From ec7f0d50c3d733152b67a7bd613482332047b410 Mon Sep 17 00:00:00 2001 From: Hafez Divandari Date: Fri, 4 Oct 2024 18:11:53 +0330 Subject: [PATCH 1/7] rename CheckClientCredentials to CheckTokenScope --- ...ForAnyScope.php => CheckTokenForAnyScope.php} | 6 +++--- ...lientCredentials.php => CheckTokenScopes.php} | 6 +++--- .../{CheckCredentials.php => ValidateToken.php} | 16 +++++----------- 3 files changed, 11 insertions(+), 17 deletions(-) rename src/Http/Middleware/{CheckClientCredentialsForAnyScope.php => CheckTokenForAnyScope.php} (73%) rename src/Http/Middleware/{CheckClientCredentials.php => CheckTokenScopes.php} (75%) rename src/Http/Middleware/{CheckCredentials.php => ValidateToken.php} (77%) diff --git a/src/Http/Middleware/CheckClientCredentialsForAnyScope.php b/src/Http/Middleware/CheckTokenForAnyScope.php similarity index 73% rename from src/Http/Middleware/CheckClientCredentialsForAnyScope.php rename to src/Http/Middleware/CheckTokenForAnyScope.php index 9a3766b9..b05e142a 100644 --- a/src/Http/Middleware/CheckClientCredentialsForAnyScope.php +++ b/src/Http/Middleware/CheckTokenForAnyScope.php @@ -5,16 +5,16 @@ use Laravel\Passport\AccessToken; use Laravel\Passport\Exceptions\MissingScopeException; -class CheckClientCredentialsForAnyScope extends CheckCredentials +class CheckTokenForAnyScope extends ValidateToken { /** - * Validate token scopes. + * Determine if the token has at least one of the given scopes. * * @param string[] $scopes * * @throws \Laravel\Passport\Exceptions\MissingScopeException */ - protected function validateScopes(AccessToken $token, array $scopes): void + protected function hasScopes(AccessToken $token, array $scopes): void { if (in_array('*', $token->oauth_scopes)) { return; diff --git a/src/Http/Middleware/CheckClientCredentials.php b/src/Http/Middleware/CheckTokenScopes.php similarity index 75% rename from src/Http/Middleware/CheckClientCredentials.php rename to src/Http/Middleware/CheckTokenScopes.php index b29ab3f2..34a6986a 100644 --- a/src/Http/Middleware/CheckClientCredentials.php +++ b/src/Http/Middleware/CheckTokenScopes.php @@ -5,16 +5,16 @@ use Laravel\Passport\AccessToken; use Laravel\Passport\Exceptions\MissingScopeException; -class CheckClientCredentials extends CheckCredentials +class CheckTokenScopes extends ValidateToken { /** - * Validate token scopes. + * Determine if the token has all the given scopes. * * @param string[] $scopes * * @throws \Laravel\Passport\Exceptions\MissingScopeException */ - protected function validateScopes(AccessToken $token, array $scopes): void + protected function hasScopes(AccessToken $token, array $scopes): void { if (in_array('*', $token->oauth_scopes)) { return; diff --git a/src/Http/Middleware/CheckCredentials.php b/src/Http/Middleware/ValidateToken.php similarity index 77% rename from src/Http/Middleware/CheckCredentials.php rename to src/Http/Middleware/ValidateToken.php index 3cb12c37..d9b5f2cf 100644 --- a/src/Http/Middleware/CheckCredentials.php +++ b/src/Http/Middleware/ValidateToken.php @@ -8,11 +8,10 @@ use Laravel\Passport\Exceptions\AuthenticationException; use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\ResourceServer; -use Nyholm\Psr7\Factory\Psr17Factory; use Symfony\Bridge\PsrHttpMessage\Factory\PsrHttpFactory; use Symfony\Component\HttpFoundation\Response; -abstract class CheckCredentials +abstract class ValidateToken { /** * Create a new middleware instance. @@ -46,12 +45,7 @@ public static function using(...$scopes): string */ public function handle(Request $request, Closure $next, string ...