Error when using Scopes

[livingos]

If you try to use scopes middllewere, CheckScopes and CheckAnyScope you get the following error, provided you have an access token generated with a scope:

ErrorException: in_array() expects parameter 2 to be array, string given in /home/vagrant/Code/laravel53/vendor/laravel/passport/src/Token.php:74

I believe the problem is being caused when the scopes are stored in the oauth_access_token table.

FormatsScopesForStorage is used to format the scopes before writing to both the oauth_access_token and oauth_auth_code tables. BUT the Token.php model is using the eloquent cast feature (though Auth_Code isn't!?).

The result is that the scopes stored in oauth_access_token have been json encoded twice, so that when CheckScope uses the can(scope) method, the above error is fired. $this->scopes returns a string that can be decoded again to get the array.

So a very quick dirty fix is to decode the scopes (again) in the can method. Which makes scopes actually work, which they don't at all at present as far as I can see.

Or is there some strange quirk on my system? Surprised no one has noticed this, since scopes do not work at all!

[livingos]

The problem lies in the fact that FormatsScopesForStorage is used when storing to oauth_access_tokens and oauth_auth_code. But the first uses Eloquent (and therefore the cast), while the second goes string through DB. The Eloquent route ends up with double json encoding!

[livingos]

Actually this error only occurs on Master branch. It works fine on 1.0.

It is introduced because of the addition of new AccessTokenRepository in master branch in stead of using DB in the bridge code.

Master branch is therefore broken.

Unit tests don't see this because it is only when you read from the DB that you will see the error.