sampanna/StocksNew
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
Sampanna Rimal
2024-08-27 17:48:06 +05:45
commit 53c0140f58
10839 changed files with 1125847 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
vendor/laravel/sanctum/LICENSE.md vendored Normal file
View File

@@ -0,0 +1,21 @@
The MIT License (MIT)
Copyright (c) Taylor Otwell
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

32
vendor/laravel/sanctum/README.md vendored Normal file
View File

@@ -0,0 +1,32 @@
<p align="center"><img src="/art/logo.svg" alt="Logo Laravel Sanctum"></p>
<p align="center">
<a href="https://github.com/laravel/sanctum/actions"><img src="https://github.com/laravel/sanctum/workflows/tests/badge.svg" alt="Build Status"></a>
<a href="https://packagist.org/packages/laravel/sanctum"><img src="https://img.shields.io/packagist/dt/laravel/sanctum" alt="Total Downloads"></a>
<a href="https://packagist.org/packages/laravel/sanctum"><img src="https://img.shields.io/packagist/v/laravel/sanctum" alt="Latest Stable Version"></a>
<a href="https://packagist.org/packages/laravel/sanctum"><img src="https://img.shields.io/packagist/l/laravel/sanctum" alt="License"></a>
</p>
## Introduction
Laravel Sanctum provides a featherweight authentication system for SPAs and simple APIs.
## Official Documentation
Documentation for Sanctum can be found on the [Laravel website](https://laravel.com/docs/sanctum).
## Contributing
Thank you for considering contributing to Sanctum! The contribution guide can be found in the [Laravel documentation](https://laravel.com/docs/contributions).
## Code of Conduct
In order to ensure that the Laravel community is welcoming to all, please review and abide by the [Code of Conduct](https://laravel.com/docs/contributions#code-of-conduct).
## Security Vulnerabilities
Please review [our security policy](https://github.com/laravel/sanctum/security/policy) on how to report security vulnerabilities.
## License
Laravel Sanctum is open-sourced software licensed under the [MIT license](LICENSE.md).

20
vendor/laravel/sanctum/UPGRADE.md vendored Normal file
View File

@@ -0,0 +1,20 @@
# Upgrade Guide
## Upgrading To 3.0 From 2.x
### Minimum Versions
The following dependency versions have been updated:
- The minimum PHP version is now v8.0.2
- The minimum Laravel version is now v9.21
### New `expires_at` Column
Sanctum now supports expiring tokens. To support this feature, a new `expires_at` column must be added to your application's `personal_access_tokens` table. To add the column to your table, create a migration with the following schema change:
```php
Schema::table('personal_access_tokens', function (Blueprint $table) {
$table->timestamp('expires_at')->nullable()->after('last_used_at');
});
```

57
vendor/laravel/sanctum/composer.json vendored Normal file
View File

@@ -0,0 +1,57 @@
{
"name": "laravel/sanctum",
"description": "Laravel Sanctum provides a featherweight authentication system for SPAs and simple APIs.",
"keywords": ["laravel", "sanctum", "auth"],
"license": "MIT",
"support": {
"issues": "https://github.com/laravel/sanctum/issues",
"source": "https://github.com/laravel/sanctum"
},
"authors": [
{
"name": "Taylor Otwell",
"email": "taylor@laravel.com"
}
],
"require": {
"php": "^8.0.2",
"ext-json": "*",
"illuminate/console": "^9.21|^10.0",
"illuminate/contracts": "^9.21|^10.0",
"illuminate/database": "^9.21|^10.0",
"illuminate/support": "^9.21|^10.0"
},
"require-dev": {
"mockery/mockery": "^1.0",
"orchestra/testbench": "^7.28.2|^8.8.3",
"phpstan/phpstan": "^1.10",
"phpunit/phpunit": "^9.6"
},
"autoload": {
"psr-4": {
"Laravel\\Sanctum\\": "src/"
}
},
"autoload-dev": {
"psr-4": {
"Laravel\\Sanctum\\Tests\\": "tests/",
"Workbench\\App\\": "workbench/app/",
"Workbench\\Database\\Factories\\": "workbench/database/factories/"
}
},
"extra": {
"branch-alias": {
"dev-master": "3.x-dev"
},
"laravel": {
"providers": [
"Laravel\\Sanctum\\SanctumServiceProvider"
]
}
},
"config": {
"sort-packages": true
},
"minimum-stability": "dev",
"prefer-stable": true
}

