v12.1.0 - 2024-04-15
- [12.x] Make Passport's database connection configurable by @axlon in laravel#1738
v12.0.3 - 2024-04-05
- Adjust newFactory method visibility by @brandonfarber in laravel#1735
v12.0.2 - 2024-03-21
- [12.x] Make commands lazy by @timacdonald in laravel#1731
- [12.x] Allow token "expires in" to be defined as date interval by @jacobmllr95 in laravel#1733
v12.0.1 - 2024-03-14
- [12.x] Cast session lifetime to int by @kindslayer in laravel#1727
- [12.x] Fixes used version of L9 by @nunomaduro in laravel#1730
v12.0.0 - 2024-03-12
- [12.x] Adds Laravel 11 support by @nunomaduro in laravel#1702
- [12.x] Disable password grant by default by @hafezdivandari in laravel#1715
- [12.x] Make
Client::$plainSecretpublic by @axlon in laravel#1719 - [12.x] Use more secure key permissions by @axlon in laravel#1721
- [12.x] Enhance console commands by @hafezdivandari in laravel#1724
v11.10.6 - 2024-03-01
- Check that properties
grant_typesandscopesexist by @uintaam in laravel#1722
v11.10.5 - 2024-02-09
- [11.x] Fix getting/setting client scopes and grant types by @axlon in laravel#1717
v11.10.4 - 2024-01-30
- Consistently retrieve client uuids value from Passport by @rojtjo in laravel#1711
- [11.x] Allow developers to disable the password grant type by @axlon in laravel#1712
v11.10.2 - 2024-01-17
- Add getScopesAttribute and getScopesAttribute methods by @uintaam in laravel#1709
v11.10.1 - 2024-01-10
- [11.x] Allow unsetting a user's access token by @axlon in laravel#1698
- [11.x] Add getGrantTypesAttribute method to fix Eloquent strict mode error by @gdebrauwer in laravel#1705
v11.10.0 - 2023-11-02
- [11.x] Named static methods for middleware by @michaelnabil230 in laravel#1695
- Simplify Conditional Statement by @michaelnabil230 in laravel#1696
v11.9.2 - 2023-10-16
- Add return to revokeRefreshTokensByAccessTokenId method by @aminkhoshzahmat in laravel#1693
v11.9.1 - 2023-09-01
- [11.x] Allow scope repository to be constructed without parameters by @axlon in laravel#1686
v11.9.0 - 2023-08-29
- [11.x] Add the ability to limit scopes by client by @axlon in laravel#1682
- [11.x] Add support for inherited scopes when limiting scopes on clients by @axlon in laravel#1683
v11.8.8 - 2023-07-07
- Add generics to client factory by @axlon in laravel#1669
- Update composer.json by @Smoggert in laravel#1674
- Update composer.json by @drhoussem in laravel#1677
v11.8.7 - 2023-04-28
- Revert "[11.x] Add Provider Guard to ClientRepository for Personal Access Clients" by @driesvints in laravel#1658
v11.8.6 - 2023-04-24
- Add Provider Guard to ClientRepository for Personal Access Clients by @michaelnabil230 in laravel#1655
v11.8.5 - 2023-04-04
- Allow
lcobucci/jwtv5 and cleaned up version constraints by @GrahamCampbell in laravel#1649 - Pass user identifier through to finalize scopes in personal access grant by @GrahamCampbell in laravel#1650
v11.8.4 - 2023-03-18
- Removed deprecated
datesproperty fromRefreshTokenmodel by @siarheipashkevich in laravel#1645 - Removed deprecated
datesproperty fromAuthCodemodel by @siarheipashkevich in laravel#1644 - Fix doc block types by @hafezdivandari in laravel#1647
v11.8.3 - 2023-03-01
- Allow overriding the
AccessTokenclass by @hafezdivandari in laravel#1638 - Make
$userIdnullable inClientRepository->createPersonalAccessClientby @bram-pkg in laravel#1642
v11.8.2 - 2023-02-20
- Re-apply "Added AuthenticationException to extend the behaviour of Laravel's default exception handler" by @driesvints in https://github.com/laravel/passport/commit/67c3e336af163f6eba5dbca8e5db46275ff0e433
v11.8.1 - 2023-02-20
- Revert "Move AuthenticationException into the scope of Laravel Passport" by @driesvints in https://github.com/laravel/passport/commit/db543b0cc13ed3f56f1bffda04707fbe2a8c7ab5
v11.8.0 - 2023-02-17
