Upgrade framework

2023-11-14 16:54:35 +01:00
parent 1648a5cd42
commit 4fcf6fffcc
10548 changed files with 693138 additions and 466698 deletions
--- a/vendor/laravel/sanctum/src/Http/Controllers/CsrfCookieController.php
+++ b/vendor/laravel/sanctum/src/Http/Controllers/CsrfCookieController.php
@@ -0,0 +1,25 @@
+<?php
+
+namespace Laravel\Sanctum\Http\Controllers;
+
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+
+class CsrfCookieController
+{
+    /**
+     * Return an empty response simply to trigger the storage of the CSRF cookie in the browser.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function show(Request $request)
+    {
+        if ($request->expectsJson()) {
+            return new JsonResponse(null, 204);
+        }
+
+        return new Response('', 204);
+    }
+}
--- a/vendor/laravel/sanctum/src/Http/Middleware/CheckAbilities.php
+++ b/vendor/laravel/sanctum/src/Http/Middleware/CheckAbilities.php
@@ -0,0 +1,34 @@
+<?php
+
+namespace Laravel\Sanctum\Http\Middleware;
+
+use Illuminate\Auth\AuthenticationException;
+use Laravel\Sanctum\Exceptions\MissingAbilityException;
+
+class CheckAbilities
+{
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @param  mixed  ...$abilities
+     * @return \Illuminate\Http\Response
+     *
+     * @throws \Illuminate\Auth\AuthenticationException|\Laravel\Sanctum\Exceptions\MissingAbilityException
+     */
+    public function handle($request, $next, ...$abilities)
+    {
+        if (! $request->user() || ! $request->user()->currentAccessToken()) {
+            throw new AuthenticationException;
+        }
+
+        foreach ($abilities as $ability) {
+            if (! $request->user()->tokenCan($ability)) {
+                throw new MissingAbilityException($ability);
+            }
+        }
+
+        return $next($request);
+    }
+}
--- a/vendor/laravel/sanctum/src/Http/Middleware/CheckForAnyAbility.php
+++ b/vendor/laravel/sanctum/src/Http/Middleware/CheckForAnyAbility.php
@@ -0,0 +1,34 @@
+<?php
+
+namespace Laravel\Sanctum\Http\Middleware;
+
+use Illuminate\Auth\AuthenticationException;
+use Laravel\Sanctum\Exceptions\MissingAbilityException;
+
+class CheckForAnyAbility
+{
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @param  mixed  ...$abilities
+     * @return \Illuminate\Http\Response
+     *
+     * @throws \Illuminate\Auth\AuthenticationException|\Laravel\Sanctum\Exceptions\MissingAbilityException
+     */
+    public function handle($request, $next, ...$abilities)
+    {
+        if (! $request->user() || ! $request->user()->currentAccessToken()) {
+            throw new AuthenticationException;
+        }
+
+        foreach ($abilities as $ability) {
+            if ($request->user()->tokenCan($ability)) {
+                return $next($request);
+            }
+        }
+
+        throw new MissingAbilityException($abilities);
+    }
+}
--- a/vendor/laravel/sanctum/src/Http/Middleware/CheckForAnyScope.php
+++ b/vendor/laravel/sanctum/src/Http/Middleware/CheckForAnyScope.php
@@ -0,0 +1,31 @@
+<?php
+
+namespace Laravel\Sanctum\Http\Middleware;
+
+use Laravel\Sanctum\Exceptions\MissingScopeException;
+
+/**
+ * @deprecated
+ * @see \Laravel\Sanctum\Http\Middleware\CheckForAnyAbility
+ */
+class CheckForAnyScope
+{
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @param  mixed  ...$scopes
+     * @return \Illuminate\Http\Response
+     *
+     * @throws \Illuminate\Auth\AuthenticationException|\Laravel\Sanctum\Exceptions\MissingScopeException
+     */
+    public function handle($request, $next, ...$scopes)
+    {
+        try {
+            return (new CheckForAnyAbility())->handle($request, $next, ...$scopes);
+        } catch (\Laravel\Sanctum\Exceptions\MissingAbilityException $e) {
+            throw new MissingScopeException($e->abilities());
+        }
+    }
+}
--- a/vendor/laravel/sanctum/src/Http/Middleware/CheckScopes.php
+++ b/vendor/laravel/sanctum/src/Http/Middleware/CheckScopes.php
@@ -0,0 +1,31 @@
+<?php
+
+namespace Laravel\Sanctum\Http\Middleware;
+
+use Laravel\Sanctum\Exceptions\MissingScopeException;
+
+/**
+ * @deprecated
+ * @see \Laravel\Sanctum\Http\Middleware\CheckAbilities
+ */
+class CheckScopes
+{
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @param  mixed  ...$scopes
+     * @return \Illuminate\Http\Response
+     *
+     * @throws \Illuminate\Auth\AuthenticationException|\Laravel\Sanctum\Exceptions\MissingScopeException
+     */
+    public function handle($request, $next, ...$scopes)
+    {
+        try {
+            return (new CheckAbilities())->handle($request, $next, ...$scopes);
+        } catch (\Laravel\Sanctum\Exceptions\MissingAbilityException $e) {
+            throw new MissingScopeException($e->abilities());
+        }
+    }
+}
--- a/vendor/laravel/sanctum/src/Http/Middleware/EnsureFrontendRequestsAreStateful.php
+++ b/vendor/laravel/sanctum/src/Http/Middleware/EnsureFrontendRequestsAreStateful.php
@@ -0,0 +1,74 @@
+<?php
+
+namespace Laravel\Sanctum\Http\Middleware;
+
+use Illuminate\Routing\Pipeline;
+use Illuminate\Support\Collection;
+use Illuminate\Support\Str;
+
+class EnsureFrontendRequestsAreStateful
+{
+    /**
+     * Handle the incoming requests.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  callable  $next
+     * @return \Illuminate\Http\Response
+     */
+    public function handle($request, $next)
+    {
+        $this->configureSecureCookieSessions();
+
+        return (new Pipeline(app()))->send($request)->through(static::fromFrontend($request) ? [
+            function ($request, $next) {
+                $request->attributes->set('sanctum', true);
+
+                return $next($request);
+            },
+            config('sanctum.middleware.encrypt_cookies', \Illuminate\Cookie\Middleware\EncryptCookies::class),
+            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
+            \Illuminate\Session\Middleware\StartSession::class,
+            config('sanctum.middleware.verify_csrf_token', \Illuminate\Foundation\Http\Middleware\VerifyCsrfToken::class),
+        ] : [])->then(function ($request) use ($next) {
+            return $next($request);
+        });
+    }
+
+    /**
+     * Configure secure cookie sessions.
+     *
+     * @return void
+     */
+    protected function configureSecureCookieSessions()
+    {
+        config([
+            'session.http_only' => true,
+            'session.same_site' => 'lax',
+        ]);
+    }
+
+    /**
+     * Determine if the given request is from the first-party application frontend.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return bool
+     */
+    public static function fromFrontend($request)
+    {
+        $domain = $request->headers->get('referer') ?: $request->headers->get('origin');
+
+        if (is_null($domain)) {
+            return false;
+        }
+
+        $domain = Str::replaceFirst('https://', '', $domain);
+        $domain = Str::replaceFirst('http://', '', $domain);
+        $domain = Str::endsWith($domain, '/') ? $domain : "{$domain}/";
+
+        $stateful = array_filter(config('sanctum.stateful', []));
+
+        return Str::is(Collection::make($stateful)->map(function ($uri) {
+            return trim($uri).'/*';
+        })->all(), $domain);
+    }
+}