Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[13.x] Rename CheckClientCredentials middleware #1792

Merged
merged 7 commits into from
Oct 7, 2024
Merged

[13.x] Rename CheckClientCredentials middleware #1792

merged 7 commits into from
Oct 7, 2024

Conversation

hafezdivandari
Copy link
Contributor

@hafezdivandari hafezdivandari commented Oct 4, 2024
edited
Loading

This PR corrects the naming of the CheckClientCredentials and CheckClientCredentialsForAnyScope middlewares. As mentioned in this comment and this issue, the current naming is confusing and does not accurately reflect the functionality of these middlewares:

  • The CheckClientCredentials class has been renamed to CheckToken, as it does not check client credentials but instead verifies whether the token is valid and has all the specified scopes.
  • The CheckClientCredentialsForAnyScope class has been renamed to CheckTokenForAnyScope, as it does not check client credentials but verifies whether the token has any of the specified scopes.
  • The CheckCredentials abstract class has been renamed to ValidateToken, as it does not check credentials but rather parses and validates the bearer token.

Summary

  • CheckClientCredentials -> CheckToken
  • CheckClientCredentialsForAnyScope -> CheckTokenForAnyScope
  • CheckCredentials -> ValidateToken

Usage

Refer to the updated docs:

@taylorotwell
Copy link
Member

taylorotwell commented Oct 7, 2024
edited
Loading

Isn't the token the client's credentials?

@hafezdivandari
Copy link
Contributor Author

hafezdivandari commented Oct 7, 2024
edited
Loading

@taylorotwell No, it works with any token, and that's exactly what makes its naming confusing.

@taylorotwell taylorotwell merged commit ca53922 into laravel:13.x Oct 7, 2024
4 checks passed
@hafezdivandari hafezdivandari deleted the 13.x-validate-token-middleware branch October 7, 2024 14:18
@taylorotwell
Copy link
Member

@hafezdivandari it's probably about time we think about releasing 13.x? Is there much more to do?

@hafezdivandari
Copy link
Contributor Author

@taylorotwell there are 5 PRs in draft, the most important one is #1750 and #1762, we are waiting for @Sephster to merge the related bug fixes on oauth2-server package before Passport 13.x release.

This was referenced Oct 9, 2024
Merged
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@hafezdivandari @taylorotwell