CHANGELOG.md

Release Notes

Unreleased

v11.8.3 - 2023-03-01

• Allow overriding the AccessToken class by @hafezdivandari in laravel/passport#1638
• Make $userId nullable in ClientRepository->createPersonalAccessClient by @bram-pkg in laravel/passport#1642

v11.8.2 - 2023-02-20

• Re-apply "Added AuthenticationException to extend the behaviour of Laravel's default exception handler" by @driesvints in https://github.com/laravel/passport/commit/67c3e336af163f6eba5dbca8e5db46275ff0e433

v11.8.1 - 2023-02-20

• Revert "Move AuthenticationException into the scope of Laravel Passport" by @driesvints in https://github.com/laravel/passport/commit/db543b0cc13ed3f56f1bffda04707fbe2a8c7ab5

v11.8.0 - 2023-02-17

• Move AuthenticationException into the scope of Laravel Passport by @chrispage1 in laravel/passport#1633
• Custom authorization view response by @JonErickson in laravel/passport#1629
• Fix deprecated $dates property by @TonyWong9527 in laravel/passport#1636

v11.7.0 - 2023-02-08

Added

• Add support for EncryptCookies middleware by @axlon in laravel/passport#1628

v11.6.1 - 2023-02-03

Changed

• Indicate current token can be TransientToken by @axlon in laravel/passport#1627

v11.6.0 - 2023-01-31

Changed

• Update ClientCommand.php's user_id description by @Smoggert in laravel/passport#1619
• Get model PK instead of forcibly id column by @lucaspanik in laravel/passport#1626

Fixed

• Fix doc block for withAccessToken() by @axlon in laravel/passport#1620

v11.5.1 - 2023-01-16

Fixed

• Get authenticated user from the guard by @hafezdivandari in laravel/passport#1617

v11.5.0 - 2023-01-09

Added

• Laravel v10 Support by @driesvints in laravel/passport#1615

v11.4.0 - 2023-01-03

Changed

• Uses PHP Native Type Declarations 🐘 by @nunomaduro in laravel/passport#1594

v11.3.1 - 2022-12-02

Changed

• Add auth guard to routes by @hafezdivandari in laravel/passport#1603

v11.3.0 - 2022-10-22

Added

• Support prompting login when redirecting for authorization by @hafezdivandari in laravel/passport#1577

Changed

• Update PurgeCommand.php by @fatoskurtishi in laravel/passport#1586
• Fix ClientRepository doc blocks by @axlon in laravel/passport#1587
• Update docblock by @mnabialek in laravel/passport#1588

v11.2.1 - 2022-09-29

Fixed

• Improve token guard return type by @axlon in laravel/passport#1579

v11.2.0 - 2022-09-07

Changed

• Let OAuth2 server handle the denying response by @hafezdivandari in laravel/passport#1572

v11.1.0 - 2022-09-05

Added

• Support prompting re-consent when redirecting for authorization by @hafezdivandari in laravel/passport#1567
• Support disabling prompt when redirecting for authorization by @hafezdivandari in laravel/passport#1569

v11.0.1 - 2022-08-29

Changed

• Custom days and hours to passport purge command by @rubengg86 in laravel/passport#1563
• Allow for bootstrapping without loading routes by @axlon in laravel/passport#1564

v11.0.0 - 2022-08-19

Added

• Allow authenticated client to be retrieved from the guard by @axlon in laravel/passport#1508

Changed

• Revert model DB connection customization by @driesvints in laravel/passport#1412
• Allow timestamps on Token model by @driesvints in laravel/passport#1425
• Improve authenticateViaBearerToken() performance by @alecpl in laravel/passport#1447
• Refactor routes to dedicated file by @driesvints in laravel/passport#1464

Fixed

• Stub client on guard when calling Passport::actingAsClient() by @axlon in laravel/passport#1519
• Fix scope inheritance when using Passport::actingAs() by @axlon in laravel/passport#1551

Removed

• Drop PHP 7.x and Laravel v8 by @driesvints in laravel/passport#1558
• Remove deprecated properties by @driesvints in laravel/passport#1560
• Remove deprecated functionality and simplify some feature tests by @driesvints in laravel/passport#1559

v10.4.1 - 2022-04-16

Changed

• Add new URI Rule to validate URI and use it to RedirectRule. by @victorbalssa in laravel/passport#1544

v10.4.0 - 2022-03-30

Changed

• Upgrade firebase/php-jwt to ^6.0 by @prufrock in laravel/passport#1538

v10.3.3 - 2022-03-08

Changed

• Use anonymous migrations by @mmachatschek in laravel/passport#1531

v10.3.2 - 2022-02-22

Fixed

• Fix Faker deprecations by @X-Coder264 in laravel/passport#1530

v10.3.1 (2022-01-25)