- Move AuthenticationException into the scope of Laravel Passport by @chrispage1 in laravel#1633
- Custom authorization view response by @JonErickson in laravel#1629
- Fix deprecated $dates property by @TonyWong9527 in laravel#1636
v11.7.0 - 2023-02-08
- Add support for
EncryptCookiesmiddleware by @axlon in laravel#1628
v11.6.1 - 2023-02-03
- Indicate current token can be
TransientTokenby @axlon in laravel#1627
v11.6.0 - 2023-01-31
- Update ClientCommand.php's user_id description by @Smoggert in laravel#1619
- Get model PK instead of forcibly id column by @lucaspanik in laravel#1626
- Fix doc block for
withAccessToken()by @axlon in laravel#1620
v11.5.1 - 2023-01-16
- Get authenticated user from the guard by @hafezdivandari in laravel#1617
v11.5.0 - 2023-01-09
- Laravel v10 Support by @driesvints in laravel#1615
v11.4.0 - 2023-01-03
- Uses PHP Native Type Declarations 🐘 by @nunomaduro in laravel#1594
v11.3.1 - 2022-12-02
- Add auth guard to routes by @hafezdivandari in laravel#1603
v11.3.0 - 2022-10-22
- Support prompting login when redirecting for authorization by @hafezdivandari in laravel#1577
- Update PurgeCommand.php by @fatoskurtishi in laravel#1586
- Fix ClientRepository doc blocks by @axlon in laravel#1587
- Update docblock by @mnabialek in laravel#1588
v11.2.1 - 2022-09-29
- Improve token guard return type by @axlon in laravel#1579
v11.2.0 - 2022-09-07
- Let OAuth2 server handle the denying response by @hafezdivandari in laravel#1572
v11.1.0 - 2022-09-05
- Support prompting re-consent when redirecting for authorization by @hafezdivandari in laravel#1567
- Support disabling prompt when redirecting for authorization by @hafezdivandari in laravel#1569
v11.0.1 - 2022-08-29
- Custom days and hours to passport purge command by @rubengg86 in laravel#1563
- Allow for bootstrapping without loading routes by @axlon in laravel#1564
v11.0.0 - 2022-08-19
- Allow authenticated client to be retrieved from the guard by @axlon in laravel#1508
- Revert model DB connection customization by @driesvints in laravel#1412
- Allow timestamps on Token model by @driesvints in laravel#1425
- Improve authenticateViaBearerToken() performance by @alecpl in laravel#1447
- Refactor routes to dedicated file by @driesvints in laravel#1464
- Stub client on guard when calling Passport::actingAsClient() by @axlon in laravel#1519
- Fix scope inheritance when using Passport::actingAs() by @axlon in laravel#1551
- Drop PHP 7.x and Laravel v8 by @driesvints in laravel#1558
- Remove deprecated properties by @driesvints in laravel#1560
- Remove deprecated functionality and simplify some feature tests by @driesvints in laravel#1559
v10.4.1 - 2022-04-16
- Add new URI Rule to validate URI and use it to RedirectRule. by @victorbalssa in laravel#1544
v10.4.0 - 2022-03-30
- Upgrade firebase/php-jwt to ^6.0 by @prufrock in laravel#1538
v10.3.3 - 2022-03-08
- Use anonymous migrations by @mmachatschek in laravel#1531
v10.3.2 - 2022-02-22
- Fix Faker deprecations by @X-Coder264 in laravel#1530
- Allow to use custom authorization server response (#1521)
- Laravel 9 Support (#1516)
- Fix jsonSerialize PHP 8.1 issue (#1512)
- Fix
str_replaceerror when third parameter ($subject) is null (#1511)
- Add custom encryption key for JWT tokens (#1501)
- Refactor expiry dates to intervals (#1500)
- Ensure client model factory always creates models with a primary key (#1492
- Use app helper (3d1e6bb)
- Fix binding (e3478de)
- Backport phpseclib v2 (#1418)
- Update to phpseclib v3 (#1410)
- PHP 8 Support (#1373)
- Remove Vue components (#1352)
- Use newFactory to properly reference factory (#1349)
- Support Laravel 8 & drop PHP 7.2 support (#1336)
- Guzzle 7 support (#1311)
- Nonstandard ID in the token's relationship with the user (#1267)
- Implement secret modal (#1258)
- Warn about one-time-hashed-secret (#1259)
- Add force option to hash command (#1251)
