[13.x] Support OAuth2 Server v9

[hafezdivandari]

Support OAuth2 Server v9.

• Testing v9-rc1 on Laravel Passport thephpleague/oauth2-server#1398
• Fix Passport Compatibility for V9 thephpleague/oauth2-server#1402

[github-actions]

Thanks for submitting a PR!

Note that draft PR's are not reviewed. If you would like a review, please mark your pull request as ready for review in the GitHub user interface.

Pull requests that are abandoned in draft may be closed due to inactivity.

[hafezdivandari]

@driesvints this repo doesn't have master branch?

[jayan-blutui]

Great work on creating this PR so quickly seeing v9rc just launched a couple of days ago.

I know this PR is still a WIP but do you plan to include the new Device Authorization?

[hafezdivandari]

@jayan-blutui thanks.

I know this PR is still a WIP but do you plan to include the new Device Authorization?

Not in this PR, as it makes this hard to review.

[driesvints]

Thanks a lot for this PR @hafezdivandari. We should indeed try to support the new Device flow in v13 but let's indeed tackle that in a subsequent PR.

[driesvints]

In a next PR we may drop Laravel v9 and v10 support as well as PHP 8.1

[hafezdivandari]

@driesvints This PR is ready, but it should target master, which doesn't exist on this repo.

[driesvints]

@hafezdivandari that's okay. We're using a different approach these days. I'll talk to the team to prepare a new major version. Ideally we'd also take in the new device flow (separate PR).

Thanks for working on this one!

[driesvints]

@hafezdivandari I retargeted your PR to 13.x now

[siarheipashkevich]

@hafezdivandari @driesvints why not to 12.x?

[driesvints]

@siarheipashkevich there's just too many breaking changes in here.

@hafezdivandari reminds me: could you make a list of upgrade steps in UPGRADE.md? I think we only need to reference the OAuth Server client v9 upgrade and a link to its own release notes, telling people to review those as well: https://github.com/thephpleague/oauth2-server/blob/master/CHANGELOG.md#900---released-2024-05-13

[taylorotwell]

Can someone give me an idea of the full upgrade steps and mark as ready for review?

[driesvints]

@taylorotwell those are already added to the upgrade guide in this PR. The main reason for this new major version is the oauth server v9 bump and the method signature changes.

[hafezdivandari]

@driesvints We are not going to release 13.x immediately after merging this right? I have 1 or 2 PRs for 13.x before release. I don't want to add too many changes at once, that makes this one hard to review.

[driesvints]

@hafezdivandari no I'll wait for those

[taylorotwell]

@driesvints I guess I'm looking for a general summary of the changes someone will need to make. What changes will a typical Laravel Passport app need to make? Earlier it was mentioned there are too many breaking changes for patch - what are those breaking changes specifically?

[hafezdivandari]

@taylorotwell nothing, just PHP 8.1+ and removed message property from OAuthException HTTP response. Now just use error_description as per the OAuth 2 spec.

The braking change is that most of the methods signatures are changed.