[13.x] Fix possible 500 error when retrieving user on token guard

src/Console/ClientCommand.php

@@ -131,7 +131,7 @@ protected function createDeviceCodeClient(ClientRepository $clients): Client
     {
         $confidential = $this->hasOption('public')
             ? ! $this->option('public')
-            : $this->confirm('Would you like to make this client confidential?', true);
+            : $this->components->confirm('Would you like to make this client confidential?', true);
 
         return $clients->createDeviceAuthorizationGrantClient($this->option('name'), $confidential);
     }
@@ -151,7 +151,7 @@ protected function createAuthCodeClient(ClientRepository $clients): Client
             : $this->components->confirm('Would you like to make this client confidential?', true);
 
         $enableDeviceFlow = Passport::$deviceCodeGrantEnabled &&
-            $this->confirm('Would you like to enable the device authorization flow for this client?');
+            $this->components->confirm('Would you like to enable the device authorization flow for this client?');
 
         return $clients->createAuthorizationCodeGrantClient(
             $this->option('name'), explode(',', $redirect), $confidential, null, $enableDeviceFlow

src/Guards/TokenGuard.php

@@ -144,18 +144,18 @@ protected function authenticateViaBearerToken(): ?Authenticatable
         // If the access token is valid we will retrieve the user according to the user ID
         // associated with the token. We will use the provider implementation which may
         // be used to retrieve users from Eloquent. Next, we'll be ready to continue.
-        $user = $this->provider->retrieveById(
-            $psr->getAttribute('oauth_user_id') ?: null
-        );
-
-        if (! $user) {
+        try {
+            $user = $this->provider->retrieveById(
+                $psr->getAttribute('oauth_user_id') ?: null
+            );
+        } catch (Exception) {
             return null;
         }
 
         // Next, we will assign a token instance to this user which the developers may use
         // to determine if the token has a given scope, etc. This will be useful during
         // authorization such as within the developer's Laravel model policy classes.
-        return $user->withAccessToken(AccessToken::fromPsrRequest($psr));
+        return $user?->withAccessToken(AccessToken::fromPsrRequest($psr));
     }
 
     /**
@@ -193,11 +193,13 @@ protected function authenticateViaCookie(): ?Authenticatable
         // If this user exists, we will return this user and attach a "transient" token to
         // the user model. The transient token assumes it has all scopes since the user
         // is physically logged into the application via the application's interface.
-        if ($user = $this->provider->retrieveById($token['sub'])) {
-            return $user->withAccessToken(new TransientToken);
+        try {
+            $user = $this->provider->retrieveById($token['sub']);
+        } catch (Exception) {
+            return null;
         }
 
-        return null;
+        return $user?->withAccessToken(new TransientToken);
     }
 
     /**

src/Http/Controllers/HandlesOAuthErrors.php

@@ -13,7 +13,7 @@ trait HandlesOAuthErrors
      *
      * @template TResult
      *
-     * @param  \Closure(): TResult  $callback
+     * @param  (\Closure(): TResult)  $callback
      * @return TResult
      *
      * @throws \Laravel\Passport\Exceptions\OAuthServerException

src/Http/Middleware/CreateFreshApiToken.php

@@ -38,7 +38,7 @@ public static function using(?string $guard = null): string
     /**
      * Handle an incoming request.
      *
-     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
+     * @param  (\Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response))  $next
      */
     public function handle(Request $request, Closure $next, ?string $guard = null): BaseResponse
     {

src/Http/Middleware/ValidateToken.php

@@ -39,7 +39,7 @@ public static function using(array|string $param, string ...$params): string
     /**
      * Handle an incoming request.
      *
-     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
+     * @param  (\Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response))  $next
      */
     public function handle(Request $request, Closure $next, string ...$params): Response
     {