[13.x] Cleanup and add feature tests (#1767)

* cleanup

* add test

* fix tests

* formatting

src/ClientRepository.php

@@ -3,37 +3,9 @@
 namespace Laravel\Passport;
 
 use Illuminate\Support\Str;
-use RuntimeException;
 
 class ClientRepository
 {
-    /**
-     * The personal access client ID.
-     *
-     * @var int|string|null
-     */
-    protected $personalAccessClientId;
-
-    /**
-     * The personal access client secret.
-     *
-     * @var string|null
-     */
-    protected $personalAccessClientSecret;
-
-    /**
-     * Create a new client repository.
-     *
-     * @param  int|string|null  $personalAccessClientId
-     * @param  string|null  $personalAccessClientSecret
-     * @return void
-     */
-    public function __construct($personalAccessClientId = null, $personalAccessClientSecret = null)
-    {
-        $this->personalAccessClientId = $personalAccessClientId;
-        $this->personalAccessClientSecret = $personalAccessClientSecret;
-    }
-
     /**
      * Get a client by the given ID.
      *
@@ -103,22 +75,6 @@ public function activeForUser($userId)
         })->values();
     }
 
-    /**
-     * Get the personal access token client for the application.
-     *
-     * @return \Laravel\Passport\Client
-     *
-     * @throws \RuntimeException
-     */
-    public function personalAccessClient()
-    {
-        $client = $this->personalAccessClientId ? $this->find($this->personalAccessClientId) : null;
-
-        return $client ?? throw new RuntimeException(
-            'Personal access client not found. Please create one and set the `PASSPORT_PERSONAL_ACCESS_CLIENT_ID` and `PASSPORT_PERSONAL_ACCESS_CLIENT_SECRET` environment variables.'
-        );
-    }
-
     /**
      * Store a new client.
      *
@@ -233,24 +189,4 @@ public function delete(Client $client)
 
         $client->forceFill(['revoked' => true])->save();
     }
-
-    /**
-     * Get the personal access client id.
-     *
-     * @return int|string|null
-     */
-    public function getPersonalAccessClientId()
-    {
-        return $this->personalAccessClientId;
-    }
-
-    /**
-     * Get the personal access client secret.
-     *
-     * @return string|null
-     */
-    public function getPersonalAccessClientSecret()
-    {
-        return $this->personalAccessClientSecret;
-    }
 }

src/HasApiTokens.php

@@ -64,7 +64,7 @@ public function tokenCan($scope)
     public function createToken($name, array $scopes = [])
     {
         return Container::getInstance()->make(PersonalAccessTokenFactory::class)->make(
-            $this->getKey(), $name, $scopes
+            $this->getAuthIdentifier(), $name, $scopes
         );
     }
 

src/PassportServiceProvider.php

@@ -131,7 +131,6 @@ public function register()
                 ->give(fn () => Auth::guard(config('passport.guard', null)));
 
         $this->registerAuthorizationServer();
-        $this->registerClientRepository();
         $this->registerJWTParser();
         $this->registerResourceServer();
         $this->registerGuard();
@@ -265,20 +264,6 @@ public function makeAuthorizationServer()
         );
     }
 
-    /**
-     * Register the client repository.
-     *
-     * @return void
-     */
-    protected function registerClientRepository()
-    {
-        $this->app->singleton(ClientRepository::class, function ($container) {
-            $config = $container->make('config')->get('passport.personal_access_client');
-
-            return new ClientRepository($config['id'] ?? null, $config['secret'] ?? null);
-        });
-    }
-
     /**
      * Register the JWT Parser.
      *

src/PersonalAccessTokenFactory.php

@@ -7,6 +7,7 @@
 use Nyholm\Psr7\Response;
 use Nyholm\Psr7\ServerRequest;
 use Psr\Http\Message\ServerRequestInterface;
+use RuntimeException;
 
 class PersonalAccessTokenFactory
 {
@@ -17,13 +18,6 @@ class PersonalAccessTokenFactory
      */
     protected $server;
 
-    /**
-     * The client repository instance.
-     *
-     * @var \Laravel\Passport\ClientRepository
-     */
-    protected $clients;
-
     /**
      * The token repository instance.
      *
@@ -42,31 +36,26 @@ class PersonalAccessTokenFactory
      * Create a new personal access token factory instance.
      *
      * @param  \League\OAuth2\Server\AuthorizationServer  $server
-     * @param  \Laravel\Passport\ClientRepository  $clients
      * @param  \Laravel\Passport\TokenRepository  $tokens
      * @param  \Lcobucci\JWT\Parser  $jwt
      * @return void
      */
-    public function __construct(AuthorizationServer $server,
-                                ClientRepository $clients,
-                                TokenRepository $tokens,
-                                JwtParser $jwt)
+    public function __construct(AuthorizationServer $server, TokenRepository $tokens, JwtParser $jwt)
     {
         $this->jwt = $jwt;
         $this->tokens = $tokens;
         $this->server = $server;
-        $this->clients = $clients;
     }
 
