.github/ISSUE_TEMPLATE/1_Bug_report.yml

@@ -1,9 +1,9 @@
 name: Bug Report
-description: "Report a general library issue."
+description: "Report something that's broken."
 body:
   - type: markdown
     attributes:
-      value: "Before submitting your report, [please ensure your Laravel version is still supported](https://laravel.com/docs/releases#support-policy)."
+      value: "Please read [our full contribution guide](https://laravel.com/docs/contributions#bug-reports) before submitting bug reports. If you notice improper DocBlock, PHPStan, or IDE warnings while using Laravel, do not create a GitHub issue. Instead, please submit a pull request to fix the problem."
   - type: input
     attributes:
       label: Passport Version
@@ -14,7 +14,7 @@ body:
   - type: input
     attributes:
       label: Laravel Version
-      description: Provide the Laravel version that you are using.
+      description: Provide the Laravel version that you are using. [Please ensure it is still supported.](https://laravel.com/docs/releases#support-policy)
       placeholder: 10.4.1
     validations:
       required: true

.github/workflows/static-analysis.yml

@@ -12,30 +12,4 @@ permissions:
 
 jobs:
   tests:
-    runs-on: ubuntu-22.04
-
-    strategy:
-      fail-fast: true
-
-    name: Static Analysis
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Setup PHP
-        uses: shivammathur/setup-php@v2
-        with:
-          php-version: 8.2
-          tools: composer:v2
-          coverage: none
-
-      - name: Install dependencies
-        uses: nick-fields/retry@v2
-        with:
-          timeout_minutes: 5
-          max_attempts: 5
-          command: composer update --prefer-stable --prefer-dist --no-interaction --no-progress
-
-      - name: Execute type checking
-        run: vendor/bin/phpstan
+    uses: laravel/.github/.github/workflows/static-analysis.yml@main

CHANGELOG.md

@@ -1,6 +1,33 @@
 # Release Notes
 
-## [Unreleased](https://github.com/laravel/passport/compare/v11.9.2...11.x)
+## [Unreleased](https://github.com/laravel/passport/compare/v11.10.6...11.x)
+
+## [v11.10.6](https://github.com/laravel/passport/compare/v11.10.5...v11.10.6) - 2024-03-01
+
+* Check that properties `grant_types` and  `scopes` exist by [@uintaam](https://github.com/uintaam) in https://github.com/laravel/passport/pull/1722
+
+## [v11.10.5](https://github.com/laravel/passport/compare/v11.10.4...v11.10.5) - 2024-02-09
+
+* [11.x] Fix getting/setting client scopes and grant types by [@axlon](https://github.com/axlon) in https://github.com/laravel/passport/pull/1717
+
+## [v11.10.4](https://github.com/laravel/passport/compare/v11.10.2...v11.10.4) - 2024-01-30
+
+* Consistently retrieve client uuids value from Passport by [@rojtjo](https://github.com/rojtjo) in https://github.com/laravel/passport/pull/1711
+* [11.x] Allow developers to disable the password grant type by [@axlon](https://github.com/axlon) in https://github.com/laravel/passport/pull/1712
+
+## [v11.10.2](https://github.com/laravel/passport/compare/v11.10.1...v11.10.2) - 2024-01-17
+
+* Add getScopesAttribute and getScopesAttribute methods by [@uintaam](https://github.com/uintaam) in https://github.com/laravel/passport/pull/1709
+
+## [v11.10.1](https://github.com/laravel/passport/compare/v11.10.0...v11.10.1) - 2024-01-10
+
+* [11.x] Allow unsetting a user's access token by [@axlon](https://github.com/axlon) in https://github.com/laravel/passport/pull/1698
+* [11.x] Add getGrantTypesAttribute method to fix Eloquent strict mode error by [@gdebrauwer](https://github.com/gdebrauwer) in https://github.com/laravel/passport/pull/1705
+
+## [v11.10.0](https://github.com/laravel/passport/compare/v11.9.2...v11.10.0) - 2023-11-02
+
+- [11.x] Named static methods for middleware by [@michaelnabil230](https://github.com/michaelnabil230) in https://github.com/laravel/passport/pull/1695
+- Simplify Conditional Statement by [@michaelnabil230](https://github.com/michaelnabil230) in https://github.com/laravel/passport/pull/1696
 
