Issu

.gitattributes

@@ -7,7 +7,6 @@
 /.travis.yml export-ignore
 /.scrutinizer.yml export-ignore
 /phpunit.xml.dist export-ignore
-/phpspec.xml.dist export-ignore
 /CHANGELOG.md export-ignore
 /CONTRIBUTING.md export-ignore
 /README.md export-ignore

.gitignore

@@ -1,4 +1,3 @@
 composer.lock
 phpunit.xml
-phpspec.yml
 vendor

.php_cs

@@ -0,0 +1,89 @@
+<?php
+
+$header = <<<EOF
+This file is part of Laravel OAuth 2.0.
+
+(c) Luca Degasperi <[email protected]>
+
+For the full copyright and license information, please view the LICENSE
+file that was distributed with this source code.
+EOF;
+
+$fixers = [
+    // PSR-0
+    '-psr0',
+
+    // PSR-1
+    'encoding',
+    'short_tag',
+
+    // Symfony
+    'array_element_white_space_after_comma',
+    'blankline_after_open_tag',
+    'concat_without_spaces',
+    'duplicate_semicolon',
+    'empty_return',
+    'extra_empty_lines',
+    'function_typehint_space',
+    'include',
+    'join_function',
+    'list_commas',
+    'multiline_array_trailing_comma',
+    'namespace_no_leading_whitespace',
+    'new_with_braces',
+    'no_blank_lines_after_class_opening',
+    'no_empty_lines_after_phpdocs',
+    'object_operator',
+    'operators_spaces',
+    'phpdoc_indent',
+    'phpdoc_no_access',
+    'phpdoc_no_package',
+    'phpdoc_scalar',
+    'phpdoc_separation',
+    'phpdoc_short_description',
+    'phpdoc_to_comment',
+    'phpdoc_trim',
+    'phpdoc_type_to_var',
+    'phpdoc_var_without_name',
+    'print_to_echo',
+    'remove_leading_slash_use',
+    'remove_lines_between_uses',
+    'return',
+    'self_accessor',
+    'short_bool_cast',
+    'single_array_no_trailing_comma',
+    'single_blank_line_before_namespace',
+    'single_quote',
+    'spaces_before_semicolon',
+    'spaces_cast',
+    'standardize_not_equal',
+    'ternary_spaces',
+    'trim_array_spaces',
+    'unalign_double_arrow',
+    'unalign_equals',
+    'unary_operators_spaces',
+    'unneeded_control_parentheses',
+    'unused_use',
+    'whitespacy_lines',
+
+    // Contrib
+    'header_comment',
+    'multiline_spaces_before_semicolon',
+    'newline_after_open_tag',
+    'ordered_use',
+    'php_unit_construct',
+    'php_unit_strict',
+    'phpdoc_order',
+    'short_array_syntax',
+    'short_echo_tag',
+];
+
+Symfony\CS\Fixer\Contrib\HeaderCommentFixer::setHeader($header);
+
+$finder = Symfony\CS\Finder\DefaultFinder::create()
+    ->in(__DIR__);
+
+return Symfony\CS\Config\Config::create()
+    ->level(Symfony\CS\FixerInterface::PSR2_LEVEL)
+    ->fixers($fixers)
+    ->finder($finder);

.travis.yml

@@ -1,21 +1,18 @@
 language: php
 
 php:
-  - 5.5.9
-  - 5.5
   - 5.6
   - 7.0
   - hhvm
 
 sudo: false
 
 install:
-  - travis_retry composer install --no-interaction --prefer-source
+  - travis_retry composer install --no-interaction
 
 script:
-  - if [ "$TRAVIS_PHP_VERSION" != "5.5.9" ] && [ "$TRAVIS_PHP_VERSION" != "5.5" ] && [ "$TRAVIS_PHP_VERSION" != "5.6" ]; then vendor/bin/phpunit; vendor/bin/phpspec run; fi
-  - if [ "$TRAVIS_PHP_VERSION" == "5.5.9" ] || [ "$TRAVIS_PHP_VERSION" == "5.5" ] || [ "$TRAVIS_PHP_VERSION" == "5.6" ]; then vendor/bin/phpunit --coverage-clover build/logs/clover.xml; fi
+  - vendor/bin/phpunit --coverage-clover build/logs/clover.xml
 
