✨ Add OAuth functionality, MCP tools, and feature tests

- 🔒 Added migrations for `oauth_access_tokens`, `oauth_refresh_tokens`, `oauth_auth_codes`, `oauth_clients`, and `oauth_device_codes`.
- 🤖 Created MCP tools (Meetups, Cities, Venues, Courses, Lecturers) for managing entities with authentication and validation.
- 🛠️ Implemented Passport-backed OAuth API guard configuration and validation endpoints.
- ✅ Added comprehensive feature tests for MCP tools and OAuth functionality (access control, validation, and token-based authentication).

app/Mcp/Tools/Meetup/CreateMeetupTool.php

@@ -0,0 +1,60 @@
+<?php
+
+namespace App\Mcp\Tools\Meetup;
+
+use App\Http\Requests\Api\StoreMeetupRequest;
+use App\Http\Resources\MeetupResource;
+use App\Models\Meetup;
+use Illuminate\Contracts\JsonSchema\JsonSchema;
+use Illuminate\JsonSchema\Types\Type;
+use Illuminate\Support\Facades\Gate;
+use Laravel\Mcp\Request;
+use Laravel\Mcp\Response;
+use Laravel\Mcp\Server\Attributes\Description;
+use Laravel\Mcp\Server\Tool;
+
+#[Description('Legt ein neues Meetup für den authentifizierten Nutzer an. Der Ersteller (created_by) wird automatisch gesetzt.')]
+class CreateMeetupTool extends Tool
+{
+    public function handle(Request $request): Response
+    {
+        $user = $request->user();
+
+        if ($user === null || Gate::forUser($user)->denies('create', Meetup::class)) {
+            return Response::error('Nicht berechtigt, ein Meetup anzulegen.');
+        }
+
+        $storeRequest = new StoreMeetupRequest;
+
+        $validated = $request->validate(
+            $storeRequest->rules(),
+            $storeRequest->messages(),
+        );
+
+        $meetup = Meetup::create($validated);
+
+        return Response::json(MeetupResource::make($meetup->fresh())->resolve());
+    }
+
+    /**
+     * @return array<string, Type>
+     */
+    public function schema(JsonSchema $schema): array
+    {
+        return [
+            'name' => $schema->string()->description('Name des Meetups.')->required(),
+            'city_id' => $schema->integer()->description('ID der zugehörigen Stadt (vorher per search-cities auflösen).')->required(),
+            'intro' => $schema->string()->description('Einleitungstext.'),
+            'telegram_link' => $schema->string()->description('Telegram-Gruppen-URL.'),
+            'webpage' => $schema->string()->description('Webseiten-URL.'),
+            'twitter_username' => $schema->string()->description('Twitter/X-Benutzername.'),
+            'matrix_group' => $schema->string()->description('Matrix-Gruppe.'),
+            'nostr' => $schema->string()->description('Nostr-Identifier.'),
+            'simplex' => $schema->string()->description('SimpleX-Link.'),
+            'signal' => $schema->string()->description('Signal-Gruppenlink.'),
+            'community' => $schema->string()->description('Community-Bezeichnung.'),
+            'visible_on_map' => $schema->boolean()->description('Auf der Karte sichtbar.'),
+            'is_active' => $schema->boolean()->description('Aktiv.'),
+        ];
+    }
+}

app/Mcp/Tools/Meetup/ListMyMeetupsTool.php

@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Mcp\Tools\Meetup;
+
+use App\Http\Resources\MeetupResource;
+use App\Models\Meetup;
+use Illuminate\Support\Facades\Gate;
+use Laravel\Mcp\Request;
+use Laravel\Mcp\Response;
+use Laravel\Mcp\Server\Attributes\Description;
+use Laravel\Mcp\Server\Tool;
+use Laravel\Mcp\Server\Tools\Annotations\IsReadOnly;
+
+#[IsReadOnly]
+#[Description('Listet alle vom authentifizierten Nutzer erstellten Meetups, alphabetisch sortiert.')]
+class ListMyMeetupsTool extends Tool
+{
+    public function handle(Request $request): Response
+    {
+        $user = $request->user();
+
+        if ($user === null || Gate::forUser($user)->denies('viewAny', Meetup::class)) {
+            return Response::error('Nicht authentifiziert.');
+        }
+
+        $meetups = Meetup::query()
+            ->where('created_by', $user->getAuthIdentifier())
+            ->orderBy('name')
+            ->get();
+
+        return Response::json(MeetupResource::collection($meetups)->resolve());
+    }
+}