83
vendor/laravel/sanctum/config/sanctum.php vendored Normal file
View File

@@ -0,0 +1,83 @@
<?php
use Laravel\Sanctum\Sanctum;
return [
/*
|--------------------------------------------------------------------------
| Stateful Domains
|--------------------------------------------------------------------------
|
| Requests from the following domains / hosts will receive stateful API
| authentication cookies. Typically, these should include your local
| and production domains which access your API via a frontend SPA.
|
*/
'stateful' => explode(',', env('SANCTUM_STATEFUL_DOMAINS', sprintf(
'%s%s',
'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1',
Sanctum::currentApplicationUrlWithPort()
))),
/*
|--------------------------------------------------------------------------
| Sanctum Guards
|--------------------------------------------------------------------------
|
| This array contains the authentication guards that will be checked when
| Sanctum is trying to authenticate a request. If none of these guards
| are able to authenticate the request, Sanctum will use the bearer
| token that's present on an incoming request for authentication.
|
*/
'guard' => ['web'],
/*
|--------------------------------------------------------------------------
| Expiration Minutes
|--------------------------------------------------------------------------
|
| This value controls the number of minutes until an issued token will be
| considered expired. This will override any values set in the token's
| "expires_at" attribute, but first-party sessions are not affected.
|
*/
'expiration' => null,
/*
|--------------------------------------------------------------------------
| Token Prefix
|--------------------------------------------------------------------------
|
| Sanctum can prefix new tokens in order to take advantage of numerous
| security scanning initiatives maintained by open source platforms
| that notify developers if they commit tokens into repositories.
|
| See: https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning
|
*/
'token_prefix' => env('SANCTUM_TOKEN_PREFIX', ''),
/*
|--------------------------------------------------------------------------
| Sanctum Middleware
|--------------------------------------------------------------------------
|
| When authenticating your first-party SPA with Sanctum you may need to
| customize some of the middleware Sanctum uses while processing the
| request. You may change the middleware listed below as required.
|
*/
'middleware' => [
'authenticate_session' => Laravel\Sanctum\Http\Middleware\AuthenticateSession::class,
'encrypt_cookies' => App\Http\Middleware\EncryptCookies::class,
'verify_csrf_token' => App\Http\Middleware\VerifyCsrfToken::class,
],
];

33
vendor/laravel/sanctum/database/migrations/2019_12_14_000001_create_personal_access_tokens_table.php vendored Normal file
View File

@@ -0,0 +1,33 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('personal_access_tokens', function (Blueprint $table) {
$table->id();
$table->morphs('tokenable');
$table->string('name');
$table->string('token', 64)->unique();
$table->text('abilities')->nullable();
$table->timestamp('last_used_at')->nullable();
$table->timestamp('expires_at')->nullable();
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('personal_access_tokens');
}
};

53
vendor/laravel/sanctum/src/Console/Commands/PruneExpired.php vendored Normal file
View File

@@ -0,0 +1,53 @@
<?php
namespace Laravel\Sanctum\Console\Commands;
use Illuminate\Console\Command;
use Laravel\Sanctum\Sanctum;
class PruneExpired extends Command
{
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'sanctum:prune-expired {--hours=24 : The number of hours to retain expired Sanctum tokens}';
/**
* The console command description.
*
* @var string
*/
protected $description = 'Prune tokens expired for more than specified number of hours';
/**
* Execute the console command.
*
* @return int
*/
public function handle()
{
$model = Sanctum::$personalAccessTokenModel;
$hours = $this->option('hours');
$this->components->task(
'Pruning tokens with expired expires_at timestamps',
fn () => $model::where('expires_at', '<', now()->subHours($hours))->delete()
);
if ($expiration = config('sanctum.expiration')) {
$this->components->task(
'Pruning tokens with expired expiration value based on configuration file',
fn () => $model::where('created_at', '<', now()->subMinutes($expiration + ($hours * 60)))->delete()
);
} else {
$this->components->warn('Expiration value not specified in configuration file.');
}
$this->components->info("Tokens expired for more than [$hours hours] pruned successfully.");
return 0;
}
}

22
vendor/laravel/sanctum/src/Contracts/HasAbilities.php vendored Normal file
View File

@@ -0,0 +1,22 @@
<?php
namespace Laravel\Sanctum\Contracts;
interface HasAbilities
{
/**
* Determine if the token has a given ability.
*
* @param string $ability
* @return bool
*/
public function can($ability);
/**
* Determine if the token is missing a given ability.
*
* @param string $ability
* @return bool
*/
public function cant($ability);
}

45
vendor/laravel/sanctum/src/Contracts/HasApiTokens.php vendored Normal file
View File

@@ -0,0 +1,45 @@
<?php
namespace Laravel\Sanctum\Contracts;
interface HasApiTokens
{
/**
* Get the access tokens that belong to model.
*
* @return \Illuminate\Database\Eloquent\Relations\MorphMany
*/
public function tokens();
/**
* Determine if the current API token has a given scope.
*
* @param string $ability
* @return bool
*/
public function tokenCan(string $ability);
/**
* Create a new personal access token for the user.
*
* @param string $name
* @param array $abilities
* @return \Laravel\Sanctum\NewAccessToken
*/
public function createToken(string $name, array $abilities = ['*']);
/**
* Get the access token currently associated with the user.
*
* @return \Laravel\Sanctum\Contracts\HasAbilities
*/
public function currentAccessToken();
/**
* Set the current access token for the user.
*
* @param \Laravel\Sanctum\Contracts\HasAbilities $accessToken
* @return \Laravel\Sanctum\Contracts\HasApiTokens
*/
public function withAccessToken($accessToken);
}

