[13.x] Support OAuth2 Server v9 - Githubissues

laravel / passport

Laravel Passport provides OAuth2 server support to Laravel.

https://laravel.com/docs/passport

MIT License

3.25k stars 780 forks source link

[13.x] Support OAuth2 Server v9 #1734

Closed hafezdivandari closed 1 month ago

hafezdivandari commented 3 months ago

Support OAuth2 Server v9.

[x] thephpleague/oauth2-server#1398
[x] thephpleague/oauth2-server#1402

github-actions[bot] commented 3 months ago

Thanks for submitting a PR!

Note that draft PR's are not reviewed. If you would like a review, please mark your pull request as ready for review in the GitHub user interface.

Pull requests that are abandoned in draft may be closed due to inactivity.

hafezdivandari commented 3 months ago

@driesvints this repo doesn't have master branch?

jayan-blutui commented 3 months ago

Great work on creating this PR so quickly seeing v9rc just launched a couple of days ago.

I know this PR is still a WIP but do you plan to include the new Device Authorization?

hafezdivandari commented 3 months ago

@jayan-blutui thanks.

I know this PR is still a WIP but do you plan to include the new Device Authorization?

Not in this PR, as it makes this hard to review.

driesvints commented 3 months ago

Thanks a lot for this PR @hafezdivandari. We should indeed try to support the new Device flow in v13 but let's indeed tackle that in a subsequent PR.

hafezdivandari commented 1 month ago

@driesvints This PR is ready, but it should target master, which doesn't exist on this repo.

driesvints commented 1 month ago

@hafezdivandari that's okay. We're using a different approach these days. I'll talk to the team to prepare a new major version. Ideally we'd also take in the new device flow (separate PR).

Thanks for working on this one!

driesvints commented 1 month ago

@hafezdivandari I retargeted your PR to 13.x now

siarheipashkevich commented 1 month ago

@hafezdivandari @driesvints why not to 12.x?

driesvints commented 1 month ago

@siarheipashkevich there's just too many breaking changes in here.

@hafezdivandari reminds me: could you make a list of upgrade steps in UPGRADE.md? I think we only need to reference the OAuth Server client v9 upgrade and a link to its own release notes, telling people to review those as well: https://github.com/thephpleague/oauth2-server/blob/master/CHANGELOG.md#900---released-2024-05-13

taylorotwell commented 1 month ago

Can someone give me an idea of the full upgrade steps and mark as ready for review?

driesvints commented 1 month ago

@taylorotwell those are already added to the upgrade guide in this PR. The main reason for this new major version is the oauth server v9 bump and the method signature changes.

hafezdivandari commented 1 month ago

@driesvints We are not going to release 13.x immediately after merging this right? I have 1 or 2 PRs for 13.x before release. I don't want to add too many changes at once, that makes this one hard to review.

driesvints commented 1 month ago

@hafezdivandari no I'll wait for those

taylorotwell commented 1 month ago

@driesvints I guess I'm looking for a general summary of the changes someone will need to make. What changes will a typical Laravel Passport app need to make? Earlier it was mentioned there are too many breaking changes for patch - what are those breaking changes specifically?

hafezdivandari commented 1 month ago

@taylorotwell nothing, just PHP 8.1+ and removed message property from OAuthException HTTP response. Now just use error_description as per the OAuth 2 spec.

The braking change is that most of the methods signatures are changed.