Filament Passport Ui Laravel Package

Added

• Added support for Laravel 13

Full Changelog: https://github.com/N3XT0R/filament-passport-ui/compare/2.2.0...2.3.0

What's New

Filament v5 Support

This release adds official support for Filament v5, allowing the package to be used with the latest Filament version without any breaking changes.

What this means:

• You can now use this package with Filament v5
• Existing Filament v4 installations continue to work unchanged
• No configuration or migration steps are required

Additional Platform Support

• PHP 8.5 is now officially supported

For Admins

• No changes required: Existing Filament v4 setups continue to work
• Upgrade-ready: The package can be used with Filament v5 when upgrading your admin panel

For Developers

• Official compatibility with Filament v5
• Full backward compatibility with Filament v4
• PHP 8.5 support added
• See Changelog for technical details

Full Changelog: https://github.com/N3XT0R/filament-passport-ui/compare/2.1.0...2.2.0

What's New

Clearer Permission Controls

OAuth clients now use a two-step setup process that separates client-level permissions from user-level permissions.

What this means:

• When creating a client, you first define what the client itself can do (client permissions)
• Then, separately, you define what specific users can do through that client (user permissions)
• User permissions are always limited to what the client itself is allowed to do—no escalation possible

This makes it much clearer who can do what, and prevents accidental permission grants.

Smarter Permission UI

The permission interface is now component-based and more intelligent:

• The system automatically restricts user permission choices based on what the client can do
• You can't accidentally give a user more permissions than the client has
• The interface guides you through setup with clear steps instead of a single overwhelming form

Required Owner for Delegation

When creating clients that involve user delegation (everything except machine-to-machine), you must now assign an owner. Machine-to-machine clients (client_credentials) don't require an owner.

What this means:

• Every user-facing client has a clear owner responsible for it
• Machine-to-machine integrations work without owner context

Better UI Architecture

The underlying UI code is now cleaner and more maintainable. Permission configuration uses reusable components instead of generic form builders, making the interface easier to understand and extend.

For Admins

• Setup is clearer: Two-step wizard guides you through client creation
• Permissions are safer: User permissions automatically limited by client permissions
• Ownership is explicit: All delegated clients have a clear owner
• No surprises: The UI prevents permission misconfiguration

For Developers

• See Changelog for technical details
• Component-based scope configuration for future extensibility
• Enhanced permission validation throughout

Full Changelog: https://github.com/N3XT0R/filament-passport-ui/compare/2.0.0...2.1.0

This release introduces a major architectural refactoring that clearly separates administrative UI concerns from authorization domain logic.

✨ What’s changed

• Filament Passport UI now delegates all authorization domain logic to the Laravel Passport Authorization Core package.
• Removed duplicated authorization logic from the UI layer in favor of shared, reusable use cases provided by the core package.
• Established a clear and stable separation of responsibilities:
  • Filament Passport UI focuses exclusively on administration and presentation
  • Authorization modeling and behavior live in the core package

🧱 Architecture

This change is part of the planned v2 architecture and represents a long-term, intentional design decision aimed at improving:

• maintainability
• auditability
• reuse outside of Filament
• clarity of authorization behavior

⚠️ Migration

If you are upgrading from v1, please follow the dedicated migration guide:

👉 docs/migration-to-v2.md

Full Changelog: https://github.com/N3XT0R/filament-passport-ui/compare/1.0.0...2.0.0

🎉 Filament Passport UI v1.0.0

This is the first stable release of Filament Passport UI, providing a structured and auditable administrative interface for managing Laravel Passport OAuth2 resources using Filament v4.

The package focuses on visibility, governance, and explicit administration of OAuth configuration, without modifying Passport internals or enforcing authorization logic at runtime.