app/Mcp/Tools/Meetup/ShowMyMeetupTool.php

@@ -0,0 +1,46 @@
+<?php
+
+namespace App\Mcp\Tools\Meetup;
+
+use App\Http\Resources\MeetupResource;
+use App\Models\Meetup;
+use Illuminate\Contracts\JsonSchema\JsonSchema;
+use Illuminate\JsonSchema\Types\Type;
+use Illuminate\Support\Facades\Gate;
+use Laravel\Mcp\Request;
+use Laravel\Mcp\Response;
+use Laravel\Mcp\Server\Attributes\Description;
+use Laravel\Mcp\Server\Tool;
+use Laravel\Mcp\Server\Tools\Annotations\IsReadOnly;
+
+#[IsReadOnly]
+#[Description('Zeigt ein einzelnes, vom authentifizierten Nutzer erstelltes Meetup.')]
+class ShowMyMeetupTool extends Tool
+{
+    public function handle(Request $request): Response
+    {
+        $meetup = Meetup::find($request->get('id'));
+
+        if (! $meetup) {
+            return Response::error('Meetup nicht gefunden.');
+        }
+
+        $user = $request->user();
+
+        if ($user === null || Gate::forUser($user)->denies('view', $meetup)) {
+            return Response::error('Nur der Ersteller oder ein Super-Admin darf dieses Meetup sehen.');
+        }
+
+        return Response::json(MeetupResource::make($meetup)->resolve());
+    }
+
+    /**
+     * @return array<string, Type>
+     */
+    public function schema(JsonSchema $schema): array
+    {
+        return [
+            'id' => $schema->integer()->description('ID des Meetups.')->required(),
+        ];
+    }
+}

app/Mcp/Tools/Meetup/UpdateMeetupTool.php

@@ -0,0 +1,62 @@
+<?php
+
+namespace App\Mcp\Tools\Meetup;
+
+use App\Http\Requests\Api\UpdateMeetupRequest;
+use App\Http\Resources\MeetupResource;
+use App\Models\Meetup;
+use Illuminate\Contracts\JsonSchema\JsonSchema;
+use Illuminate\JsonSchema\Types\Type;
+use Illuminate\Support\Facades\Gate;
+use Laravel\Mcp\Request;
+use Laravel\Mcp\Response;
+use Laravel\Mcp\Server\Attributes\Description;
+use Laravel\Mcp\Server\Tool;
+
+#[Description('Aktualisiert ein bestehendes Meetup. Nur der Ersteller oder ein Super-Admin darf es ändern.')]
+class UpdateMeetupTool extends Tool
+{
+    public function handle(Request $request): Response
+    {
+        $meetup = Meetup::find($request->get('id'));
+
+        if (! $meetup) {
+            return Response::error('Meetup nicht gefunden.');
+        }
+
+        $user = $request->user();
+
+        if ($user === null || Gate::forUser($user)->denies('update', $meetup)) {
+            return Response::error('Nur der Ersteller oder ein Super-Admin darf dieses Meetup ändern.');
+        }
+
+        $validated = $request->validate((new UpdateMeetupRequest)->rules());
+
+        $meetup->update($validated);
+
+        return Response::json(MeetupResource::make($meetup->fresh())->resolve());
+    }
+
+    /**
+     * @return array<string, Type>
+     */
+    public function schema(JsonSchema $schema): array
+    {
+        return [
+            'id' => $schema->integer()->description('ID des zu aktualisierenden Meetups.')->required(),
+            'name' => $schema->string()->description('Name des Meetups.'),
+            'city_id' => $schema->integer()->description('ID der zugehörigen Stadt.'),
+            'intro' => $schema->string()->description('Einleitungstext.'),
+            'telegram_link' => $schema->string()->description('Telegram-Gruppen-URL.'),
+            'webpage' => $schema->string()->description('Webseiten-URL.'),
+            'twitter_username' => $schema->string()->description('Twitter/X-Benutzername.'),
+            'matrix_group' => $schema->string()->description('Matrix-Gruppe.'),
+            'nostr' => $schema->string()->description('Nostr-Identifier.'),
+            'simplex' => $schema->string()->description('SimpleX-Link.'),
+            'signal' => $schema->string()->description('Signal-Gruppenlink.'),
+            'community' => $schema->string()->description('Community-Bezeichnung.'),
+            'visible_on_map' => $schema->boolean()->description('Auf der Karte sichtbar.'),
+            'is_active' => $schema->boolean()->description('Aktiv.'),
+        ];
+    }
+}