 after_script:
-  - if [ "$TRAVIS_PHP_VERSION" == "5.5.9" ] || [ "$TRAVIS_PHP_VERSION" == "5.5" ] || [ "$TRAVIS_PHP_VERSION" == "5.6" ]; then wget https://scrutinizer-ci.com/ocular.phar; fi
-  - if [ "$TRAVIS_PHP_VERSION" == "5.5.9" ] || [ "$TRAVIS_PHP_VERSION" == "5.5" ] || [ "$TRAVIS_PHP_VERSION" == "5.6" ]; then php ocular.phar code-coverage:upload --format=php-clover build/logs/clover.xml; fi
+  - wget https://scrutinizer-ci.com/ocular.phar
+  - php ocular.phar code-coverage:upload --format=php-clover build/logs/clover.xml

CHANGELOG.md

@@ -1,5 +1,12 @@
 # CHANGELOG
 
+## 6.0.0 (upcoming)
+
+- Rewrite for league/oauth2-server 5.0
+- Added Laravel 5.3 support
+- Added auth guard support
+- Removed PHP 5.5 support
+
 ## 5.1.1 (released 2015-12-22)
 
 - Fix Laravel 5.2 support bug

README.md

@@ -1,15 +1,16 @@
-# OAuth 2.0 Server for Laravel
+# Laravel OAuth 2.0
 
 ![oauth2-server-laravel](https://cloud.githubusercontent.com/assets/499192/9065550/751404ba-3ad2-11e5-9f92-3d4d5d4b9c54.png)
 
 [OAuth 2.0](http://tools.ietf.org/wg/oauth/draft-ietf-oauth-v2/) authorization server and resource server for the Laravel and Lumen frameworks. Standard compliant thanks to the amazing work by [The League of Extraordinary Packages](http://www.thephpleague.com) OAuth 2.0 authorization server and resource server.
 
-[![Latest Version](http://img.shields.io/github/release/lucadegasperi/oauth2-server-laravel.svg?style=flat-square)](https://github.com/lucadegasperi/oauth2-server-laravel/releases)
-[![Software License](https://img.shields.io/badge/license-MIT-brightgreen.svg?style=flat-square)](LICENSE.md)
-[![Build Status](https://img.shields.io/travis/lucadegasperi/oauth2-server-laravel/master.svg?style=flat-square)](https://travis-ci.org/lucadegasperi/oauth2-server-laravel)
-[![Coverage Status](https://img.shields.io/scrutinizer/coverage/g/lucadegasperi/oauth2-server-laravel/master.svg?style=flat-square)](https://scrutinizer-ci.com/g/lucadegasperi/oauth2-server-laravel/code-structure)
-[![Quality Score](https://img.shields.io/scrutinizer/g/lucadegasperi/oauth2-server-laravel/master.svg?style=flat-square)](https://scrutinizer-ci.com/g/lucadegasperi/oauth2-server-laravel)
-[![Total Downloads](https://img.shields.io/packagist/dt/lucadegasperi/oauth2-server-laravel.svg?style=flat-square)](https://packagist.org/packages/lucadegasperi/oauth2-server-laravel)
+[![Build Status](https://img.shields.io/travis/lucadegasperi/oauth2-server-laravel/master.svg?style=flat)](https://travis-ci.org/lucadegasperi/oauth2-server-laravel)
+[![StyleCI](https://styleci.io/repos/13300645/shield?style=flat)](https://styleci.io/repos/13300645)
+[![Coverage Status](https://img.shields.io/scrutinizer/coverage/g/lucadegasperi/oauth2-server-laravel/master.svg?style=flat)](https://scrutinizer-ci.com/g/lucadegasperi/oauth2-server-laravel/code-structure)
+[![Quality Score](https://img.shields.io/scrutinizer/g/lucadegasperi/oauth2-server-laravel/master.svg?style=flat)](https://scrutinizer-ci.com/g/lucadegasperi/oauth2-server-laravel)
+[![Total Downloads](https://img.shields.io/packagist/dt/lucadegasperi/oauth2-server-laravel.svg?style=flat)](https://packagist.org/packages/lucadegasperi/oauth2-server-laravel)
+[![Latest Version](http://img.shields.io/github/release/lucadegasperi/oauth2-server-laravel.svg?style=flat)](https://github.com/lucadegasperi/oauth2-server-laravel/releases)
+[![License](https://img.shields.io/packagist/l/lucadegasperi/oauth2-server-laravel.svg?style=flat)](https://packagist.org/packages/lucadegasperi/oauth2-server-laravel)
 
