From 3e96d18b48ac9d5be1ae7d48d2ad5d55021a0923 Mon Sep 17 00:00:00 2001
From: xiaomlove <i353856593@163.com>
Date: Sun, 17 Mar 2024 02:39:26 +0800
Subject: [PATCH] oauth support skips authorization

---
 .../Resources/Oauth/ClientResource.php        | 12 +++++++
 app/Models/OauthClient.php                    | 13 +++++++
 app/Providers/AppServiceProvider.php          |  2 ++
 app/Providers/AuthServiceProvider.php         |  3 ++
 ...1_000001_create_oauth_auth_codes_table.php | 31 ++++++++++++++++
 ...00002_create_oauth_access_tokens_table.php | 33 +++++++++++++++++
 ...0003_create_oauth_refresh_tokens_table.php | 29 +++++++++++++++
 ...6_01_000004_create_oauth_clients_table.php | 35 +++++++++++++++++++
 ...te_oauth_personal_access_clients_table.php | 28 +++++++++++++++
 ...orization_field_to_oauth_clients_table.php | 32 +++++++++++++++++
 include/constants.php                         |  2 +-
 resources/lang/en/oauth.php                   |  1 +
 resources/lang/zh_CN/oauth.php                |  1 +
 resources/lang/zh_TW/oauth.php                |  1 +
 14 files changed, 222 insertions(+), 1 deletion(-)
 create mode 100644 app/Models/OauthClient.php
 create mode 100644 database/migrations/2016_06_01_000001_create_oauth_auth_codes_table.php
 create mode 100644 database/migrations/2016_06_01_000002_create_oauth_access_tokens_table.php
 create mode 100644 database/migrations/2016_06_01_000003_create_oauth_refresh_tokens_table.php
 create mode 100644 database/migrations/2016_06_01_000004_create_oauth_clients_table.php
 create mode 100644 database/migrations/2016_06_01_000005_create_oauth_personal_access_clients_table.php
 create mode 100644 database/migrations/2024_03_17_021209_add_skips_authorization_field_to_oauth_clients_table.php

diff --git a/app/Filament/Resources/Oauth/ClientResource.php b/app/Filament/Resources/Oauth/ClientResource.php
index d9ae21ed..6c4c47dd 100644
--- a/app/Filament/Resources/Oauth/ClientResource.php
+++ b/app/Filament/Resources/Oauth/ClientResource.php
@@ -2,6 +2,7 @@
 
 namespace App\Filament\Resources\Oauth;
 
+use App\Filament\OptionsTrait;
 use App\Filament\PageListSingle;
 use App\Filament\Resources\Oauth\ClientResource\Pages;
 use App\Filament\Resources\Oauth\ClientResource\RelationManagers;
@@ -16,6 +17,8 @@ use Illuminate\Database\Eloquent\SoftDeletingScope;
 
 class ClientResource extends Resource
 {
+    use OptionsTrait;
+
     protected static ?string $model = Client::class;
 
     protected static ?string $navigationIcon = 'heroicon-o-collection';
@@ -40,6 +43,11 @@ class ClientResource extends Resource
             ->schema([
                 Forms\Components\TextInput::make('name')->label(__('label.name')),
                 Forms\Components\TextInput::make('redirect')->label(__('oauth.redirect')),
+                Forms\Components\Radio::make('skips_authorization')
+                    ->options(self::getYesNoOptions())
+                    ->inline()
+                    ->default(0)
+                    ->label(__('oauth.skips_authorization')),
 
             ]);
     }
@@ -52,6 +60,10 @@ class ClientResource extends Resource
                 Tables\Columns\TextColumn::make('name')->label(__('label.name')),
                 Tables\Columns\TextColumn::make('secret')->label(__('oauth.secret')),
                 Tables\Columns\TextColumn::make('redirect')->label(__('oauth.redirect')),
+                Tables\Columns\IconColumn::make('skips_authorization')
+                    ->boolean()
+                    ->label(__('oauth.skips_authorization'))
+                ,
 