$scopes): Response { - $psr = (new PsrHttpFactory( - new Psr17Factory, - new Psr17Factory, - new Psr17Factory, - new Psr17Factory - ))->createRequest($request); + $psr = (new PsrHttpFactory())->createRequest($request); try { $psr = $this->server->validateAuthenticatedRequest($psr); @@ -59,17 +53,17 @@ public function handle(Request $request, Closure $next, string ...$scopes): Resp throw new AuthenticationException; } - $this->validateScopes(AccessToken::fromPsrRequest($psr), $scopes); + $this->hasScopes(AccessToken::fromPsrRequest($psr), $scopes); return $next($request); } /** - * Validate token scopes. + * Determine if the token has the given scopes. * * @param string[] $scopes * * @throws \Laravel\Passport\Exceptions\MissingScopeException */ - abstract protected function validateScopes(AccessToken $token, array $scopes): void; + abstract protected function hasScopes(AccessToken $token, array $scopes): void; } From 1bd4d646168751b077af86aa2c8ee50887e7f031 Mon Sep 17 00:00:00 2001 From: Hafez Divandari Date: Fri, 4 Oct 2024 18:12:09 +0330 Subject: [PATCH 2/7] rename tests --- tests/Feature/ActingAsClientTest.php | 12 ++++++------ ...nyScopeTest.php => CheckTokenForAnyScopeTest.php} | 12 ++++++------ ...tCredentialsTest.php => CheckTokenScopesTest.php} | 12 ++++++------ 3 files changed, 18 insertions(+), 18 deletions(-) rename tests/Unit/{CheckClientCredentialsForAnyScopeTest.php => CheckTokenForAnyScopeTest.php} (88%) rename tests/Unit/{CheckClientCredentialsTest.php => CheckTokenScopesTest.php} (90%) diff --git a/tests/Feature/ActingAsClientTest.php b/tests/Feature/ActingAsClientTest.php index f0a92c7d..beb7596e 100644 --- a/tests/Feature/ActingAsClientTest.php +++ b/tests/Feature/ActingAsClientTest.php @@ -4,13 +4,13 @@ use Illuminate\Contracts\Routing\Registrar; use Laravel\Passport\Client; -use Laravel\Passport\Http\Middleware\CheckClientCredentials; -use Laravel\Passport\Http\Middleware\CheckClientCredentialsForAnyScope; +use Laravel\Passport\Http\Middleware\CheckTokenScopes; +use Laravel\Passport\Http\Middleware\CheckTokenForAnyScope; use Laravel\Passport\Passport; class ActingAsClientTest extends PassportTestCase { - public function testActingAsClientWhenTheRouteIsProtectedByCheckClientCredentialsMiddleware() + public function testActingAsClientWhenTheRouteIsProtectedByCheckTokenScopesMiddleware() { $this->withoutExceptionHandling(); @@ -19,7 +19,7 @@ public function testActingAsClientWhenTheRouteIsProtectedByCheckClientCredential $router->get('/foo', function () { return 'bar'; - })->middleware(CheckClientCredentials::class); + })->middleware(CheckTokenScopes::class); Passport::actingAsClient(new Client()); @@ -28,7 +28,7 @@ public function testActingAsClientWhenTheRouteIsProtectedByCheckClientCredential $response->assertSee('bar'); } - public function testActingAsClientWhenTheRouteIsProtectedByCheckClientCredentialsForAnyScope() + public function testActingAsClientWhenTheRouteIsProtectedByCheckTokenScopesForAnyScope() { $this->withoutExceptionHandling(); @@ -37,7 +37,7 @@ public function testActingAsClientWhenTheRouteIsProtectedByCheckClientCredential $router->get('/foo', function () { return 'bar'; - })->middleware(CheckClientCredentialsForAnyScope::class.':testFoo'); + })->middleware(CheckTokenForAnyScope::class.':testFoo'); Passport::actingAsClient(new Client(), ['testFoo']); diff --git a/tests/Unit/CheckClientCredentialsForAnyScopeTest.php b/tests/Unit/CheckTokenForAnyScopeTest.php similarity index 88% rename from