24
vendor/laravel/sanctum/src/Events/TokenAuthenticated.php vendored Normal file
View File

@@ -0,0 +1,24 @@
<?php
namespace Laravel\Sanctum\Events;
class TokenAuthenticated
{
/**
* The personal access token that was authenticated.
*
* @var \Laravel\Sanctum\PersonalAccessToken
*/
public $token;
/**
* Create a new event instance.
*
* @param \Laravel\Sanctum\PersonalAccessToken $token
* @return void
*/
public function __construct($token)
{
$this->token = $token;
}
}

40
vendor/laravel/sanctum/src/Exceptions/MissingAbilityException.php vendored Normal file
View File

@@ -0,0 +1,40 @@
<?php
namespace Laravel\Sanctum\Exceptions;
use Illuminate\Auth\Access\AuthorizationException;
use Illuminate\Support\Arr;
class MissingAbilityException extends AuthorizationException
{
/**
* The abilities that the user did not have.
*
* @var array
*/
protected $abilities;
/**
* Create a new missing scope exception.
*
* @param array|string $abilities
* @param string $message
* @return void
*/
public function __construct($abilities = [], $message = 'Invalid ability provided.')
{
parent::__construct($message);
$this->abilities = Arr::wrap($abilities);
}
/**
* Get the abilities that the user did not have.
*
* @return array
*/
public function abilities()
{
return $this->abilities;
}
}

44
vendor/laravel/sanctum/src/Exceptions/MissingScopeException.php vendored Normal file
View File

@@ -0,0 +1,44 @@
<?php
namespace Laravel\Sanctum\Exceptions;
use Illuminate\Auth\Access\AuthorizationException;
use Illuminate\Support\Arr;
/**
* @deprecated
* @see \Laravel\Sanctum\Exceptions\MissingAbilityException
*/
class MissingScopeException extends AuthorizationException
{
/**
* The scopes that the user did not have.
*
* @var array
*/
protected $scopes;
/**
* Create a new missing scope exception.
*
* @param array|string $scopes
* @param string $message
* @return void
*/
public function __construct($scopes = [], $message = 'Invalid scope(s) provided.')
{
parent::__construct($message);
$this->scopes = Arr::wrap($scopes);
}
/**
* Get the scopes that the user did not have.
*
* @return array
*/
public function scopes()
{
return $this->scopes;
}
}