             ])
             ->filters([
diff --git a/app/Models/OauthClient.php b/app/Models/OauthClient.php
new file mode 100644
index 00000000..6c9de2f7
--- /dev/null
+++ b/app/Models/OauthClient.php
@@ -0,0 +1,13 @@
+<?php
+
+namespace App\Models;
+
+use Laravel\Passport\Client;
+
+class OauthClient extends Client
+{
+    public function skipsAuthorization(): bool
+    {
+        return (bool)$this->skips_authorization;
+    }
+}
diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php
index 08035ded..ec3dbb35 100644
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@@ -9,6 +9,7 @@ use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\View;
 use Illuminate\Support\ServiceProvider;
 use Illuminate\Http\Resources\Json\JsonResource;
+use Laravel\Passport\Passport;
 use Nexus\Nexus;
 use Filament\Facades\Filament;
 use NexusPlugin\Menu\Filament\MenuItemResource;
@@ -22,6 +23,7 @@ class AppServiceProvider extends ServiceProvider
      */
     public function register()
     {
+        Passport::ignoreMigrations();
         do_action('nexus_register');
     }
 
diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php
index 3b9be3ca..063c8b5e 100644
--- a/app/Providers/AuthServiceProvider.php
+++ b/app/Providers/AuthServiceProvider.php
@@ -9,6 +9,7 @@ use App\Models\Category;
 use App\Models\Codec;
 use App\Models\Icon;
 use App\Models\Media;
+use App\Models\OauthClient;
 use App\Models\Plugin;
 use App\Models\Processing;
 use App\Models\SearchBox;
@@ -21,6 +22,7 @@ use App\Policies\CodecPolicy;
 use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
+use Laravel\Passport\Passport;
 
 class AuthServiceProvider extends ServiceProvider
 {
@@ -54,6 +56,7 @@ class AuthServiceProvider extends ServiceProvider
     public function boot()
     {
         $this->registerPolicies();
+        Passport::useClientModel(OauthClient::class);
 
