Commit: https://github.com/laravel/passport/commit/97e3026790d953d7a67fe487e30775cd995e93df
The minimum Laravel version is now v6.0 and the minimum PHP version is now 7.2. The underlying league/oauth2-server has also been updated to v8.
PR: laravel#1065
Passport now supports public clients and PCKE. To leverage this feature, you should update the the secret column of the oauth_clients table to be nullable:
Schema::table('oauth_clients', function (Blueprint $table) {
$table->string('secret', 100)->nullable()->change();
});
PR: laravel#1066
OAuth exceptions can now be rendered. They will first be converted to Passport exceptions. If you are explicitly handling League\OAuth2\Server\Exception\OAuthServerException in your exception handler's report method you will now need to check for an instance of Laravel\Passport\Exceptions\OAuthServerException instead.
PR: laravel#1040
In the previous versions of Passport, you could pass tokens granted by a different client type to the CheckClientCredential and CheckClientCredentialForAnyScope middleware. This behavior has been corrected and an exception will be thrown if you attempt to pass a token generated by a different client type.