186
vendor/laravel/sanctum/src/Guard.php vendored Normal file
View File

@@ -0,0 +1,186 @@
<?php
namespace Laravel\Sanctum;
use Illuminate\Contracts\Auth\Factory as AuthFactory;
use Illuminate\Http\Request;
use Illuminate\Support\Arr;
use Laravel\Sanctum\Events\TokenAuthenticated;
class Guard
{
/**
* The authentication factory implementation.
*
* @var \Illuminate\Contracts\Auth\Factory
*/
protected $auth;
/**
* The number of minutes tokens should be allowed to remain valid.
*
* @var int
*/
protected $expiration;
/**
* The provider name.
*
* @var string
*/
protected $provider;
/**
* Create a new guard instance.
*
* @param \Illuminate\Contracts\Auth\Factory $auth
* @param int $expiration
* @param string $provider
* @return void
*/
public function __construct(AuthFactory $auth, $expiration = null, $provider = null)
{
$this->auth = $auth;
$this->expiration = $expiration;
$this->provider = $provider;
}
/**
* Retrieve the authenticated user for the incoming request.
*
* @param \Illuminate\Http\Request $request
* @return mixed
*/
public function __invoke(Request $request)
{
foreach (Arr::wrap(config('sanctum.guard', 'web')) as $guard) {
if ($user = $this->auth->guard($guard)->user()) {
return $this->supportsTokens($user)
? $user->withAccessToken(new TransientToken)
: $user;
}
}
if ($token = $this->getTokenFromRequest($request)) {
$model = Sanctum::$personalAccessTokenModel;
$accessToken = $model::findToken($token);
if (! $this->isValidAccessToken($accessToken) ||
! $this->supportsTokens($accessToken->tokenable)) {
return;
}
$tokenable = $accessToken->tokenable->withAccessToken(
$accessToken
);
event(new TokenAuthenticated($accessToken));
if (method_exists($accessToken->getConnection(), 'hasModifiedRecords') &&
method_exists($accessToken->getConnection(), 'setRecordModificationState')) {
tap($accessToken->getConnection()->hasModifiedRecords(), function ($hasModifiedRecords) use ($accessToken) {
$accessToken->forceFill(['last_used_at' => now()])->save();
$accessToken->getConnection()->setRecordModificationState($hasModifiedRecords);
});
} else {
$accessToken->forceFill(['last_used_at' => now()])->save();
}
return $tokenable;
}
}
/**
* Determine if the tokenable model supports API tokens.
*
* @param mixed $tokenable
* @return bool
*/
protected function supportsTokens($tokenable = null)
{
return $tokenable && in_array(HasApiTokens::class, class_uses_recursive(
get_class($tokenable)
));
}
/**
* Get the token from the request.
*
* @param \Illuminate\Http\Request $request
* @return string|null
*/
protected function getTokenFromRequest(Request $request)
{
if (is_callable(Sanctum::$accessTokenRetrievalCallback)) {
return (string) (Sanctum::$accessTokenRetrievalCallback)($request);
}
$token = $request->bearerToken();
return $this->isValidBearerToken($token) ? $token : null;
}
/**
* Determine if the bearer token is in the correct format.
*
* @param string|null $token
* @return bool
*/
protected function isValidBearerToken(string $token = null)
{
if (! is_null($token) && str_contains($token, '|')) {
$model = new Sanctum::$personalAccessTokenModel;
if ($model->getKeyType() === 'int') {
[$id, $token] = explode('|', $token, 2);
return ctype_digit($id) && ! empty($token);
}
}
return ! empty($token);
}
/**
* Determine if the provided access token is valid.
*
* @param mixed $accessToken
* @return bool
*/
protected function isValidAccessToken($accessToken): bool
{
if (! $accessToken) {
return false;
}
$isValid =
(! $this->expiration || $accessToken->created_at->gt(now()->subMinutes($this->expiration)))
&& (! $accessToken->expires_at || ! $accessToken->expires_at->isPast())
&& $this->hasValidProvider($accessToken->tokenable);
if (is_callable(Sanctum::$accessTokenAuthenticationCallback)) {
$isValid = (bool) (Sanctum::$accessTokenAuthenticationCallback)($accessToken, $isValid);
}
return $isValid;
}
/**
* Determine if the tokenable model matches the provider's model type.
*
* @param \Illuminate\Database\Eloquent\Model $tokenable
* @return bool
*/
protected function hasValidProvider($tokenable)
{
if (is_null($this->provider)) {
return true;
}
$model = config("auth.providers.{$this->provider}.model");
return $tokenable instanceof $model;
}
}

97
vendor/laravel/sanctum/src/HasApiTokens.php vendored Normal file
View File

@@ -0,0 +1,97 @@
<?php
namespace Laravel\Sanctum;
use DateTimeInterface;
use Illuminate\Support\Str;
trait HasApiTokens
{
/**
* The access token the user is using for the current request.
*
* @var \Laravel\Sanctum\Contracts\HasAbilities
*/
protected $accessToken;
/**
* Get the access tokens that belong to model.
*
* @return \Illuminate\Database\Eloquent\Relations\MorphMany
*/
public function tokens()
{
return $this->morphMany(Sanctum::$personalAccessTokenModel, 'tokenable');
}
/**
* Determine if the current API token has a given scope.
*
* @param string $ability
* @return bool
*/
public function tokenCan(string $ability)
{
return $this->accessToken && $this->accessToken->can($ability);
}
/**
* Create a new personal access token for the user.
*
* @param string $name
* @param array $abilities
* @param \DateTimeInterface|null $expiresAt
* @return \Laravel\Sanctum\NewAccessToken
*/
public function createToken(string $name, array $abilities = ['*'], DateTimeInterface $expiresAt = null)
{
$plainTextToken = $this->generateTokenString();
$token = $this->tokens()->create([
'name' => $name,
'token' => hash('sha256', $plainTextToken),
'abilities' => $abilities,
'expires_at' => $expiresAt,
]);
return new NewAccessToken($token, $token->getKey().'|'.$plainTextToken);
}
/**
* Generate the token string.
*
* @return string
*/
public function generateTokenString()
{
return sprintf(
'%s%s%s',
config('sanctum.token_prefix', ''),
$tokenEntropy = Str::random(40),
hash('crc32b', $tokenEntropy)
);
}
/**
* Get the access token currently associated with the user.
*
* @return \Laravel\Sanctum\Contracts\HasAbilities
*/
public function currentAccessToken()
{
return $this->accessToken;
}
/**
* Set the current access token for the user.
*
* @param \Laravel\Sanctum\Contracts\HasAbilities $accessToken
* @return $this
*/
public function withAccessToken($accessToken)
{
$this->accessToken = $accessToken;
return $this;
}
}