 > **Note:** This package assumes you have a good-enough knowledge of the principles behind the [OAuth 2.0 authorization specification](http://tools.ietf.org/html/rfc6749).
 
@@ -23,6 +24,7 @@
  5.0.x    | 4.0.x        |>= 5.4
  5.1.x    | 5.0.x        |>= 5.5.9
  5.2.x    | 5.1.x        |>= 5.5.9
+ 5.3.x    | 6.0.x        |>= 5.6.4
 
 ## Documentation
 

composer.json

@@ -1,7 +1,7 @@
 {
     "name": "lucadegasperi/oauth2-server-laravel",
-    "description": "An OAuth 2.0 bridge for Laravel and Lumen",
-    "keywords": ["oauth2", "oauth", "server", "api", "laravel", "lumen"],
+    "description": "An OAuth 2.0 bridge for Laravel",
+    "keywords": ["oauth2", "oauth", "server", "api", "laravel", "league", "authentication", "authorization"],
     "license": "MIT",
     "authors": [
         {
@@ -14,21 +14,21 @@
         }
     ],
     "require": {
-        "php": ">=5.5.9",
-        "illuminate/database": "5.1.* || 5.2.*",
-        "illuminate/console": "5.1.* || 5.2.*",
-        "illuminate/contracts": "5.1.* || 5.2.*",
-        "illuminate/http": "5.1.* || 5.2.*",
-        "illuminate/support": "5.1.* || 5.2.*",
-        "illuminate/config": "5.1.* || 5.2.*",
-        "league/oauth2-server": "4.1.*"
+        "php": "^5.6.4 || ^7.0",
+        "illuminate/config": "5.2.* || 5.3.*",
+        "illuminate/console": "5.2.* || 5.3.*",
+        "illuminate/contracts": "5.2.* || 5.3.*",
+        "illuminate/database": "5.2.* || 5.3.*",
+        "illuminate/http": "5.2.* || 5.3.*",
+        "illuminate/support": "5.2.* || 5.3.*",
+        "league/oauth2-server": "^5.0",
+        "symfony/psr-http-message-bridge": "^0.2",
+        "zendframework/zend-diactoros": "^1.3"
     },
     "require-dev": {
-        "orchestra/testbench": "3.1.* || 3.2.*",
-        "phpunit/phpunit": "^4.8 || ^5.0",
-        "phpspec/phpspec": "^2.2",
-        "mockery/mockery": "^0.9.4",
-        "henrikbjorn/phpspec-code-coverage": "^1.0"
+        "graham-campbell/testbench": "^3.2",
+        "mockery/mockery": "^0.9.5",
+        "phpunit/phpunit": "^5.4"
     },
     "autoload": {
         "psr-4": {
@@ -41,15 +41,11 @@
         },
         "classmap": [
             "database"
-        ],
-        "files": [
-            "tests/AbstractTestCase.php",
-            "tests/integration/AbstractDBTestCase.php"
         ]
     },
     "extra": {
         "branch-alias": {
-            "dev-master": "5.1-dev"
+            "dev-master": "6.0-dev"
         }
     },
     "minimum-stability": "dev",

config/oauth2.php

@@ -1,7 +1,7 @@
 <?php
 
 /*
- * This file is part of OAuth 2.0 Laravel.
+ * This file is part of Laravel OAuth 2.0.
  *
  * (c) Luca Degasperi <[email protected]>
  *
@@ -26,127 +26,64 @@
     | http://git.io/vJLAv
     |
     */
-
     'grant_types' => [
-
+        [
+            'class' => \League\OAuth2\Server\Grant\PasswordGrant::class,
+            'access_token_ttl' => '',
+        ],
     ],
 
