sushil/passport

Cortex Passport provides OAuth2 server support.

dev-master / 9.x-dev 2020-08-08 07:45 UTC

This package is auto-updated.

Last update: 2020-08-08 07:16:34 UTC


README

**Sushil Passport** is an OAuth2 server and API authentication package that is simple and enjoyable to use.

Installation and Usage

This is a **[Passport](https://github.com/jadavsushil/sushil-passport)** 

To be documented soon..!

Installation

composer require sushil/passport

Migrate Database

php artisan migrate

Required Step For Used this plugin

php artisan passport:install

add following line to your app/cortex/auth/src/Models/User.php file.

use Sushil\Passport\HasApiTokens;

abstract class User extends Model implements AuthenticatableContract, AuthenticatableTwoFactorContract, AuthorizableContract, CanResetPasswordContract, CanVerifyEmailContract, CanVerifyPhoneContract, HasMedia
{
    use HasApiTokens;

Finally, in your config/auth.php configuration file, you should set the driver option of the api authentication guard to passport. This will instruct your application to use Passport's TokenGuard when authenticating incoming API requests:

'guards' => [
    'api' => [
        'driver' => 'passport',
        'provider' => 'members',
    ],
],
  • Add following code on app\cortex\foundation\src\DataTables\AbstractDataTable.php file.

     ```
     
     Add new button default false in datatable in protected $buttons. 
     
     ```
    
     protected $buttons = [
     'create_popup' => false,
    
    
     ```
     
     Add following line of code in function getButtons(). 
     
     ```
      'create_popup' => ['extend' => 'create_popup', 'text' => '<i class="fa fa-plus"></i> '.trans('cortex/foundation::common.create')],
    
  • Add following code on resource\js\vendor\datatables-buttons.js file and add buttons definition on this file.

     DataTable.ext.buttons.create_popup = {
         className: 'buttons-create-popup',
         text: (dt) => '<i class="fa fa-plus"></i> ' + dt.i18n('buttons.create', 'Create'),
     };
    
  • Perform npm run dev command.

For multimodel authenticaton you can add multiple guards

'guards' => [
    'api' => [
        'driver' => 'passport',
        'provider' => 'members',
        'hash' => false,
    ],
    'admin_api' => [
        'driver' => 'passport',
        'provider' => 'admins',
    ],
    'manager_api' => [
        'driver' => 'passport',
        'provider' => 'managers',
    ],
],

Redirecting For Authorization

Once a client has been created, developers may use their client ID and secret to request an authorization code and access token from your application.

Include following namespace in your route.php file
use Illuminate\Http\Request;

Route::get('/redirect', function (Request $request) {
    $request->session()->put('state', $state = Str::random(40));

    $query = http_build_query([
        'client_id' => 'client-id',
        'redirect_uri' => 'http://example.com/callback',
        'response_type' => 'code',
        'scope' => '',
        'state' => $state,
    ]);

    return redirect('http://your-app.com/oauth/authorize?'.$query);
});

Approving The Request:
The redirect_uri must match the redirect URL that was specified when the client was created.
The client will be approved and the user will be redirected back to the redirect_uri immediately:

Converting Authorization Codes To Access Tokens:

Route::get('/callback', function (Request $request) {
    $state = $request->session()->pull('state');

    throw_unless(
        strlen($state) > 0 && $state === $request->state,
        InvalidArgumentException::class
    );

    $http = new GuzzleHttp\Client;

    $response = $http->post('http://your-app.com/oauth/token', [
        'form_params' => [
            'grant_type' => 'authorization_code',
            'client_id' => 'client-id',
            'client_secret' => 'client-secret',
            'redirect_uri' => 'http://example.com/callback',
            'code' => $request->code,
        ],
    ]);

    return json_decode((string) $response->getBody(), true);
});

Support

The following support channels are available at your fingertips:

Contributing & Protocols

Thank you for considering contributing to this project! The contribution guide can be found in CONTRIBUTING.md.

Bug reports, feature requests, and pull requests are very welcome.

Security Vulnerabilities

If you discover a security vulnerability within this project, please send an e-mail to security@rinvex.com. All security vulnerabilities will be promptly addressed.

About Rinvex

Rinvex is a software solutions startup, specialized in integrated enterprise solutions for SMEs established in Alexandria, Egypt since June 2016. We believe that our drive The Value, The Reach, and The Impact is what differentiates us and unleash the endless possibilities of our philosophy through the power of software. We like to call it Innovation At The Speed Of Life. That’s how we do our share of advancing humanity.

License

This software is released under The MIT License (MIT).

(c) 2016-2020 Rinvex LLC, Some rights reserved.