25
vendor/laravel/sanctum/src/Http/Controllers/CsrfCookieController.php vendored Normal file
View File

@@ -0,0 +1,25 @@
<?php
namespace Laravel\Sanctum\Http\Controllers;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
class CsrfCookieController
{
/**
* Return an empty response simply to trigger the storage of the CSRF cookie in the browser.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response|\Illuminate\Http\JsonResponse
*/
public function show(Request $request)
{
if ($request->expectsJson()) {
return new JsonResponse(status: 204);
}
return new Response(status: 204);
}
}

90
vendor/laravel/sanctum/src/Http/Middleware/AuthenticateSession.php vendored Normal file
View File

@@ -0,0 +1,90 @@
<?php
namespace Laravel\Sanctum\Http\Middleware;
use Closure;
use Illuminate\Auth\AuthenticationException;
use Illuminate\Auth\SessionGuard;
use Illuminate\Contracts\Auth\Factory as AuthFactory;
use Illuminate\Http\Request;
use Illuminate\Support\Arr;
use Illuminate\Support\Collection;
use Symfony\Component\HttpFoundation\Response;
class AuthenticateSession
{
/**
* The authentication factory implementation.
*
* @var \Illuminate\Contracts\Auth\Factory
*/
protected $auth;
/**
* Create a new middleware instance.
*
* @param \Illuminate\Contracts\Auth\Factory $auth
* @return void
*/
public function __construct(AuthFactory $auth)
{
$this->auth = $auth;
}
/**
* Handle an incoming request.
*
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
*
* @throws \Illuminate\Auth\AuthenticationException
*/
public function handle(Request $request, Closure $next): Response
{
if (! $request->hasSession() || ! $request->user()) {
return $next($request);
}
$guards = Collection::make(Arr::wrap(config('sanctum.guard')))
->mapWithKeys(fn ($guard) => [$guard => $this->auth->guard($guard)])
->filter(fn ($guard) => $guard instanceof SessionGuard);
$shouldLogout = $guards->filter(
fn ($guard, $driver) => $request->session()->has('password_hash_'.$driver)
)->filter(
fn ($guard, $driver) => $request->session()->get('password_hash_'.$driver) !==
$request->user()->getAuthPassword()
);
if ($shouldLogout->isNotEmpty()) {
$shouldLogout->each->logoutCurrentDevice();
$request->session()->flush();
throw new AuthenticationException('Unauthenticated.', [...$shouldLogout->keys()->all(), 'sanctum']);
}
return tap($next($request), function () use ($request, $guards) {
if (! is_null($request->user())) {
$this->storePasswordHashInSession($request, $guards->keys()->first());
}
});
}
/**
* Store the user's current password hash in the session.
*
* @param \Illuminate\Http\Request $request
* @param string $guard
* @return void
*/
protected function storePasswordHashInSession($request, string $guard)
{
if (! $request->user()) {
return;
}
$request->session()->put([
"password_hash_{$guard}" => $request->user()->getAuthPassword(),
]);
}
}

34
vendor/laravel/sanctum/src/Http/Middleware/CheckAbilities.php vendored Normal file
View File

@@ -0,0 +1,34 @@
<?php
namespace Laravel\Sanctum\Http\Middleware;
use Illuminate\Auth\AuthenticationException;
use Laravel\Sanctum\Exceptions\MissingAbilityException;
class CheckAbilities
{
/**
* Handle the incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param mixed ...$abilities
* @return \Illuminate\Http\Response
*
* @throws \Illuminate\Auth\AuthenticationException|\Laravel\Sanctum\Exceptions\MissingAbilityException
*/
public function handle($request, $next, ...$abilities)
{
if (! $request->user() || ! $request->user()->currentAccessToken()) {
throw new AuthenticationException;
}
foreach ($abilities as $ability) {
if (! $request->user()->tokenCan($ability)) {
throw new MissingAbilityException($ability);
}
}
return $next($request);
}
}

34
vendor/laravel/sanctum/src/Http/Middleware/CheckForAnyAbility.php vendored Normal file
View File

@@ -0,0 +1,34 @@
<?php
namespace Laravel\Sanctum\Http\Middleware;
use Illuminate\Auth\AuthenticationException;
use Laravel\Sanctum\Exceptions\MissingAbilityException;
class CheckForAnyAbility
{
/**
* Handle the incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param mixed ...$abilities
* @return \Illuminate\Http\Response
*
* @throws \Illuminate\Auth\AuthenticationException|\Laravel\Sanctum\Exceptions\MissingAbilityException
*/
public function handle($request, $next, ...$abilities)
{
if (! $request->user() || ! $request->user()->currentAccessToken()) {
throw new AuthenticationException;
}
foreach ($abilities as $ability) {
if ($request->user()->tokenCan($ability)) {
return $next($request);
}
}
throw new MissingAbilityException($abilities);
}
}