tests/Unit/CheckClientCredentialsForAnyScopeTest.php rename to tests/Unit/CheckTokenForAnyScopeTest.php index 1c32a15b..da5ef7d3 100644 --- a/tests/Unit/CheckClientCredentialsForAnyScopeTest.php +++ b/tests/Unit/CheckTokenForAnyScopeTest.php @@ -5,7 +5,7 @@ use Illuminate\Http\Request; use Illuminate\Http\Response; use Laravel\Passport\Exceptions\AuthenticationException; -use Laravel\Passport\Http\Middleware\CheckClientCredentialsForAnyScope; +use Laravel\Passport\Http\Middleware\CheckTokenForAnyScope; use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\ResourceServer; use Mockery\Adapter\Phpunit\MockeryPHPUnitIntegration; @@ -13,7 +13,7 @@ use PHPUnit\Framework\TestCase; use Psr\Http\Message\ServerRequestInterface; -class CheckClientCredentialsForAnyScopeTest extends TestCase +class CheckTokenForAnyScopeTest extends TestCase { use MockeryPHPUnitIntegration; @@ -28,7 +28,7 @@ public function test_request_is_passed_along_if_token_is_valid() 'oauth_scopes' => ['*'], ]); - $middleware = new CheckClientCredentialsForAnyScope($resourceServer); + $middleware = new CheckTokenForAnyScope($resourceServer); $request = Request::create('/'); $request->headers->set('Authorization', 'Bearer token'); @@ -51,7 +51,7 @@ public function test_request_is_passed_along_if_token_has_any_required_scope() 'oauth_scopes' => ['foo', 'bar', 'baz'], ]); - $middleware = new CheckClientCredentialsForAnyScope($resourceServer); + $middleware = new CheckTokenForAnyScope($resourceServer); $request = Request::create('/'); $request->headers->set('Authorization', 'Bearer token'); @@ -72,7 +72,7 @@ public function test_exception_is_thrown_when_oauth_throws_exception() new OAuthServerException('message', 500, 'error type') ); - $middleware = new CheckClientCredentialsForAnyScope($resourceServer); + $middleware = new CheckTokenForAnyScope($resourceServer); $request = Request::create('/'); $request->headers->set('Authorization', 'Bearer token'); @@ -95,7 +95,7 @@ public function test_exception_is_thrown_if_token_does_not_have_required_scope() 'oauth_scopes' => ['foo', 'bar'], ]); - $middleware = new CheckClientCredentialsForAnyScope($resourceServer); + $middleware = new CheckTokenForAnyScope($resourceServer); $request = Request::create('/'); $request->headers->set('Authorization', 'Bearer token'); diff --git a/tests/Unit/CheckClientCredentialsTest.php b/tests/Unit/CheckTokenScopesTest.php similarity index 90% rename from tests/Unit/CheckClientCredentialsTest.php rename to tests/Unit/CheckTokenScopesTest.php index 6c69686e..a411558f 100644 --- a/tests/Unit/CheckClientCredentialsTest.php +++ b/tests/Unit/CheckTokenScopesTest.php @@ -5,7 +5,7 @@ use Illuminate\Http\Request; use Illuminate\Http\Response; use Laravel\Passport\Exceptions\AuthenticationException; -use Laravel\Passport\Http\Middleware\CheckClientCredentials; +use Laravel\Passport\Http\Middleware\CheckTokenScopes; use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\ResourceServer; use Mockery\Adapter\Phpunit\MockeryPHPUnitIntegration; @@ -13,7 +13,7 @@ use PHPUnit\Framework\TestCase; use Psr\Http\Message\ServerRequestInterface; -class CheckClientCredentialsTest extends TestCase +class CheckTokenScopesTest extends TestCase { use MockeryPHPUnitIntegration; @@ -28,7 +28,7 @@ public function test_request_is_passed_along_if_token_is_valid() 'oauth_scopes' => ['*'], ]); - $middleware = new CheckClientCredentials($resourceServer); + $middleware = new CheckTokenScopes($resourceServer); $request = Request::create('/'); $request->headers->set('Authorization', 