Closed hafezdivandari closed 3 months ago
Thanks for submitting a PR!
Note that draft PR's are not reviewed. If you would like a review, please mark your pull request as ready for review in the GitHub user interface.
Pull requests that are abandoned in draft may be closed due to inactivity.
I guess this solves the long outstanding https://github.com/laravel/passport/issues/382 issue? If that's the case then we should definitely give this a go.
This PR fixes how we determine if the specified record is revoked and adds integration tests for this.
Auth Code
If the given auth code does not exist (removed),
Bridge/AuthCodeRepository::isAuthCodeRevoked()
returnsfalse
mistakenly.Access Token
TokenRepository::isAccessTokenRevoked()
is usingfind
to determine if the given access token is revoked, this causes performance issue asTokenGaurd
callsfind
twice on every request.Refresh Token
RefreshTokenRepository::isRefreshTokenRevoked()
also usesfind
to determine if the given refresh token is revoked.