 ## [v11.9.2](https://github.com/laravel/passport/compare/v11.9.1...v11.9.2) - 2023-10-16
 

src/Bridge/ClientRepository.php

@@ -72,7 +72,7 @@ public function validateClient($clientIdentifier, $clientSecret, $grantType)
      */
     protected function handlesGrant($record, $grantType)
     {
-        if (is_array($record->grant_types) && ! in_array($grantType, $record->grant_types)) {
+        if (! $record->hasGrantType($grantType)) {
             return false;
         }
 

src/Client.php

@@ -65,7 +65,7 @@ public static function boot()
         parent::boot();
 
         static::creating(function ($model) {
-            if (config('passport.client_uuids')) {
+            if (Passport::clientUuids()) {
                 $model->{$model->getKeyName()} = $model->{$model->getKeyName()} ?: (string) Str::orderedUuid();
             }
         });
@@ -156,6 +156,21 @@ public function skipsAuthorization()
         return false;
     }
 
+    /**
+     * Determine if the client has the given grant type.
+     *
+     * @param  string  $grantType
+     * @return bool
+     */
+    public function hasGrantType($grantType)
+    {
+        if (! isset($this->attributes['grant_types']) || ! is_array($this->grant_types)) {
+            return true;
+        }
+
+        return in_array($grantType, $this->grant_types);
+    }
+
     /**
      * Determine whether the client has the given scope.
      *
@@ -164,7 +179,7 @@ public function skipsAuthorization()
      */
     public function hasScope($scope)
     {
-        if (! is_array($this->scopes)) {
+        if (! isset($this->attributes['scopes']) || ! is_array($this->scopes)) {
             return true;
         }
 

src/HasApiTokens.php

@@ -71,7 +71,7 @@ public function createToken($name, array $scopes = [])
     /**
      * Set the current access token for the user.
      *
-     * @param  \Laravel\Passport\Token|\Laravel\Passport\TransientToken  $accessToken
+     * @param  \Laravel\Passport\Token|\Laravel\Passport\TransientToken|null  $accessToken
      * @return $this
      */
     public function withAccessToken($accessToken)

src/Passport.php

@@ -21,6 +21,13 @@ class Passport
      */
     public static $implicitGrantEnabled = false;
 
+    /**
+     * Indicates if the password grant type is enabled.
+     *
+     * @var bool|null
+     */
+    public static $passwordGrantEnabled = true;
+
     /**
      * The default scope.
      *

src/PassportServiceProvider.php

@@ -81,7 +81,7 @@ protected function registerResources()
      */
     protected function registerMigrations()
     {
-        if ($this->app->runningInConsole() && Passport::$runsMigrations && ! config('passport.client_uuids')) {
+        if ($this->app->runningInConsole() && Passport::$runsMigrations && ! Passport::clientUuids()) {
             $this->loadMigrationsFrom(__DIR__.'/../database/migrations');
         }
     }
@@ -169,9 +169,11 @@ protected function registerAuthorizationServer()
                     $this->makeRefreshTokenGrant(), Passport::tokensExpireIn()
                 );
 
-                $server->enableGrantType(
-                    $this->makePasswordGrant(), Passport::tokensExpireIn()
-                );
+                if (Passport::$passwordGrantEnabled) {
+                    $server->enableGrantType(
+                        $this->makePasswordGrant(), Passport::tokensExpireIn()
+                    );
+                }
 