'Bearer token'); @@ -51,7 +51,7 @@ public function test_request_is_passed_along_if_token_and_scope_are_valid() 'oauth_scopes' => ['see-profile'], ]); - $middleware = new CheckClientCredentials($resourceServer); + $middleware = new CheckTokenScopes($resourceServer); $request = Request::create('/'); $request->headers->set('Authorization', 'Bearer token'); @@ -72,7 +72,7 @@ public function test_exception_is_thrown_when_oauth_throws_exception() new OAuthServerException('message', 500, 'error type') ); - $middleware = new CheckClientCredentials($resourceServer); + $middleware = new CheckTokenScopes($resourceServer); $request = Request::create('/'); $request->headers->set('Authorization', 'Bearer token'); @@ -95,7 +95,7 @@ public function test_exception_is_thrown_if_token_does_not_have_required_scopes( 'oauth_scopes' => ['foo', 'notbar'], ]); - $middleware = new CheckClientCredentials($resourceServer); + $middleware = new CheckTokenScopes($resourceServer); $request = Request::create('/'); $request->headers->set('Authorization', 'Bearer token'); From baaa588536a6d6da503f69ba0a2c16a3415349ad Mon Sep 17 00:00:00 2001 From: Hafez Divandari Date: Fri, 4 Oct 2024 18:14:09 +0330 Subject: [PATCH 3/7] formatting --- src/Http/Middleware/ValidateToken.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/Http/Middleware/ValidateToken.php b/src/Http/Middleware/ValidateToken.php index d9b5f2cf..b7f8b7b7 100644 --- a/src/Http/Middleware/ValidateToken.php +++ b/src/Http/Middleware/ValidateToken.php @@ -8,6 +8,7 @@ use Laravel\Passport\Exceptions\AuthenticationException; use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\ResourceServer; +use Nyholm\Psr7\Factory\Psr17Factory; use Symfony\Bridge\PsrHttpMessage\Factory\PsrHttpFactory; use Symfony\Component\HttpFoundation\Response; @@ -45,7 +46,12 @@ public static function using(...$scopes): string */ public function handle(Request $request, Closure $next, string ...$scopes): Response { - $psr = (new PsrHttpFactory())->createRequest($request); + $psr = (new PsrHttpFactory( + new Psr17Factory, + new Psr17Factory, + new Psr17Factory, + new Psr17Factory + ))->createRequest($request); try { $psr = $this->server->validateAuthenticatedRequest($psr); From a3b5c9314d17b0a698dd00a49cf6e0ef16e8206b Mon Sep 17 00:00:00 2001 From: Hafez Divandari Date: Fri, 4 Oct 2024 18:39:45 +0330 Subject: [PATCH 4/7] formatting --- .../{CheckTokenScopes.php => CheckToken.php} | 2 +- tests/Feature/ActingAsClientTest.php | 4 ++-- tests/Unit/CheckTokenScopesTest.php | 10 +++++----- 3 files changed, 8 insertions(+), 8 deletions(-) rename src/Http/Middleware/{CheckTokenScopes.php => CheckToken.php} (93%) diff --git a/src/Http/Middleware/CheckTokenScopes.php b/src/Http/Middleware/CheckToken.php similarity index 93% rename from src/Http/Middleware/CheckTokenScopes.php rename to src/Http/Middleware/CheckToken.php index 34a6986a..552890f7 100644 --- a/src/Http/Middleware/CheckTokenScopes.php +++ b/src/Http/Middleware/CheckToken.php @@ -5,7 +5,7 @@ use Laravel\Passport\AccessToken; use Laravel\Passport\Exceptions\MissingScopeException; -class CheckTokenScopes extends ValidateToken +class CheckToken extends ValidateToken { /** * Determine if the token has all the given scopes. diff --git a/tests/Feature/ActingAsClientTest.php b/tests/Feature/ActingAsClientTest.php index beb7596e..3f9e97a8 100644 --- a/tests/Feature/ActingAsClientTest.php +++ b/tests/Feature/ActingAsClientTest.php @@ -4,7 +4,7 @@ use Illuminate\Contracts\Routing\Registrar; use Laravel\Passport\Client; -use