31
vendor/laravel/sanctum/src/Http/Middleware/CheckForAnyScope.php vendored Normal file
View File

@@ -0,0 +1,31 @@
<?php
namespace Laravel\Sanctum\Http\Middleware;
use Laravel\Sanctum\Exceptions\MissingScopeException;
/**
* @deprecated
* @see \Laravel\Sanctum\Http\Middleware\CheckForAnyAbility
*/
class CheckForAnyScope
{
/**
* Handle the incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param mixed ...$scopes
* @return \Illuminate\Http\Response
*
* @throws \Illuminate\Auth\AuthenticationException|\Laravel\Sanctum\Exceptions\MissingScopeException
*/
public function handle($request, $next, ...$scopes)
{
try {
return (new CheckForAnyAbility())->handle($request, $next, ...$scopes);
} catch (\Laravel\Sanctum\Exceptions\MissingAbilityException $e) {
throw new MissingScopeException($e->abilities());
}
}
}

31
vendor/laravel/sanctum/src/Http/Middleware/CheckScopes.php vendored Normal file
View File

@@ -0,0 +1,31 @@
<?php
namespace Laravel\Sanctum\Http\Middleware;
use Laravel\Sanctum\Exceptions\MissingScopeException;
/**
* @deprecated
* @see \Laravel\Sanctum\Http\Middleware\CheckAbilities
*/
class CheckScopes
{
/**
* Handle the incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param mixed ...$scopes
* @return \Illuminate\Http\Response
*
* @throws \Illuminate\Auth\AuthenticationException|\Laravel\Sanctum\Exceptions\MissingScopeException
*/
public function handle($request, $next, ...$scopes)
{
try {
return (new CheckAbilities())->handle($request, $next, ...$scopes);
} catch (\Laravel\Sanctum\Exceptions\MissingAbilityException $e) {
throw new MissingScopeException($e->abilities());
}
}
}

91
vendor/laravel/sanctum/src/Http/Middleware/EnsureFrontendRequestsAreStateful.php vendored Normal file
View File

@@ -0,0 +1,91 @@
<?php
namespace Laravel\Sanctum\Http\Middleware;
use Illuminate\Routing\Pipeline;
use Illuminate\Support\Collection;
use Illuminate\Support\Str;
class EnsureFrontendRequestsAreStateful
{
/**
* Handle the incoming requests.
*
* @param \Illuminate\Http\Request $request
* @param callable $next
* @return \Illuminate\Http\Response
*/
public function handle($request, $next)
{
$this->configureSecureCookieSessions();
return (new Pipeline(app()))->send($request)->through(
static::fromFrontend($request) ? $this->frontendMiddleware() : []
)->then(function ($request) use ($next) {
return $next($request);
});
}
/**
* Configure secure cookie sessions.
*
* @return void
*/
protected function configureSecureCookieSessions()
{
config([
'session.http_only' => true,
'session.same_site' => 'lax',
]);
}
/**
* Get the middleware that should be applied to requests from the "frontend".
*
* @return array
*/
protected function frontendMiddleware()
{
$middleware = array_values(array_filter(array_unique([
config('sanctum.middleware.encrypt_cookies', \Illuminate\Cookie\Middleware\EncryptCookies::class),
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
config('sanctum.middleware.validate_csrf_token'),
config('sanctum.middleware.verify_csrf_token', \Illuminate\Foundation\Http\Middleware\VerifyCsrfToken::class),
config('sanctum.middleware.authenticate_session'),
])));
array_unshift($middleware, function ($request, $next) {
$request->attributes->set('sanctum', true);
return $next($request);
});
return $middleware;
}
/**
* Determine if the given request is from the first-party application frontend.
*
* @param \Illuminate\Http\Request $request
* @return bool
*/
public static function fromFrontend($request)
{
$domain = $request->headers->get('referer') ?: $request->headers->get('origin');
if (is_null($domain)) {
return false;
}
$domain = Str::replaceFirst('https://', '', $domain);
$domain = Str::replaceFirst('http://', '', $domain);
$domain = Str::endsWith($domain, '/') ? $domain : "{$domain}/";
$stateful = array_filter(config('sanctum.stateful', []));
return Str::is(Collection::make($stateful)->map(function ($uri) {
return trim($uri).'/*';
})->all(), $domain);
}
}

