[8.0] Use a renderable exception for OAuth errors

[matt-allan]

This PR updates the Passport controllers to use a renderable exception instead of middleware for rendering OAuth errors.

Originally Passport handled exception reporting and rendering itself, but developers wanted to be able to control the rendering so the behavior was moved to middleware in #937.

The problem with using middleware is the pipeline catches exceptions before they reach middleware (#1062).

The only reason Passport needed to handle exceptions in the first place was to convert the League exception's PSR response to something Laravel can render, so this PR wraps the League exception in a renderable Passport exception.

If the user wants to change how the exception is rendered they can do that in their application's exception handler.

I don't see any reason that Passport needs to override 500 error rendering so these fall through to the application's normal rendering.

Upgrading:

If you are explicitly handling League\OAuth2\Server\Exception\OAuthServerException in your exception handler's report method you will need to check for an instance of Laravel\Passport\Exceptions\OAuthServerException instead.

If for some reason your OAuth client's are relying on 500 errors returning the string Error. in the response you will need to override the rendering for /oauth/authorize and /oauth/token, i.e.

public function render($request, Exception $e)
{
	if ($request->is('/oauth/authorize', '/oauth/token')) {
		return response('Error.', 500);
	}
}

[driesvints]

Also rebase once to resolve the conflicts.

[matt-allan]

Hey @driesvints, thanks for the review. I made the requested changes and rebased.

[driesvints]

Heya, just some DocBlocks and we're good.

[matt-allan]

@driesvints thanks, I added the docblocks and squashed.

[driesvints]

@matt-allan I'm going to re-open this if that's okay because we'll need this for the next release. Planning to work on Passport 8 in September so I'll take a look at this then.

[matt-allan]

Sure, no problem.

[swh-cgm]

@driesvints I am using passport 11.10.5. Can I still catch and render Passport's Laravel\Passport\Exceptions\OAuthServerException from Handler.php?
I want to make a JSON response if the access token is expired. But I can only catch League\OAuth2\Server\Exception\OAuthServerException only on reportable function in Handler.php.

[biodunbamigboye]

I faced this same issue today, and came out with a very simple though not syntactically elegant solution, but it works like magic
Note that my project is running on laravel 8 and might not be able to benefit from most recent fixes

Inside Handler.php add League\OAuth2\Server\Exception\OAuthServerException to $dontReport array then in render method, based on the message Log a custom error
`
use League\OAuth2\Server\Exception\OAuthServerException;

protected $dontReport = [
    OAuthServerException::class
];

public function render($request, Throwable $exception)
 {
      if ($exception->getMessage() === 'Unauthenticated.') {
        Log::error('error message, it could be json encoded array, string, or any thing you desire'));
        }
 }

`