Laravel\Passport\Http\Middleware\CheckTokenScopes; +use Laravel\Passport\Http\Middleware\CheckToken; use Laravel\Passport\Http\Middleware\CheckTokenForAnyScope; use Laravel\Passport\Passport; @@ -19,7 +19,7 @@ public function testActingAsClientWhenTheRouteIsProtectedByCheckTokenScopesMiddl $router->get('/foo', function () { return 'bar'; - })->middleware(CheckTokenScopes::class); + })->middleware(CheckToken::class); Passport::actingAsClient(new Client()); diff --git a/tests/Unit/CheckTokenScopesTest.php b/tests/Unit/CheckTokenScopesTest.php index a411558f..908903cd 100644 --- a/tests/Unit/CheckTokenScopesTest.php +++ b/tests/Unit/CheckTokenScopesTest.php @@ -5,7 +5,7 @@ use Illuminate\Http\Request; use Illuminate\Http\Response; use Laravel\Passport\Exceptions\AuthenticationException; -use Laravel\Passport\Http\Middleware\CheckTokenScopes; +use Laravel\Passport\Http\Middleware\CheckToken; use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\ResourceServer; use Mockery\Adapter\Phpunit\MockeryPHPUnitIntegration; @@ -28,7 +28,7 @@ public function test_request_is_passed_along_if_token_is_valid() 'oauth_scopes' => ['*'], ]); - $middleware = new CheckTokenScopes($resourceServer); + $middleware = new CheckToken($resourceServer); $request = Request::create('/'); $request->headers->set('Authorization', 'Bearer token'); @@ -51,7 +51,7 @@ public function test_request_is_passed_along_if_token_and_scope_are_valid() 'oauth_scopes' => ['see-profile'], ]); - $middleware = new CheckTokenScopes($resourceServer); + $middleware = new CheckToken($resourceServer); $request = Request::create('/'); $request->headers->set('Authorization', 'Bearer token'); @@ -72,7 +72,7 @@ public function test_exception_is_thrown_when_oauth_throws_exception() new OAuthServerException('message', 500, 'error type') ); - $middleware = new CheckTokenScopes($resourceServer); + $middleware = new CheckToken($resourceServer); $request = Request::create('/'); $request->headers->set('Authorization', 'Bearer token'); @@ -95,7 +95,7 @@ public function test_exception_is_thrown_if_token_does_not_have_required_scopes( 'oauth_scopes' => ['foo', 'notbar'], ]); - $middleware = new CheckTokenScopes($resourceServer); + $middleware = new CheckToken($resourceServer); $request = Request::create('/'); $request->headers->set('Authorization', 'Bearer token'); From f4bb6772e9be756699a4037c642d97928323f0a9 Mon Sep 17 00:00:00 2001 From: Hafez Divandari Date: Fri, 4 Oct 2024 18:41:23 +0330 Subject: [PATCH 5/7] formatting --- tests/Feature/ActingAsClientTest.php | 4 ++-- tests/Unit/{CheckTokenScopesTest.php => CheckTokenTest.php} | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) rename tests/Unit/{CheckTokenScopesTest.php => CheckTokenTest.php} (98%) diff --git a/tests/Feature/ActingAsClientTest.php b/tests/Feature/ActingAsClientTest.php index 3f9e97a8..c08c4d83 100644 --- a/tests/Feature/ActingAsClientTest.php +++ b/tests/Feature/ActingAsClientTest.php @@ -10,7 +10,7 @@ class ActingAsClientTest extends PassportTestCase { - public function testActingAsClientWhenTheRouteIsProtectedByCheckTokenScopesMiddleware() + public function testActingAsClientWhenTheRouteIsProtectedByCheckTokenMiddleware() { $this->withoutExceptionHandling(); @@ -28,7 +28,7 @@ public function testActingAsClientWhenTheRouteIsProtectedByCheckTokenScopesMiddl $response->assertSee('bar'); } - public function testActingAsClientWhenTheRouteIsProtectedByCheckTokenScopesForAnyScope() + public function testActingAsClientWhenTheRouteIsProtectedByCheckTokenForAnyScope() { $this->withoutExceptionHandling(); diff --git a/tests/Unit/CheckTokenScopesTest.php b/tests/Unit/CheckTokenTest.php similarity index 98% rename from tests/Unit/CheckTokenScopesTest.php rename to tests/Unit/CheckTokenTest.php index 908903cd..555293e0 100644 --- a/tests/Unit/CheckTokenScopesTest.php +++ b/tests/Unit/CheckTokenTest.php @@ -13,7 +13,7 @@ use PHPUnit\Framework\TestCase; use Psr\Http\Message\ServerRequestInterface; -class CheckTokenScopesTest extends TestCase +class CheckTokenTest extends TestCase { use MockeryPHPUnitIntegration; From e6ed62d5620ea2e111a63b1aabe83097f879b013 Mon Sep 17 00:00:00 2001 From: Hafez Divandari Date: Fri, 4 Oct 2024 19:08:30 +0330 Subject: [PATCH 6/7] update upgrade guide --- UPGRADE.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/UPGRADE.md b/UPGRADE.md index fdf9f9e6..ab70e257 100644 --- a/UPGRADE.md +++ b/UPGRADE.md @@ -64,6 +64,16 @@ PR: https://github.com/laravel/passport/pull/1755 When authenticating users via bearer tokens, the `User` model's `token` method now returns an instance of `Laravel\Passport\AccessToken` class instead of `Laravel\Passport\Token`. +### Renamed Middlewares + +PR: https://github.com/laravel/passport/pull/1792 + +Passport's `CheckClientCredentials` and `CheckClientCredentialsForAnyScope` middlewares have been renamed to better reflect the functionality of these middlewares: + +* `Laravel\Passport\Http\Middleware\CheckClientCredentials` class has been renamed to `CheckToken` +* `Laravel\Passport\Http\Middleware\CheckClientCredentialsForAnyScope` class has been renamed to `CheckTokenForAnyScope` +* `Laravel\Passport\Http\Middleware\CheckCredentials` abstract class has been renamed to `ValidateToken` + ### Personal Access Client Table and Model Removal PR: https://github.com/laravel/passport/pull/1749, https://github.com/laravel/passport/pull/1780 From 7ed9abea62af3db48bfccb75966d564992cc2c6b Mon Sep 17 00:00:00 2001 From: Taylor Otwell Date: Mon, 7 Oct 2024 09:18:04 -0500 Subject: [PATCH 7/7] Update UPGRADE.md --- UPGRADE.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/UPGRADE.md b/UPGRADE.md index ab70e257..8a7186db 100644 --- a/UPGRADE.md +++ b/UPGRADE.md @@ -64,15 +64,15 @@ PR: https://github.com/laravel/passport/pull/1755 When authenticating users via bearer tokens, the `User` model's `token` method now returns an instance of `Laravel\Passport\AccessToken` class instead of `Laravel\Passport\Token`. -### Renamed Middlewares +### Renamed Middlewares PR: https://github.com/laravel/passport/pull/1792 -Passport's `CheckClientCredentials` and `CheckClientCredentialsForAnyScope` middlewares have been renamed to better reflect the functionality of these middlewares: +Passport's `CheckClientCredentials` and `CheckClientCredentialsForAnyScope` middleware have been renamed to better reflect their functionality: -* `Laravel\Passport\Http\Middleware\CheckClientCredentials` class has been renamed to `CheckToken` -* `Laravel\Passport\Http\Middleware\CheckClientCredentialsForAnyScope` class has been renamed to `CheckTokenForAnyScope` -* `Laravel\Passport\Http\Middleware\CheckCredentials` abstract class has been renamed to `ValidateToken` +* `Laravel\Passport\Http\Middleware\CheckClientCredentials` class has been renamed to `CheckToken`. +* `Laravel\Passport\Http\Middleware\CheckClientCredentialsForAnyScope` class has been renamed to `CheckTokenForAnyScope`. +* `Laravel\Passport\Http\Middleware\CheckCredentials` abstract class has been renamed to `ValidateToken`. ### Personal Access Client Table and Model Removal