✨ Highlights

• Native Filament v4 plugin for managing Laravel Passport OAuth clients, tokens, and scopes
• Full support for all Passport grant types
• Database-backed scope modeling using structured resource + action concepts
• Clean Architecture–inspired Use Case layer with explicit domain behavior
• Comprehensive audit logging and event-based lifecycle tracking
• Designed for administration and compliance, not OAuth flow implementation

🧩 Key Features

OAuth Client & Token Management

• Manage OAuth clients through dedicated Filament resources
• Support for Authorization Code, Client Credentials, Password, Personal Access, Implicit, and Device grants
• Inspect, identify, and revoke issued access tokens with improved traceability

Scopes & Authorization Modeling

• Database-backed scope management
• Scopes modeled as resources and actions
• Granular scope-to-owner assignments
• Centralized scope registry with caching support

Explicit Domain Architecture

• Application Use Cases for all critical operations (create, edit, revoke, ownership changes)
• Domain events dispatched explicitly for lifecycle actions
• Strategy-based OAuth client factory per grant type
• Repository and service layers with clear contracts and cached decorators

Administrative UX Enhancements

• Revoke status visibility and toggles for OAuth clients
• Custom Filament actions bound directly to use cases
• Consistent UX aligned with Filament conventions

Auditability & Operations

• Full audit logging via spatie/laravel-activitylog
• Console commands for installation and cache management
• Designed to support compliance and traceability requirements (e.g. ISO/IEC 27001)

Configuration & Extensibility

• Customizable owner models and Passport mappings
• Optional database-backed scopes
• Navigation customization
• English and German localization

Tooling & Quality

• Database migrations and seeders for scope management
• Automated test coverage for stability
• Comprehensive documentation covering configuration, usage, and testing

🧭 Stability Notice

This release marks the stable 1.0.0 API.
Future changes will follow Semantic Versioning.

Non-Filament-related authorization and domain logic may be extracted into a dedicated core package in future versions, while the Filament-facing API and behavior are expected to remain stable.

Added

• IdColumn for Token Table: Introduced IdColumn to the TokenTable for improved token identification and visibility.
• Custom Use Case Actions: Implemented custom actions bound to domain use cases, providing a more structured and maintainable approach to administrative operations.

Changed

• Unified Logging Architecture: Replaced default DeleteAction and record create/update handlers with use case-based implementations to ensure consistent and unified logging across all administrative operations.

Fixed

• LastLoginColumn Model Reference: Fixed a bug where an incorrect model was being used in LastLoginColumn.
• Owner Resolution in EditClientUseCase: Fixed owner resolution logic in EditClientUseCase to properly handle both entity objects and identifiers.

Installation & Upgrade

To upgrade to this release:

composer require n3xt0r/filament-passport-ui:1.0.0-beta.3

No additional configuration changes are required for this update.

Notes

This is a beta release marking the final phase before the stable v1.0.0 release. The package is now feature-complete and moving towards stability with 95% test coverage. A stable release is expected within the next few days. Please report any issues or feedback via the project repository to help us reach a solid v1.0.0 release.

Full Changelog: https://github.com/N3XT0R/filament-passport-ui/compare/1.0.0-beta.1...1.0.0-beta.3

🚀 First public beta release of Filament Passport UI

This release introduces a complete, domain-oriented Filament v4 admin interface for Laravel Passport, focusing on visibility, governance, and structured OAuth administration — without modifying Passport internals.

✨ Highlights

• Full Filament v4 plugin for managing Laravel Passport OAuth resources
• UI-driven administration of OAuth clients, tokens, and scopes
• Support for all Passport grant types
  Authorization Code, Client Credentials, Password, Personal Access, Implicit, Device
• Structured, database-backed scope modeling (resource + action)
• Clean Architecture–inspired service & use-case layer
• Explicit ownership handling for OAuth clients
• Event-driven design with observers and activity logging
• Fully configurable and extensible for custom Passport models

🧩 Core Features

OAuth Clients

• Create, edit, revoke, and inspect OAuth clients via UI
• Grant-type–specific client creation using a strategy pattern
• Ownership assignment and transfer workflows

Tokens

• View and revoke issued access tokens
• Inspect token status and expiration

Scopes & Authorization

• Database-backed scope management instead of static strings
• Scopes modeled as resource + action
• Granular scope grants via dedicated pivot model
• Seeders for default scope structures

Architecture & Internals

• Service layer (ClientService, GrantService, ScopeRegistryService)
• Repository pattern with cache decorators
• Typed DTOs and value objects for safer domain boundaries
• Domain events for client and scope lifecycle
• Model observers for consistent state handling
• Activity logging via Spatie Activity Log

⚙️ Tooling & DX

• Interactive installer command
• Configurable owner model, navigation, scope handling, and Passport model mappings
• English and German localization
• Comprehensive documentation covering setup, configuration, and testing

⚠️ Status

This is a beta release.
APIs and internal structures may still change before 1.0.0.

Feedback, issues, and architectural discussion are explicitly welcome.