Changed

• Allow to use custom authorization server response (#1521)

v10.3.0 (2022-01-12)

Changed

• Laravel 9 Support (#1516)

v10.2.2 (2021-12-07)

Fixed

• Fix jsonSerialize PHP 8.1 issue (#1512)

v10.2.1 (2021-12-07)

Fixed

• Fix str_replace error when third parameter ($subject) is null (#1511)

v10.2.0 (2021-11-02)

Added

• Add custom encryption key for JWT tokens (#1501)

Changed

• Refactor expiry dates to intervals (#1500)

v10.1.4 (2021-10-19)

Fixed

• Ensure client model factory always creates models with a primary key (#1492

v10.1.3 (2021-04-06)

Changed

• Use app helper (3d1e6bb)

Fixed

• Fix binding (e3478de)

v10.1.2 (2021-03-02)

Fixed

• Backport phpseclib v2 (#1418)

v10.1.1 (2021-02-23)

Changed

• Update to phpseclib v3 (#1410)

v10.1.0 (2020-11-26)

Added

• PHP 8 Support (#1373)

Removed

• Remove Vue components (#1352)

v10.0.1 (2020-09-15)

Fixed

• Use newFactory to properly reference factory (#1349)

v10.0.0 (2020-09-08)

Added

• Support Laravel 8 & drop PHP 7.2 support (#1336)

Changed

• forceFill new auth code attributes (#1266)
• Use only one PSR 7 implementation (#1330)

Removed

• Remove old static personal client methods (#1325)
• Remove Guzzle dependency (#1327)

v9.3.2 (2020-07-27)

Fixes

• Fix cookie handling for security release (#1322, 75f1ad2)

v9.3.1 (2020-07-21)

Fixed

• Use custom models in purge command if set (#1316)
• Apply table responsive on table class (#1318)

v9.3.0 (2020-06-30)

Added

• Guzzle 7 support (#1311)

v9.2.2 (2020-06-25)

Fixed

• Fix maxlength for token names (#1300)
• Improve passport:install command (#1294)

v9.2.1 (2020-05-14)

Fixed

• Fix actingAsClient token relation (#1268)
• Fix HashCommand (bedf02c)

v9.2.0 (2020-05-12

Added

• Allow to change Models database connection (#1255, 7ab3bdb)

Fixed

• Nonstandard ID in the token's relationship with the user (#1267)

v9.1.0 (2020-05-08

Added

• Implement secret modal (#1258)
• Warn about one-time-hashed-secret (#1259)
• Add force option to hash command (#1251)

Fixed

• Implement personal access client config (#1260)

v9.0.1 (2020-05-06)

Fixed

• Fix displaying secret in Vue component (#1244)
• Moved provider check to bearer token only (#1246)
• Fix create client call (aff9d09)

v9.0.0 (2020-05-05)

Added

• Allow client credentials secret to be hashed (#1145, ccbcfeb, 1c40ae0)
• Implement passport:hash command (#1238)
• Initial support for multiple providers (#1220)

Changed

• Client credentials middleware should allow any valid client (#1132)
• Switch from getKey() to getAuthIdentifier() to match Laravel core (#1134)
• Use Hasher interface instead of HashManager (#1157)
• Bump league server dependency (#1237)

Removed

• Remove deprecated functionality (#1235)
• Drop support for old JWT versions (#1236)

v8.5.0 (2020-05-05)

Added

• Automatic configuration of client UUIDs (#1231)

v8.4.4 (2020-04-21)

Fixed

• Fix 500 Internal Server Error response (#1222)

v8.4.3 (2020-03-31)

Fixed

• Fix resolveInheritedScopes (#1207)

v8.4.2 (2020-03-24)

Fixed

• mergeConfigFrom already checked if app is running with config cached (#1205)

v8.4.1 (2020-03-04)

Fixed

• Forget session keys on invalid match (#1192)
• Update dependencies for PSR request (#1201)

v8.4.0 (2020-02-12)

Changed

• Implement auth token for access requests (#1188)

Fixed

• Revoke refresh tokens when auth tokens get revoked (#1186)

v8.3.1 (2020-01-29)

Fixed

• Remove foreign keys (20e9b66)

v8.3.0 (2020-01-28)

Added

• Add a Passport Client factory to Passport publishing (#1171)

Changed

• Use bigIncrements and indexes on relationships (#1169, 140a693)

v8.2.0 (2020-01-07)

