Skip to content

feat: Allow findForPassport to optionally receive the OAuth client #1866

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Oct 26, 2025
Merged

feat: Allow findForPassport to optionally receive the OAuth client #1866

merged 6 commits into from
Oct 26, 2025
+2 −2

Conversation

@maximepvrt
Copy link
Contributor

@maximepvrt maximepvrt commented Oct 24, 2025
edited
Loading

Currently, Laravel Passport uses the findForPassport(string $username) method to retrieve the user during password grant authentication. This method only receives the username, which limits cases where we might want to filter users based on the OAuth client.

This PR introduces the possibility to define findForPassport with a second optional parameter, a ClientEntityInterface $client, allowing:

  • Filtering users based on the OAuth client if needed.
  • Maintaining compatibility with existing methods that only accept one parameter.

Example usage:

use Laravel\Passport\Bridge\Client;

public function findForPassport(string $username, Client $client)
{
    return $this->where('email', $username)
        ->whereHas('clients', function ($q) use ($client) {
            $q->where('id', $client->getIdentifier());
        })->first();
}

This is not a breaking change: existing methods with a single parameter will continue to work.

📖 I also prepared a PR for the documentation to explain this new possibility: laravel/docs#10880

@maximepvrt
add optional client param to findForPassport function
058d1a0 
Refactor user retrieval logic to use ReflectionMethod for dynamic argument handling.
@maximepvrt
hotfix
273b714
@maximepvrt maximepvrt changed the title Patch 2 feat: Allow findForPassport to optionally receive the OAuth client Oct 24, 2025
@maximepvrt maximepvrt marked this pull request as draft October 24, 2025 17:16
@maximepvrt maximepvrt mentioned this pull request Oct 24, 2025
Merged
@maximepvrt maximepvrt marked this pull request as ready for review October 24, 2025 17:29
hafezdivandari
hafezdivandari reviewed Oct 24, 2025
View reviewed changes
Copy link
Contributor

@hafezdivandari hafezdivandari left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No need to use reflection, just pass the $clientEntity as argument. If you want to make this change, please apply the same to line 38:

- $user = (new $model)->findAndValidateForPassport($username, $password);
+ $user = (new $model)->findAndValidateForPassport($username, $password, $clientEntity);

@maximepvrt
Copy link
Contributor Author

maximepvrt commented Oct 24, 2025

@hafezdivandari updated ;-)

@taylorotwell taylorotwell merged commit aee8af1 into laravel:13.x Oct 26, 2025
8 checks passed
@maximepvrt maximepvrt mentioned this pull request Nov 10, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hafezdivandari hafezdivandari Awaiting requested review from hafezdivandari

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@maximepvrt @hafezdivandari @taylorotwell