     /*
     |--------------------------------------------------------------------------
-    | Output Token Type
-    |--------------------------------------------------------------------------
-    |
-    | This will tell the authorization server the output format for the access
-    | token and the resource server how to parse the access token used.
-    |
-    | Default value is League\OAuth2\Server\TokenType\Bearer
-    |
-    */
-
-    'token_type' => 'League\OAuth2\Server\TokenType\Bearer',
-
-    /*
-    |--------------------------------------------------------------------------
-    | State Parameter
-    |--------------------------------------------------------------------------
-    |
-    | Whether or not the state parameter is required in the query string.
-    |
-    */
-
-    'state_param' => false,
-
-    /*
-    |--------------------------------------------------------------------------
-    | Scope Parameter
-    |--------------------------------------------------------------------------
-    |
-    | Whether or not the scope parameter is required in the query string.
-    |
-    */
-
-    'scope_param' => false,
-
-    /*
-    |--------------------------------------------------------------------------
-    | Scope Delimiter
+    | Private Key Path
     |--------------------------------------------------------------------------
     |
-    | Which character to use to split the scope parameter in the query string.
     |
     */
-
-    'scope_delimiter' => ',',
+    'private_key_path' => 'file://path_to_private_key/private.key',
 
     /*
     |--------------------------------------------------------------------------
-    | Default Scope
+    | Public Key Path
     |--------------------------------------------------------------------------
     |
-    | The default scope to use if not present in the query string.
     |
     */
-
-    'default_scope' => null,
+    'public_key_path' => 'file://path_to_private_key/public.key',
 
     /*
     |--------------------------------------------------------------------------
-    | Access Token TTL
+    | Key Passphrase
     |--------------------------------------------------------------------------
     |
-    | For how long the issued access token is valid (in seconds) this can be
-    | also set on a per grant-type basis.
+    | Default value is null, put your passphrase here if the key has one
     |
     */
-
-    'access_token_ttl' => 3600,
+    'key_passphrase' => null,
 
     /*
     |--------------------------------------------------------------------------
-    | Limit clients to specific grants
+    | Output Response Type
     |--------------------------------------------------------------------------
     |
-    | Whether or not to limit clients to specific grant types. This is useful
-    | to allow only trusted clients to access your API differently.
-    |
-    */
-
-    'limit_clients_to_grants' => false,
-
-    /*
-    |--------------------------------------------------------------------------
-    | Limit clients to specific scopes
-    |--------------------------------------------------------------------------
+    | This will tell the authorization server the output format for the access
+    | token and the resource server how to parse the access token used.
     |
-    | Whether or not to limit clients to specific scopes. This is useful to
-    | only allow specific clients to use some scopes.
+    | Default value is \League\OAuth2\Server\ResponseTypes\BearerTokenResponse
     |
     */
-
-    'limit_clients_to_scopes' => false,
+    'response_type' => \League\OAuth2\Server\ResponseTypes\BearerTokenResponse::class,
 
     /*
     |--------------------------------------------------------------------------
-    | Limit scopes to specific grants
+    | Authorization Validator
     |--------------------------------------------------------------------------
     |
-    | Whether or not to limit scopes to specific grants. This is useful to
-    | allow certain scopes to be used only with certain grant types.
-    |
-    */
-
-    'limit_scopes_to_grants' => false,
-
-    /*
-    |--------------------------------------------------------------------------
-    | HTTP Header Only
-    |--------------------------------------------------------------------------
+    | This will tell the resource server the validator to use to validate an incoming request
     |
-    | This will tell the resource server where to check for the access_token.
-    | By default it checks both the query string and the http headers.
+    | Default value is \League\OAuth2\Server\AuthorizationValidators\BearerTokenValidator::class
     |
     */
-
-    'http_headers_only' => false,
+    'authorization_validator' => \League\OAuth2\Server\AuthorizationValidators\BearerTokenValidator::class,
 
 ];