60
vendor/laravel/sanctum/src/NewAccessToken.php vendored Normal file
View File

@@ -0,0 +1,60 @@
<?php
namespace Laravel\Sanctum;
use Illuminate\Contracts\Support\Arrayable;
use Illuminate\Contracts\Support\Jsonable;
class NewAccessToken implements Arrayable, Jsonable
{
/**
* The access token instance.
*
* @var \Laravel\Sanctum\PersonalAccessToken
*/
public $accessToken;
/**
* The plain text version of the token.
*
* @var string
*/
public $plainTextToken;
/**
* Create a new access token result.
*
* @param \Laravel\Sanctum\PersonalAccessToken $accessToken
* @param string $plainTextToken
* @return void
*/
public function __construct(PersonalAccessToken $accessToken, string $plainTextToken)
{
$this->accessToken = $accessToken;
$this->plainTextToken = $plainTextToken;
}
/**
* Get the instance as an array.
*
* @return array
*/
public function toArray()
{
return [
'accessToken' => $this->accessToken,
'plainTextToken' => $this->plainTextToken,
];
}
/**
* Convert the object to its JSON representation.
*
* @param int $options
* @return string
*/
public function toJson($options = 0)
{
return json_encode($this->toArray(), $options);
}
}

93
vendor/laravel/sanctum/src/PersonalAccessToken.php vendored Normal file
View File

@@ -0,0 +1,93 @@
<?php
namespace Laravel\Sanctum;
use Illuminate\Database\Eloquent\Model;
use Laravel\Sanctum\Contracts\HasAbilities;
class PersonalAccessToken extends Model implements HasAbilities
{
/**
* The attributes that should be cast to native types.
*
* @var array
*/
protected $casts = [
'abilities' => 'json',
'last_used_at' => 'datetime',
'expires_at' => 'datetime',
];
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name',
'token',
'abilities',
'expires_at',
];
/**
* The attributes that should be hidden for serialization.
*
* @var array
*/
protected $hidden = [
'token',
];
/**
* Get the tokenable model that the access token belongs to.
*
* @return \Illuminate\Database\Eloquent\Relations\MorphTo
*/
public function tokenable()
{
return $this->morphTo('tokenable');
}
/**
* Find the token instance matching the given token.
*
* @param string $token
* @return static|null
*/
public static function findToken($token)
{
if (strpos($token, '|') === false) {
return static::where('token', hash('sha256', $token))->first();
}
[$id, $token] = explode('|', $token, 2);
if ($instance = static::find($id)) {
return hash_equals($instance->token, hash('sha256', $token)) ? $instance : null;
}
}
/**
* Determine if the token has a given ability.
*
* @param string $ability
* @return bool
*/
public function can($ability)
{
return in_array('*', $this->abilities) ||
array_key_exists($ability, array_flip($this->abilities));
}
/**
* Determine if the token is missing a given ability.
*
* @param string $ability
* @return bool
*/
public function cant($ability)
{
return ! $this->can($ability);
}
}

146
vendor/laravel/sanctum/src/Sanctum.php vendored Normal file
View File

@@ -0,0 +1,146 @@
<?php
namespace Laravel\Sanctum;
use Mockery;
class Sanctum
{
/**
* The personal access client model class name.
*
* @var string
*/
public static $personalAccessTokenModel = 'Laravel\\Sanctum\\PersonalAccessToken';
/**
* A callback that can get the token from the request.
*
* @var callable|null
*/
public static $accessTokenRetrievalCallback;
/**
* A callback that can add to the validation of the access token.
*
* @var callable|null
*/
public static $accessTokenAuthenticationCallback;
/**
* Indicates if Sanctum's migrations will be run.
*
* @var bool
*/
public static $runsMigrations = true;
/**
* Get the current application URL from the "APP_URL" environment variable - with port.
*
* @return string
*/
public static function currentApplicationUrlWithPort()
{
$appUrl = config('app.url');
return $appUrl ? ','.parse_url($appUrl, PHP_URL_HOST).(parse_url($appUrl, PHP_URL_PORT) ? ':'.parse_url($appUrl, PHP_URL_PORT) : '') : '';
}
/**
* Set the current user for the application with the given abilities.
*
* @param \Illuminate\Contracts\Auth\Authenticatable|\Laravel\Sanctum\HasApiTokens $user
* @param array $abilities
* @param string $guard
* @return \Illuminate\Contracts\Auth\Authenticatable
*/
public static function actingAs($user, $abilities = [], $guard = 'sanctum')
{
$token = Mockery::mock(self::personalAccessTokenModel())->shouldIgnoreMissing(false);
if (in_array('*', $abilities)) {
$token->shouldReceive('can')->withAnyArgs()->andReturn(true);
} else {
foreach ($abilities as $ability) {
$token->shouldReceive('can')->with($ability)->andReturn(true);
}
}
$user->withAccessToken($token);
if (isset($user->wasRecentlyCreated) && $user->wasRecentlyCreated) {
$user->wasRecentlyCreated = false;
}
app('auth')->guard($guard)->setUser($user);
app('auth')->shouldUse($guard);
return $user;
}
/**
* Set the personal access token model name.
*
* @param string $model
* @return void
*/
public static function usePersonalAccessTokenModel($model)
{
static::$personalAccessTokenModel = $model;
}
/**
* Specify a callback that should be used to fetch the access token from the request.
*
* @param callable|null $callback
* @return void
*/
public static function getAccessTokenFromRequestUsing(?callable $callback)
{
static::$accessTokenRetrievalCallback = $callback;
}
/**
* Specify a callback that should be used to authenticate access tokens.
*
* @param callable $callback
* @return void
*/
public static function authenticateAccessTokensUsing(callable $callback)
{
static::$accessTokenAuthenticationCallback = $callback;
}
/**
* Determine if Sanctum's migrations should be run.
*
* @return bool
*/
public static function shouldRunMigrations()
{
return static::$runsMigrations;
}
/**
* Configure Sanctum to not register its migrations.
*
* @return static
*/
public static function ignoreMigrations()
{
static::$runsMigrations = false;
return new static;
}
/**
* Get the token model class name.
*
* @return string
*/
public static function personalAccessTokenModel()
{
return static::$personalAccessTokenModel;
}
}