     /**
      * Create a new personal access token.
      *
      * @param  mixed  $userId
      * @param  string  $name
-     * @param  array  $scopes
+     * @param  string[]  $scopes
      * @return \Laravel\Passport\PersonalAccessTokenResult
      */
-    public function make($userId, $name, array $scopes = [])
+    public function make($userId, string $name, array $scopes = [])
     {
         $response = $this->dispatchRequestToAuthorizationServer(
             $this->createRequest($userId, $scopes)
@@ -88,15 +77,23 @@ public function make($userId, $name, array $scopes = [])
      * Create a request instance for the given client.
      *
      * @param  mixed  $userId
-     * @param  array  $scopes
+     * @param  string[]  $scopes
      * @return \Psr\Http\Message\ServerRequestInterface
      */
     protected function createRequest($userId, array $scopes)
     {
+        $config = config('passport.personal_access_client');
+
+        if (! $config) {
+            throw new RuntimeException(
+                'Personal access client not found. Please create one and set the `PASSPORT_PERSONAL_ACCESS_CLIENT_ID` and `PASSPORT_PERSONAL_ACCESS_CLIENT_SECRET` environment variables.'
+            );
+        }
+
         return (new ServerRequest('POST', 'not-important'))->withParsedBody([
             'grant_type' => 'personal_access',
-            'client_id' => $this->clients->getPersonalAccessClientId(),
-            'client_secret' => $this->clients->getPersonalAccessClientSecret(),
+            'client_id' => $config['id'] ?? null,
+            'client_secret' => $config['secret'] ?? null,
             'user_id' => $userId,
             'scope' => implode(' ', $scopes),
         ]);

tests/Feature/PersonalAccessTokenFactoryTest.php

@@ -0,0 +1,44 @@
+<?php
+
+namespace Laravel\Passport\Tests\Feature;
+
+use Illuminate\Contracts\Hashing\Hasher;
+use Laravel\Passport\Client;
+use Laravel\Passport\Database\Factories\ClientFactory;
+use Laravel\Passport\Passport;
+use Laravel\Passport\PersonalAccessTokenResult;
+use Orchestra\Testbench\Concerns\WithLaravelMigrations;
+use Workbench\Database\Factories\UserFactory;
+
+class PersonalAccessTokenFactoryTest extends PassportTestCase
+{
+    use WithLaravelMigrations;
+
+    public function testIssueToken()
+    {
+        $user = UserFactory::new()->create([
+            'email' => '[email protected]',
+            'password' => $this->app->make(Hasher::class)->make('foobar123'),
+        ]);
+
+        /** @var Client $client */
+        $client = ClientFactory::new()->asPersonalAccessTokenClient()->create();
+
+        config([
+            'passport.personal_access_client.id' => $client->getKey(),
+            'passport.personal_access_client.secret' => $client->plainSecret,
+        ]);
+
+        Passport::tokensCan([
+            'foo' => 'Do foo',
+            'bar' => 'Do bar',
+        ]);
+
+        $result = $user->createToken('test', ['bar']);
+
+        $this->assertInstanceOf(PersonalAccessTokenResult::class, $result);
+        $this->assertSame($client->getKey(), $result->token->client_id);
+        $this->assertSame($user->getAuthIdentifier(), $result->token->user_id);
+        $this->assertSame(['bar'], $result->token->scopes);
+    }
+}

tests/Unit/BridgeClientRepositoryTest.php

@@ -197,25 +197,4 @@ class BridgeClientRepositoryTestClientStub extends \Laravel\Passport\Client
     public $password_client = false;
 
     public $provider = null;
-
-    public $grant_types;
-
-    public function firstParty()
-    {
-        return $this->personal_access_client || $this->password_client;
-    }
-
-    public function confidential()
-    {
-        return ! empty($this->secret);
-    }
-
-    public function hasGrantType($grantType)
-    {
-        if (! isset($this->grant_types) || ! is_array($this->grant_types)) {
-            return true;
-        }
-
-        return in_array($grantType, $this->grant_types);
-    }
 }

tests/Unit/HasApiTokensTest.php

@@ -45,7 +45,7 @@ class HasApiTokensTestStub
 {
     use HasApiTokens;
 
-    public function getKey()
+    public function getAuthIdentifier()
     {
         return 1;
     }

tests/Unit/PassportTest.php

@@ -4,7 +4,6 @@
 
 use Laravel\Passport\AuthCode;
 use Laravel\Passport\Client;
-use Laravel\Passport\ClientRepository;
 use Laravel\Passport\Passport;
 use Laravel\Passport\RefreshToken;
 use Laravel\Passport\Token;
@@ -39,14 +38,6 @@ public function test_client_instance_can_be_created()
         $this->assertInstanceOf(Passport::clientModel(), $client);
     }
 
-    public function test_missing_personal_access_client_is_reported()
-    {
-        $this->expectException('RuntimeException');
-
-        $clientRepository = new ClientRepository;
-        $clientRepository->personalAccessClient();
-    }
-
     public function test_token_instance_can_be_created()
     {
         $token = Passport::token();