[9.x] Client credentials middleware should allow any valid client (#1125)

src/Http/Middleware/CheckClientCredentials.php

@@ -16,7 +16,7 @@ class CheckClientCredentials extends CheckCredentials
      */
     protected function validateCredentials($token)
     {
-        if (! $token || $token->client->firstParty()) {
+        if (! $token) {
             throw new AuthenticationException;
         }
     }

src/Http/Middleware/CheckClientCredentialsForAnyScope.php

@@ -16,7 +16,7 @@ class CheckClientCredentialsForAnyScope extends CheckCredentials
      */
     protected function validateCredentials($token)
     {
-        if (! $token || $token->client->firstParty()) {
+        if (! $token) {
             throw new AuthenticationException;
         }
     }

tests/CheckClientCredentialsForAnyScopeTest.php

@@ -137,35 +137,4 @@ public function test_exception_is_thrown_if_token_does_not_have_required_scope()
             return 'response';
         }, 'baz', 'notbar');
     }
-
-    /**
-     * @expectedException \Illuminate\Auth\AuthenticationException
-     */
-    public function test_exception_is_thrown_if_token_belongs_to_first_party_client()
-    {
-        $resourceServer = m::mock(ResourceServer::class);
-        $resourceServer->shouldReceive('validateAuthenticatedRequest')->andReturn($psr = m::mock());
-        $psr->shouldReceive('getAttribute')->with('oauth_user_id')->andReturn(1);
-        $psr->shouldReceive('getAttribute')->with('oauth_client_id')->andReturn(1);
-        $psr->shouldReceive('getAttribute')->with('oauth_access_token_id')->andReturn('token');
-        $psr->shouldReceive('getAttribute')->with('oauth_scopes')->andReturn(['*']);
-
-        $client = m::mock(Client::class);
-        $client->shouldReceive('firstParty')->andReturnTrue();
-
-        $token = m::mock(Token::class);
-        $token->shouldReceive('getAttribute')->with('client')->andReturn($client);
-
-        $tokenRepository = m::mock(TokenRepository::class);
-        $tokenRepository->shouldReceive('find')->with('token')->andReturn($token);
-
-        $middleware = new CheckClientCredentialsForAnyScope($resourceServer, $tokenRepository);
-
-        $request = Request::create('/');
-        $request->headers->set('Authorization', 'Bearer token');
-
-        $response = $middleware->handle($request, function () {
-            return 'response';
-        });
-    }
 }

tests/CheckClientCredentialsTest.php

@@ -136,35 +136,4 @@ public function test_exception_is_thrown_if_token_does_not_have_required_scopes(
             return 'response';
         }, 'foo', 'bar');
     }
-
-    /**
-     * @expectedException \Illuminate\Auth\AuthenticationException
-     */
-    public function test_exception_is_thrown_if_token_belongs_to_first_party_client()
-    {
-        $resourceServer = m::mock(ResourceServer::class);
-        $resourceServer->shouldReceive('validateAuthenticatedRequest')->andReturn($psr = m::mock());
-        $psr->shouldReceive('getAttribute')->with('oauth_user_id')->andReturn(1);
-        $psr->shouldReceive('getAttribute')->with('oauth_client_id')->andReturn(1);
-        $psr->shouldReceive('getAttribute')->with('oauth_access_token_id')->andReturn('token');
-        $psr->shouldReceive('getAttribute')->with('oauth_scopes')->andReturn(['*']);
-
-        $client = m::mock(Client::class);
-        $client->shouldReceive('firstParty')->andReturnTrue();
-
-        $token = m::mock(Token::class);
-        $token->shouldReceive('getAttribute')->with('client')->andReturn($client);
-
-        $tokenRepository = m::mock(TokenRepository::class);
-        $tokenRepository->shouldReceive('find')->with('token')->andReturn($token);
-
-        $middleware = new CheckClientCredentials($resourceServer, $tokenRepository);
-
-        $request = Request::create('/');
-        $request->headers->set('Authorization', 'Bearer token');
-
-        $response = $middleware->handle($request, function () {
-            return 'response';
-        });
-    }
 }