold leading-tight text-gray-800">
+            {{ __('Api Tokens') }}
+        </h2>
+    </x-slot>
+
+    <div>
+        <div class="py-10 mx-auto max-w-7xl sm:px-6 lg:px-8">
+            @livewire('jetstream-passport.oauth-client-manager')
+        </div>
+    </div>
+
+    <x-section-border />
+
+    <div>
+        <div class="py-10 mx-auto max-w-7xl sm:px-6 lg:px-8">
+            @livewire('jetstream-passport.api-token-manager')
+        </div>
+    </div>
+</x-app-layout>

passport/stubs/resources/views/vendor/passport/authorize.blade.php

@@ -0,0 +1,65 @@
+<x-guest-layout>
+
+    <div class="fixed top-0 min-w-full px-6 py-3 mb-0 text-center bg-white border-b-1 border-grey-light text-grey-lightest dark:bg-gray-800">
+        Authorization Request
+    </div>
+
+    <x-authentication-card>
+        <x-slot name="logo">
+            <x-authentication-card-logo />
+        </x-slot>
+
+
+
+        <div class="mb-4 text-sm text-gray-600 dark:text-gray-400">
+            <p><strong>{{ $client->name }}</strong> is requesting permission to access your account.</p>
+        </div>
+
+        <!-- Scope List -->
+        @if (count($scopes) > 0)
+            <div class="scopes">
+                <p><strong>This application will be able to:</strong></p>
+
+                <ul>
+                    @foreach ($scopes as $scope)
+                        <li>{{ $scope->description }}</li>
+                    @endforeach
+                </ul>
+            </div>
+        @endif
+
+        <x-validation-errors class="mb-4" />
+        <div class="flex items-center justify-end mt-4">
+
+            <form method="POST" action="{{ route('passport.authorizations.deny') }}">
+                @csrf
+                @method('DELETE')
+
+                <input type="hidden" name="state" value="{{ $request->state }}">
+                <input type="hidden" name="client_id" value="{{ $client->id }}">
+                <input type="hidden" name="auth_token" value="{{ $authToken }}">
+
+                <div class="flex justify-end mt-4">
+                    <x-button class="ml-4 bg-red-500 dark:bg-red-800">
+                        {{ __('Cancel') }}
+                    </x-button>
+                </div>
+            </form>
+
+            <form method="POST" action="{{ route('passport.authorizations.approve') }}">
+                @csrf
+
+                <input type="hidden" name="state" value="{{ $request->state }}">
+                <input type="hidden" name="client_id" value="{{ $client->id }}">
+                <input type="hidden" name="auth_token" value="{{ $authToken }}">
+                <div class="flex justify-end mt-4">
+                    <x-button class="ml-4">
+                        {{ __('Authorize') }}
+                    </x-button>
+                </div>
+            </form>
+
+        </div>
+
+    </x-authentication-card>
+</x-guest-layout>

passport/stubs/routes/api.php

@@ -0,0 +1,8 @@
+<?php
+
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Route;
+
+Route::get('/user', function (Request $request) {
+    return $request->user();
+})->middleware('auth:api');

passport/stubs/tailwind.config.js

@@ -0,0 +1,24 @@
+import defaultTheme from 'tailwindcss/defaultTheme';
+import forms from '@tailwindcss/forms';
+import typography from '@tailwindcss/typography';
+
+/** @type {import('tailwindcss').Config} */
+export default {
+    content: [
+        './vendor/laravel/framework/src/Illuminate/Pagination/resources/views/*.blade.php',
+        './vendor/headerx/laravel-jetstream-passport/resources/views/**/*.blade.php',
+        './vendor/laravel/jetstream/**/*.blade.php',
+        './storage/framework/views/*.php',
+        './resources/views/**/*.blade.php',
+    ],
+
+    theme: {
+        extend: {
+            fontFamily: {
+                sans: ['Figtree', ...defaultTheme.fontFamily.sans],
+            },
+        },
+    },
+
+    plugins: [forms, typography],
+};