         Auth::viaRequest('nexus-cookie', function (Request $request) {
             return $this->getUserByCookie($request->cookie());
diff --git a/database/migrations/2016_06_01_000001_create_oauth_auth_codes_table.php b/database/migrations/2016_06_01_000001_create_oauth_auth_codes_table.php
new file mode 100644
index 00000000..7b93b406
--- /dev/null
+++ b/database/migrations/2016_06_01_000001_create_oauth_auth_codes_table.php
@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+        Schema::create('oauth_auth_codes', function (Blueprint $table) {
+            $table->string('id', 100)->primary();
+            $table->unsignedBigInteger('user_id')->index();
+            $table->unsignedBigInteger('client_id');
+            $table->text('scopes')->nullable();
+            $table->boolean('revoked');
+            $table->dateTime('expires_at')->nullable();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+        Schema::dropIfExists('oauth_auth_codes');
+    }
+};
diff --git a/database/migrations/2016_06_01_000002_create_oauth_access_tokens_table.php b/database/migrations/2016_06_01_000002_create_oauth_access_tokens_table.php
new file mode 100644
index 00000000..598798ee
--- /dev/null
+++ b/database/migrations/2016_06_01_000002_create_oauth_access_tokens_table.php
@@ -0,0 +1,33 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+        Schema::create('oauth_access_tokens', function (Blueprint $table) {
+            $table->string('id', 100)->primary();
+            $table->unsignedBigInteger('user_id')->nullable()->index();
+            $table->unsignedBigInteger('client_id');
+            $table->string('name')->nullable();
+            $table->text('scopes')->nullable();
+            $table->boolean('revoked');
+            $table->timestamps();
+            $table->dateTime('expires_at')->nullable();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+        Schema::dropIfExists('oauth_access_tokens');
+    }
+};
diff --git a/database/migrations/2016_06_01_000003_create_oauth_refresh_tokens_table.php b/database/migrations/2016_06_01_000003_create_oauth_refresh_tokens_table.php
new file mode 100644
index 00000000..b007904c
--- /dev/null
+++ b/database/migrations/2016_06_01_000003_create_oauth_refresh_tokens_table.php
@@ -0,0 +1,29 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+        Schema::create('oauth_refresh_tokens', function (Blueprint $table) {
+            $table->string('id', 100)->primary();
+            $table->string('access_token_id', 100)->index();
+            $table->boolean('revoked');
+            $table->dateTime('expires_at')->nullable();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+        Schema::dropIfExists('oauth_refresh_tokens');
+    }
+};
diff --git a/database/migrations/2016_06_01_000004_create_oauth_clients_table.php b/database/migrations/2016_06_01_000004_create_oauth_clients_table.php
new file mode 100644
index 00000000..776ccfab
--- /dev/null
+++ b/database/migrations/2016_06_01_000004_create_oauth_clients_table.php
@@ -0,0 +1,35 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+        Schema::create('oauth_clients', function (Blueprint $table) {
+            $table->bigIncrements('id');
+            $table->unsignedBigInteger('user_id')->nullable()->index();
+            $table->string('name');
+            $table->string('secret', 100)->nullable();
+            $table->string('provider')->nullable();
+            $table->text('redirect');
+            $table->boolean('personal_access_client');
+            $table->boolean('password_client');
+            $table->boolean('revoked');
+            $table->timestamps();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+        Schema::dropIfExists('oauth_clients');
+    }
+};
diff --git a/database/migrations/2016_06_01_000005_create_oauth_personal_access_clients_table.php b/database/migrations/2016_06_01_000005_create_oauth_personal_access_clients_table.php
new file mode 100644
index 00000000..7c9d1e8f
--- /dev/null
+++ b/database/migrations/2016_06_01_000005_create_oauth_personal_access_clients_table.php
@@ -0,0 +1,28 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+        Schema::create('oauth_personal_access_clients', function (Blueprint $table) {
+            $table->bigIncrements('id');
+            $table->unsignedBigInteger('client_id');
+            $table->timestamps();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+        Schema::dropIfExists('oauth_personal_access_clients');
+    }
+};
diff --git a/database/migrations/2024_03_17_021209_add_skips_authorization_field_to_oauth_clients_table.php b/database/migrations/2024_03_17_021209_add_skips_authorization_field_to_oauth_clients_table.php
new file mode 100644
index 00000000..8b4daed5
--- /dev/null
+++ b/database/migrations/2024_03_17_021209_add_skips_authorization_field_to_oauth_clients_table.php
@@ -0,0 +1,32 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('oauth_clients', function (Blueprint $table) {
+            $table->boolean("skips_authorization")->default(false);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('oauth_clients', function (Blueprint $table) {
+            $table->dropColumn("skips_authorization");
+        });
+    }
+};
diff --git a/include/constants.php b/include/constants.php
index dc204c74..bfece3db 100644
--- a/include/constants.php
+++ b/include/constants.php
@@ -1,6 +1,6 @@
 <?php
 defined('VERSION_NUMBER') || define('VERSION_NUMBER', '1.8.9');
-defined('RELEASE_DATE') || define('RELEASE_DATE', '2024-03-16');
+defined('RELEASE_DATE') || define('RELEASE_DATE', '2024-03-17');
 defined('IN_TRACKER') || define('IN_TRACKER', false);
 defined('PROJECTNAME') || define("PROJECTNAME","NexusPHP");
 defined('NEXUSPHPURL') || define("NEXUSPHPURL","https://nexusphp.org");
diff --git a/resources/lang/en/oauth.php b/resources/lang/en/oauth.php
index fac17964..8b56ad23 100644
--- a/resources/lang/en/oauth.php
+++ b/resources/lang/en/oauth.php
@@ -10,4 +10,5 @@ return [
     'authorization_request_desc' => 'is requesting permission to access your account',
     'btn_approve' => 'Authorize',
     'btn_deny' => 'Cancel',
+    'skips_authorization' => 'Skips authorization',
 ];
diff --git a/resources/lang/zh_CN/oauth.php b/resources/lang/zh_CN/oauth.php
index 1fa85781..ad647b60 100644
--- a/resources/lang/zh_CN/oauth.php
+++ b/resources/lang/zh_CN/oauth.php
@@ -10,4 +10,5 @@ return [
     'authorization_request_desc' => '正在请求获取您账号的访问权限',
     'btn_approve' => '授权',
     'btn_deny' => '取消',
+    'skips_authorization' => '跳过授权',
 ];
diff --git a/resources/lang/zh_TW/oauth.php b/resources/lang/zh_TW/oauth.php
index 819e1214..c7217224 100644
--- a/resources/lang/zh_TW/oauth.php
+++ b/resources/lang/zh_TW/oauth.php
@@ -10,4 +10,5 @@ return [
     'authorization_request_desc' => '正在請求獲取您賬號的訪問權限',
     'btn_approve' => '授權',
     'btn_deny' => '取消',
+    'skips_authorization' => '跳過授權',
 ];