Added

• Update ClientCommand to support public clients (#1151)
• Purge Command for revoked and/or expired tokens and auth codes (#1159, 6c1ea42)

Changed

• Replace deprecated package and namespaces (#1158)

v8.1.0 (2019-12-30)

Added

• Allow access to HTTP response status code on OAuthServerException (#1148)
• Modify UserRepository to check for 'findAndValidateForPassport' method (#1144)

v8.0.2 (2019-11-26)

Changed

• Add abstract CheckCredentials middleware and allows to create (#1127)

v8.0.1 (2019-11-19)

Fixed

• Fix actingAsClient testing method (#1119)

v8.0.0 (2019-10-29)

Added

• Add ability to customize the RefreshToken (#966)
• Add support for "public" clients (#1065)

Changed

• Rework HandlesOAuthErrors trait to middleware (#937)
• Use a renderable exception for OAuth errors (#1066)
• Use diactoros 2.0 and psr-http-factory (aadf603)
• Replaced helpers with Blade directives (#939)
• Use caret for constraints (d906804)
• Dropped support for Laravel 5.8 (654cc09)
• Dropped support for PHP 7.1 (3c830ac)
• Upgrade to league/oauth2-server 8.0 (97e3026)

Fixed

• Fix exception will thrown if token belongs to first party clients (#1040)
• Fix auth codes table customization (#1044)
• Add key type to refresh token model (e400c2b)

v7.5.1 (2019-10-08)

Fixed

• Cast returned client identifier value to string (#1091)

v7.5.0 (2019-09-24)

Added

• Add actingAsClient method for tests (#1083)

v7.4.1 (2019-09-10)

Fixed

• Fixed key types for models (#1078, a9a885d3)

v7.4.0 (2019-08-20)

Added

• Let Passport support inherited parent scopes (#1068)
• Accept requests with the encrypted X-XSRF-TOKEN HTTP header (#1069)

v7.3.5 (2019-08-06)

Fixed

• Use bigInteger column type for user_id columns (#1057)

v7.3.4 (2019-07-30)

Changed

• Remove old 5.9 constraints (58eb99c)

v7.3.3 (2019-07-29)

Changed

• Update version constraints for Laravel 6.0 (609b5e8)

v7.3.2 (2019-07-11)

Fixed

• Merge default Passport configuration (#1039, e260c86)

v7.3.1 (2019-07-02)

Changed

• Change server property type in CheckClientCredentialForAnyScope (#1034)

v7.3.0 (2019-05-28)

Added

• Allow first party clients to skip the authorization prompt (#1022)

Fixed

• Fix AccessToken docblock (#996)

v7.2.2 (2019-03-13)

Fixed

• Allow installs of zend-diactoros 2 (c0c3fca)

v7.2.1 (2019-03-12)

Fixed

• Change wasRecentlyCreated to false (#979)

v7.2.0 (2019-02-14)

Changed

• Changed the way to get action path from url() to route() (#950)
• Allow '*' scope to be used with Client Credentials (#949)

Fixed

• Replace fire() with dispatch() (#952)

v7.1.0 (2019-01-22)

Added

• Added redirect_uri and user_id options to cli (#921, 8b8570c)
• Add ext-json dependency (#940)

Changed

• Make name an optional question (#926)

Fixed

• Do not auto increment AuthCode ID (#929)
• Allow multiple redirects when creating clients (#928)
• Add responses for destroy methods (#942)

v7.0.5 (2019-01-02)

Fixed

• Rename property (#920)

v7.0.4 (2018-12-31)

Added

• Add middleware CheckClientCredentialsForAnyScope (#855)
• Support a default scope when no scope was requested by the client (#879)
• Allow setting expiration of personal access tokens (#919)

Changed

• Change auth code table to the model's table (#865)
• Made whereRevoked consistent (#868)
• Use unsignedInteger column type for client_id columns (47f0021)

Fixed

• Prevent passing empty string variable to retrieveById method (#861)

v7.0.3 (2018-10-22)

Added

• Add names to routes for re-usability (#846)
• Add user relationship to client model (#851, 3213be8)
• Add the ability to retrieve current client (#854)

Fixed

• Fix migrations tag publish (#832)

v7.0.2 (2018-09-25)

Changed

• Authcode model is now used for persisting new authcodes (#808)
• resources/assets directory was flattened (#813)

Fixed

• Personal client exception (#831, 7bb53d1)

v7.0.1 (2018-08-13)

Added

• Add option to enable cookie serialization (9012496)

v7.0.0 (2018-08-13)

Changed

• Don't serialize by default (29e9d53)