Merge branch '12.x' into 13.x

.github/SECURITY.md

@@ -15,7 +15,7 @@ If you discover a security vulnerability within Laravel, please send an email to
 ```
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 Version: OpenPGP v2.0.8
-Comment: https://sela.io/pgp/
+Comment: Report Security Vulnerabilities to [email protected]
 
 xsFNBFugFSQBEACxEKhIY9IoJzcouVTIYKJfWFGvwFgbRjQWBiH3QdHId5vCrbWo
 s2l+4Rv03gMG+yHLJ3rWElnNdRaNdQv59+lShrZF7Bvu7Zvc0mMNmFOM/mQ/K2Lt

CHANGELOG.md

@@ -1,6 +1,10 @@
 # Release Notes
 
-## [Unreleased](https://github.com/laravel/passport/compare/v12.2.1...12.x)
+## [Unreleased](https://github.com/laravel/passport/compare/v12.3.0...12.x)
+
+## [v12.3.0](https://github.com/laravel/passport/compare/v12.2.1...v12.3.0) - 2024-08-05
+
+* [12.x] Add access token revoked event by [@axlon](https://github.com/axlon) in https://github.com/laravel/passport/pull/1776
 
 ## [v12.2.1](https://github.com/laravel/passport/compare/v12.2.0...v12.2.1) - 2024-07-10
 

src/Bridge/AccessTokenRepository.php

@@ -5,6 +5,7 @@
 use DateTime;
 use Illuminate\Contracts\Events\Dispatcher;
 use Laravel\Passport\Events\AccessTokenCreated;
+use Laravel\Passport\Events\AccessTokenRevoked;
 use Laravel\Passport\Passport;
 use Laravel\Passport\TokenRepository;
 use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
@@ -69,7 +70,9 @@ public function persistNewAccessToken(AccessTokenEntityInterface $accessTokenEnt
      */
     public function revokeAccessToken(string $tokenId): void
     {
-        $this->tokenRepository->revokeAccessToken($tokenId);
+        if ($this->tokenRepository->revokeAccessToken($tokenId)) {
+            $this->events->dispatch(new AccessTokenRevoked($tokenId));
+        }
     }
 
     /**

src/Events/AccessTokenRevoked.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace Laravel\Passport\Events;
+
+class AccessTokenRevoked
+{
+    /**
+     * Create a new event instance.
+     *
+     * @param  string  $tokenId
+     * @return void
+     */
+    public function __construct(
+        public string $tokenId,
+    ) {
+    }
+}

tests/Unit/BridgeAccessTokenRepositoryTest.php

@@ -49,6 +49,34 @@ public function test_access_tokens_can_be_persisted()
         $repository->persistNewAccessToken($accessToken);
     }
 
+    public function test_access_tokens_can_be_revoked()
+    {
+        $tokenRepository = m::mock(TokenRepository::class);
+        $events = m::mock(Dispatcher::class);
+
+        $tokenRepository->shouldReceive('revokeAccessToken')->with('token-id')->once()->andReturn(1);
+        $events->shouldReceive('dispatch')->once();
+
+        $repository = new AccessTokenRepository($tokenRepository, $events);
+        $repository->revokeAccessToken('token-id');
+
+        $this->expectNotToPerformAssertions();
+    }
+
+    public function test_access_token_revoke_event_is_not_dispatched_when_nothing_happened()
+    {
+        $tokenRepository = m::mock(TokenRepository::class);
+        $events = m::mock(Dispatcher::class);
+
+        $tokenRepository->shouldReceive('revokeAccessToken')->with('token-id')->once()->andReturn(0);
+        $events->shouldNotReceive('dispatch');
+
+        $repository = new AccessTokenRepository($tokenRepository, $events);
+        $repository->revokeAccessToken('token-id');
+
+        $this->expectNotToPerformAssertions();
+    }
+
     public function test_can_get_new_access_token()
     {
         $tokenRepository = m::mock(TokenRepository::class);