How do I configure Laravel Pennant to work with Laravel Passport

1. Install and Configure Laravel Passport

- Install Passport via Composer:

  composer require laravel/passport
  

  php artisan migrate
  

  php artisan passport:install
  

php
  use Laravel\Passport\HasApiTokens;

  class User extends Authenticatable
  {
      use HasApiTokens, Notifiable;
      // ...
  }
  

php
  'guards' => [
      'api' => [
          'driver' => 'passport',
          'provider' => 'users',
      ],
  ],
  

php
  use Laravel\Passport\Passport;

  public function boot()
  {
      $this->registerPolicies();
      Passport::routes();
  }
  

This sets up Passport to handle OAuth2 authentication and token issuance[2][6][11].

2. Install and Configure Laravel Pennant

- Install Pennant via Composer:

  composer require laravel/pennant
  

  php artisan vendor:publish --provider="Laravel\Pennant\PennantServiceProvider"
  

  php artisan migrate
  

3. Integrate Pennant Feature Flags with Passport Authentication

To use Pennant feature flags to control or customize Passport's OAuth2 authentication behavior, you can do the following:

- Conditional Authentication Logic: Use Pennant to enable or disable certain OAuth2 grant types or features dynamically. For example, in your `AuthServiceProvider` or middleware, check feature flags before allowing password grant token issuance.

- Protect API Routes Based on Feature Flags: Use Pennant's feature checks to restrict access to certain API routes that require Passport authentication. For example:

php
  use Illuminate\Support\Facades\Route;
  use Laravel\Pennant\Feature;

  Route::middleware(['auth:api'])->group(function () {
      Route::get('/premium-data', function () {
          if (!Feature::active('premium_access')) {
              abort(403, 'Feature not available');
          }
          // Return premium data
      });
  });
  

- Feature-Flagged Token Scopes: When issuing tokens with Passport, you can conditionally assign scopes based on feature flags:

php
  if (Feature::active('beta_feature')) {
      $token = $user->createToken('Token Name', ['beta-access'])->accessToken;
  } else {
      $token = $user->createToken('Token Name')->accessToken;
  }
  

Summary

- Set up Laravel Passport fully for OAuth2 authentication, including migrations, service provider, user model trait, and API guard configuration.
- Install Laravel Pennant, publish its config and migration, and migrate the database.
- Use Pennant's feature flag checks (`Feature::active('flag_name')`) in your authentication logic, route protection, and token issuance to control Passport behavior dynamically.

This approach allows you to leverage Laravel Pennant's feature flagging capabilities to enable or disable Passport authentication features or API access seamlessly without redeploying your app.

For detailed usage of each package, refer to the official Laravel documentation on Pennant and Passport[1][2][6][7].

Citations:
[1] https://laravel.com/docs/11.x/pennant
[2] https://laravel.com/docs/11.x/passport
[3] https://blog.logrocket.com/laravel-passport-a-tutorial-and-example-build/
[4] https://www.youtube.com/watch?v=K7RfBgoeg48
[5] https://laravel.com/docs/6.x/passport
[6] https://clouddevs.com/laravel/install-and-configure-passport/
[7] https://www.honeybadger.io/blog/a-guide-to-feature-flags-in-laravel/
[8] https://github.com/laravel/pennant
[9] https://laravel.com/docs/5.4/passport
[10] https://www.toptal.com/laravel/passport-tutorial-auth-user-access
[11] https://laravel.com/docs/7.x/passport
[12] https://wpwebinfotech.com/blog/laravel-pennant-guide/