Filament Passport Ui Laravel Package

Getting Started

Minimal Setup

1. Installation

   composer require n3xt0r/filament-passport-ui
   

   Publish the config (if needed):

   php artisan vendor:publish --provider="N3XT0R\FilamentPassportUI\FilamentPassportUIServiceProvider" --tag="config"
   

2. Register the Plugin Add to app/Providers/Filament/AdminPanelProvider.php:

   public function panel(Panel $panel): Panel
   {
       return $panel
           ->plugins([
               \N3XT0R\FilamentPassportUI\FilamentPassportUIPlugin::make(),
           ]);
   }
   

3. First Use Case Access /admin/resources/passport to manage OAuth2 clients, tokens, and scopes via Filament’s UI. No manual resource creation—just install and go.

Implementation Patterns

Core Workflows

1. Client Management

   • Create/Edit Clients: Use the built-in form with fields for name, redirect, personal_access_client, and password_client.
   • Revoke Tokens: Bulk-revoke tokens from the client’s "Tokens" tab via a soft-delete toggle.
   • Scope Assignment: Assign scopes to clients via a multi-select dropdown in the client edit form.

2. Token Auditability

   • Filter Tokens: Use Filament’s table filters (e.g., user_id, client_id, revoked_at) to track suspicious activity.
   • Log Changes: Leverage Filament’s built-in audit logs (if enabled) to track token revocations or scope updates.

3. Scope Customization

   • Extend Scopes: Override default scopes by publishing the config:

     php artisan vendor:publish --tag="filament-passport-ui-config"
     

     Then modify config/filament-passport-ui.php under scopes.

4. Integration with Filament Policies

   • Restrict access to sensitive actions (e.g., revoking tokens) using Filament’s policy system:

     public static function getPages(): array
     {
         return [
             'clients' => [
                 'create' => 'create-passport-clients',
                 'edit'   => 'update-passport-clients',
                 'revoke' => 'revoke-passport-tokens',
             ],
         ];
     }
     

5. API Token Generation

   • Generate personal access tokens directly from the UI via a button action on the user resource (if integrated):

     use N3XT0R\FilamentPassportUI\Actions\GeneratePersonalAccessToken;
     

Gotchas and Tips

Pitfalls

1. Passport Configuration Conflict

   • Ensure config/auth.php includes Passport’s providers:

     'providers' => [
         'users' => [
             'driver' => 'eloquent',
             'model' => App\Models\User::class,
         ],
         'passport' => [
             'driver' => 'passport',
         ],
     ],
     

   • Fix: Run php artisan passport:install if missing.

2. Missing Migrations

   • If tokens/clients don’t appear, check for pending migrations:

     php artisan migrate
     

3. Scope Visibility

   • Scopes defined in config/filament-passport-ui.php must match those in your Passport scope table.
   • Tip: Use a seeder to sync scopes:

     use Laravel\Passport\ClientRepository;
     $scopes = config('filament-passport-ui.scopes');
     foreach ($scopes as $scope) {
         \Laravel\Passport\Scope::firstOrCreate(['id' => $scope]);
     }
     

4. Filament 4 vs. 5 Quirks

   • Filament 4: Use filament/passport-ui:4.x branch if downgrading.
   • Filament 5: Ensure filament/filament:^5.0 is installed (package is v5-compatible by default).

Debugging

1. Token Not Showing?

   • Check if revoked_at is null (soft-deleted tokens are hidden by default). Override in the config:

     'tables' => [
         'tokens' => [
             'show_soft_deleted' => true,
         ],
     ],
     

2. Permission Denied

   • Verify the passport middleware is registered in app/Http/Kernel.php:

     'api' => [
         \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,
         'throttle:api',
         \Illuminate\Auth\Middleware\Authenticate::class,
     ],
     

3. Custom Actions Not Triggering

   • Ensure actions are registered in the plugin’s getTableActions() or getFormActions() methods. Extend the plugin via a service provider:

     public function boot()
     {
         \N3XT0R\FilamentPassportUI\FilamentPassportUIPlugin::extend(function ($plugin) {
             $plugin->tableActions([
                 \N3XT0R\FilamentPassportUI\Actions\RegenerateToken::make(),
             ]);
         });
     }
     

Extension Points

1. Custom Fields

   • Add fields to the client/token forms by extending the plugin:

     use N3XT0R\FilamentPassportUI\Forms\Components\ClientForm;
     ClientForm::extend(function (ClientForm $form) {
         $form->addComponents([
             TextInput::make('custom_field')
                 ->columnSpanFull(),
         ]);
     });
     

2. Audit Logs

   • Integrate with spatie/laravel-audit-log by publishing the config and enabling:

     'audit' => [
         'enabled' => true,
         'log' => [
             'client_created',
             'token_revoked',
         ],
     ],
     

3. API Rate Limiting

   • Customize Passport’s rate limiting by overriding the Passport::tokensCan() or Passport::hashClientSecrets() methods in a service provider.

4. Localization

   • Translate labels/actions by publishing the language files:

     php artisan vendor:publish --tag="filament-passport-ui-lang"
     

   • Then extend resources/lang/vendor/filament-passport-ui/en/messages.php.