                 $server->enableGrantType(
                     new PersonalAccessGrant, Passport::personalAccessTokensExpireIn()

tests/Feature/AccessTokenControllerTest.php

@@ -49,7 +49,7 @@ public function testGettingAccessTokenWithClientCredentialsGrant()
         $this->assertArrayHasKey('expires_in', $decodedResponse);
         $this->assertArrayHasKey('access_token', $decodedResponse);
         $this->assertSame('Bearer', $decodedResponse['token_type']);
-        $expiresInSeconds = 31622400;
+        $expiresInSeconds = 31536000;
         $this->assertEqualsWithDelta($expiresInSeconds, $decodedResponse['expires_in'], 5);
 
         $token = $this->app->make(PersonalAccessTokenFactory::class)->findAccessToken($decodedResponse);
@@ -139,7 +139,7 @@ public function testGettingAccessTokenWithPasswordGrant()
         $this->assertArrayHasKey('access_token', $decodedResponse);
         $this->assertArrayHasKey('refresh_token', $decodedResponse);
         $this->assertSame('Bearer', $decodedResponse['token_type']);
-        $expiresInSeconds = 31622400;
+        $expiresInSeconds = 31536000;
         $this->assertEqualsWithDelta($expiresInSeconds, $decodedResponse['expires_in'], 5);
 
         $token = $this->app->make(PersonalAccessTokenFactory::class)->findAccessToken($decodedResponse);

tests/Feature/ClientTest.php

@@ -0,0 +1,88 @@
+<?php
+
+namespace Laravel\Passport\Tests\Feature;
+
+use Illuminate\Database\Eloquent\Model;
+use Laravel\Passport\Client;
+use Orchestra\Testbench\TestCase;
+
+final class ClientTest extends TestCase
+{
+    protected function setUp(): void
+    {
+        parent::setUp();
+
+        Model::preventAccessingMissingAttributes();
+    }
+
+    protected function tearDown(): void
+    {
+        Model::preventAccessingMissingAttributes(false);
+
+        parent::tearDown();
+    }
+
+    public function testScopesWhenClientDoesNotHaveScope(): void
+    {
+        $client = new Client(['scopes' => ['bar']]);
+        $client->exists = true;
+
+        $this->assertFalse($client->hasScope('foo'));
+    }
+
+    public function testScopesWhenClientHasScope(): void
+    {
+        $client = new Client(['scopes' => ['foo', 'bar']]);
+        $client->exists = true;
+
+        $this->assertTrue($client->hasScope('foo'));
+    }
+
+    public function testScopesWhenColumnDoesNotExist(): void
+    {
+        $client = new Client();
+        $client->exists = true;
+
+        $this->assertTrue($client->hasScope('foo'));
+    }
+
+    public function testScopesWhenColumnIsNull(): void
+    {
+        $client = new Client(['scopes' => null]);
+        $client->exists = true;
+
+        $this->assertTrue($client->hasScope('foo'));
+    }
+
+    public function testGrantTypesWhenClientDoesNotHaveGrantType(): void
+    {
+        $client = new Client(['grant_types' => ['bar']]);
+        $client->exists = true;
+
+        $this->assertFalse($client->hasGrantType('foo'));
+    }
+
+    public function testGrantTypesWhenClientHasGrantType(): void
+    {
+        $client = new Client(['grant_types' => ['foo', 'bar']]);
+        $client->exists = true;
+
+        $this->assertTrue($client->hasGrantType('foo'));
+    }
+
+    public function testGrantTypesWhenColumnDoesNotExist(): void
+    {
+        $client = new Client();
+        $client->exists = true;
+
+        $this->assertTrue($client->hasGrantType('foo'));
+    }
+
+    public function testGrantTypesWhenColumnIsNull(): void
+    {
+        $client = new Client(['scopes' => null]);
+        $client->exists = true;
+
+        $this->assertTrue($client->hasGrantType('foo'));
+    }
+}

tests/Unit/BridgeClientRepositoryTest.php

@@ -207,4 +207,13 @@ public function confidential()
     {
         return ! empty($this->secret);
     }
+
+    public function hasGrantType($grantType)
+    {
+        if (! isset($this->grant_types) || ! is_array($this->grant_types)) {
+            return true;
+        }
+
+        return in_array($grantType, $this->grant_types);
+    }
 }