- Implement personal access client config (#1260)
- Fix displaying secret in Vue component (#1244)
- Moved provider check to bearer token only (#1246)
- Fix create client call (aff9d09)
- Allow client credentials secret to be hashed (#1145, ccbcfeb, 1c40ae0)
- Implement
passport:hashcommand (#1238) - Initial support for multiple providers (#1220)
- Client credentials middleware should allow any valid client (#1132)
- Switch from
getKey()togetAuthIdentifier()to match Laravel core (#1134) - Use Hasher interface instead of HashManager (#1157)
- Bump league server dependency (#1237)
- Automatic configuration of client UUIDs (#1231)
- Fix 500 Internal Server Error response (#1222)
- Fix resolveInheritedScopes (#1207)
mergeConfigFromalready checked if app is running with config cached (#1205)
- Implement auth token for access requests (#1188)
- Revoke refresh tokens when auth tokens get revoked (#1186)
- Remove foreign keys (20e9b66)
- Add a Passport Client factory to Passport publishing (#1171)
- Update ClientCommand to support public clients (#1151)
- Purge Command for revoked and/or expired tokens and auth codes (#1159, 6c1ea42)
- Replace deprecated package and namespaces (#1158)
- Allow access to HTTP response status code on OAuthServerException (#1148)
- Modify UserRepository to check for 'findAndValidateForPassport' method (#1144)
- Add abstract CheckCredentials middleware and allows to create (#1127)
- Fix
actingAsClienttesting method (#1119)
- Rework HandlesOAuthErrors trait to middleware (#937)
- Use a renderable exception for OAuth errors (#1066)
- Use diactoros 2.0 and psr-http-factory (aadf603)
- Replaced helpers with Blade directives (#939)
- Use caret for constraints (d906804)
- Dropped support for Laravel 5.8 (654cc09)
- Dropped support for PHP 7.1 (3c830ac)
- Upgrade to league/oauth2-server 8.0 (97e3026)
- Fix exception will thrown if token belongs to first party clients (#1040)
- Fix auth codes table customization (#1044)
- Add key type to refresh token model (e400c2b)
- Cast returned client identifier value to string (#1091)
- Add
actingAsClientmethod for tests (#1083)
- Let Passport support inherited parent scopes (#1068)
- Accept requests with the encrypted X-XSRF-TOKEN HTTP header (#1069)
- Use
bigIntegercolumn type foruser_idcolumns (#1057)
- Remove old 5.9 constraints (58eb99c)
- Update version constraints for Laravel 6.0 (609b5e8)
- Change server property type in
CheckClientCredentialForAnyScope(#1034)
- Allow first party clients to skip the authorization prompt (#1022)
- Fix AccessToken docblock (#996)
- Allow installs of zend-diactoros 2 (c0c3fca)
- Change
wasRecentlyCreatedtofalse(#979)
- Changed the way to get action path from
url()toroute()(#950) - Allow
'*'scope to be used with Client Credentials (#949)
- Replace
fire()withdispatch()(#952)
- Make name an optional question (#926)
- Do not auto increment
AuthCodeID (#929) - Allow multiple redirects when creating clients (#928)
- Add responses for destroy methods (#942)
- Rename property (#920)
- Add middleware CheckClientCredentialsForAnyScope (#855)
- Support a default scope when no scope was requested by the client (#879)
- Allow setting expiration of personal access tokens (#919)
- Change auth code table to the model's table (#865)
- Made whereRevoked consistent (#868)
- Use unsignedInteger column type for
client_idcolumns (47f0021)
- Prevent passing empty string variable to retrieveById method (#861)
- Add names to routes for re-usability (#846)
- Add user relationship to client model (#851, 3213be8)
- Add the ability to retrieve current client (#854)
- Fix migrations tag publish (#832)
Authcodemodel is now used for persisting new authcodes (#808)resources/assetsdirectory was flattened (#813)
- Add option to enable cookie serialization (9012496)
- Don't serialize by default (29e9d53)