137
vendor/laravel/sanctum/src/SanctumServiceProvider.php vendored Normal file
View File

@@ -0,0 +1,137 @@
<?php
namespace Laravel\Sanctum;
use Illuminate\Auth\RequestGuard;
use Illuminate\Contracts\Http\Kernel;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Route;
use Illuminate\Support\ServiceProvider;
use Laravel\Sanctum\Console\Commands\PruneExpired;
use Laravel\Sanctum\Http\Controllers\CsrfCookieController;
use Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful;
class SanctumServiceProvider extends ServiceProvider
{
/**
* Register any application services.
*
* @return void
*/
public function register()
{
config([
'auth.guards.sanctum' => array_merge([
'driver' => 'sanctum',
'provider' => null,
], config('auth.guards.sanctum', [])),
]);
if (! app()->configurationIsCached()) {
$this->mergeConfigFrom(__DIR__.'/../config/sanctum.php', 'sanctum');
}
}
/**
* Bootstrap any application services.
*
* @return void
*/
public function boot()
{
if (app()->runningInConsole()) {
$this->registerMigrations();
$this->publishes([
__DIR__.'/../database/migrations' => database_path('migrations'),
], 'sanctum-migrations');
$this->publishes([
__DIR__.'/../config/sanctum.php' => config_path('sanctum.php'),
], 'sanctum-config');
$this->commands([
PruneExpired::class,
]);
}
$this->defineRoutes();
$this->configureGuard();
$this->configureMiddleware();
}
/**
* Register Sanctum's migration files.
*
* @return void
*/
protected function registerMigrations()
{
if (Sanctum::shouldRunMigrations()) {
return $this->loadMigrationsFrom(__DIR__.'/../database/migrations');
}
}
/**
* Define the Sanctum routes.
*
* @return void
*/
protected function defineRoutes()
{
if (app()->routesAreCached() || config('sanctum.routes') === false) {
return;
}
Route::group(['prefix' => config('sanctum.prefix', 'sanctum')], function () {
Route::get(
'/csrf-cookie',
CsrfCookieController::class.'@show'
)->middleware('web')->name('sanctum.csrf-cookie');
});
}
/**
* Configure the Sanctum authentication guard.
*
* @return void
*/
protected function configureGuard()
{
Auth::resolved(function ($auth) {
$auth->extend('sanctum', function ($app, $name, array $config) use ($auth) {
return tap($this->createGuard($auth, $config), function ($guard) {
app()->refresh('request', $guard, 'setRequest');
});
});
});
}
/**
* Register the guard.
*
* @param \Illuminate\Contracts\Auth\Factory $auth
* @param array $config
* @return RequestGuard
*/
protected function createGuard($auth, $config)
{
return new RequestGuard(
new Guard($auth, config('sanctum.expiration'), $config['provider']),
request(),
$auth->createUserProvider($config['provider'] ?? null)
);
}
/**
* Configure the Sanctum middleware and priority.
*
* @return void
*/
protected function configureMiddleware()
{
$kernel = app()->make(Kernel::class);
$kernel->prependToMiddlewarePriority(EnsureFrontendRequestsAreStateful::class);
}
}

30
vendor/laravel/sanctum/src/TransientToken.php vendored Normal file
View File

@@ -0,0 +1,30 @@
<?php
namespace Laravel\Sanctum;
use Laravel\Sanctum\Contracts\HasAbilities;
class TransientToken implements HasAbilities
{
/**
* Determine if the token has a given ability.
*
* @param string $ability
* @return bool
*/
public function can($ability)
{
return true;
}
/**
* Determine if the token is missing a given ability.
*
* @param string $ability
* @return bool
*/
public function cant($ability)
{
return false;
}
}

2
vendor/laravel/sanctum/testbench.yaml vendored Normal file
View File

@@ -0,0 +1,2 @@
providers:
- Laravel\Sanctum\SanctumServiceProvider