formatting

Author: taylorotwell

CHANGELOG.md

@@ -1,9 +1,11 @@
 # Release Notes
 
 ## [Unreleased](https://github.com/laravel/sanctum/compare/v2.10.0...2.x)
+
 ### Added
 - `Sanctum::$validateCallback` callback for more granular control over access token validation ([#275](https://github.com/laravel/sanctum/pull/275))
 
+
 ## [v2.10.0 (2021-04-20)](https://github.com/laravel/sanctum/compare/v2.9.4...v2.10.0)
 
 ### Added

src/Guard.php

@@ -89,42 +89,42 @@ protected function supportsTokens($tokenable = null)
     }
 
     /**
-     * Determine if the tokenable model matches the provider's model type.
+     * Determine if the provided access token is valid.
      *
-     * @param  \Illuminate\Database\Eloquent\Model  $tokenable
+     * @param  mixed  $accessToken
      * @return bool
      */
-    protected function hasValidProvider($tokenable)
+    protected function isValidAccessToken($accessToken): bool
     {
-        if (is_null($this->provider)) {
-            return true;
+        if (! $accessToken) {
+            return false;
         }
 
-        $model = config("auth.providers.{$this->provider}.model");
+        $isValid =
+            (! $this->expiration || $accessToken->created_at->gt(now()->subMinutes($this->expiration)))
+            && $this->hasValidProvider($accessToken->tokenable);
 
-        return $tokenable instanceof $model;
+        if ($isValid && is_callable(Sanctum::$accessTokenAuthenticationCallback)) {
+            $isValid = (bool) (Sanctum::$accessTokenAuthenticationCallback)($accessToken);
+        }
+
+        return $isValid;
     }
 
     /**
-     * Determine if the provided access token is valid.
+     * Determine if the tokenable model matches the provider's model type.
      *
-     * @param mixed $accessToken
+     * @param  \Illuminate\Database\Eloquent\Model  $tokenable
      * @return bool
      */
-    protected function isValidAccessToken($accessToken): bool
+    protected function hasValidProvider($tokenable)
     {
-        if (! $accessToken) {
-            return false;
+        if (is_null($this->provider)) {
+            return true;
         }
 
-        $is_valid =
-            (! $this->expiration || $accessToken->created_at->gt(now()->subMinutes($this->expiration)))
-            && $this->hasValidProvider($accessToken->tokenable);
-
-        if (is_callable(Sanctum::$validateCallback)) {
-            $is_valid = (bool) (Sanctum::$validateCallback)($accessToken, $is_valid);
-        }
+        $model = config("auth.providers.{$this->provider}.model");
 
-        return $is_valid;
+        return $tokenable instanceof $model;
     }
 }

src/Sanctum.php

@@ -14,21 +14,18 @@ class Sanctum
     public static $personalAccessTokenModel = 'Laravel\\Sanctum\\PersonalAccessToken';
 
     /**
-     * Indicates if Sanctum's migrations will be run.
+     * A callback that can add to the validation of the access token.
      *
-     * @var bool
+     * @var callable|null
      */
-    public static $runsMigrations = true;
+    public static $accessTokenAuthenticationCallback;
 
     /**
-     * A callback that can add to the validation of the access token.
-     * Receives 2 parameters:
-     * - (object) The provided access token model.
-     * - (bool) Whether the guard deemed the access token valid.
+     * Indicates if Sanctum's migrations will be run.
      *
-     * @var callable|null
+     * @var bool
      */
-    public static $validateCallback;
+    public static $runsMigrations = true;
 
     /**
      * Set the current user for the application with the given abilities.
@@ -74,6 +71,17 @@ public static function usePersonalAccessTokenModel($model)
         static::$personalAccessTokenModel = $model;
     }
 
+    /**
+     * Specify a callback that should be used to authenticate access tokens.
+     *
+     * @param  callable  $callback
+     * @return void
+     */
+    public static function authenticateAccessTokensUsing(callable $callback)
+    {
+        static::$accessTokenAuthenticationCallback = $callback;
+    }
+
     /**
      * Determine if Sanctum's migrations should be run.
      *

tests/GuardTest.php

@@ -259,12 +259,11 @@ public function test_authentication_fails_if_callback_returns_false()
             'token' => hash('sha256', 'test'),
         ]);
 
-        Sanctum::$validateCallback = function ($accessToken, bool $is_valid) {
+        Sanctum::authenticateAccessTokensUsing(function ($accessToken) {
             $this->assertInstanceOf(PersonalAccessToken::class, $accessToken);
-            $this->assertTrue($is_valid);
 
             return false;
-        };
+        });
 
         $user = $requestGuard->setRequest($request)->user();
         $this->assertNull($user);