i try to test oauth on passport using laravel 8 but it gave me this error:
{
"error": "invalid_client",
"error_description": "Client authentication failed",
"message": "Client authentication failed"
}
this is screen shot of passport
So, if you are working with Passport, make sure you have followed the steps mentioned in the documentation. Looks like you have missed the publishing of the keys from passport config php artisan vendor:publish --tag=passport-config. Once again if it is a fresh installation, you just need to follow the steps mentioned in the documentation to setup Passport and it works like a charm!
I was also facing the same error in one of my project on which I was working on, and just by googling I came to this post. I also tried the proposed answer but it wasn't work for me so I gone through with given parameters. My use case was a bit different in which I was on password authorized screen and facing the same error as you have. I was just passing the data in query string. So I just matched my query string data with the one I have in the database and my issue is resolved now. Try this in your case as well and hoping your issue will also fixed. This error is less or more depending upon the posted data.
Related
Im trying to install passport on my Laravel 9 project, but I get that error
Could not fetch https://gitlab.com/api/v4/projects/stella-maris%2Fclock/repository/archive.zip?sha=8a0a967896df4c63417385dc69328a0aec84d9cf, enter your gitlab.com credentials to go over the API rate limit I tryed to access this url but is blocked for me. How can I solve it.
This policy has been active at Github a long time regrettably. It is documented here and you can see your current status at https://api.github.com/rate_limit in the core section
Also see https://developer.github.com/v3/#rate-limiting:
There is nothing Composer can do to circumvent that, hence why it throws the verbose error:
Create a GitHub OAuth token to go over the API rate limit
You can do this at https://github.com/settings/tokens, and it needs to be done only once per installation as Composer remembers the token for subsequent requests.
Thanks, I solve it by connecting myself through a proxy server.
I'm getting really frustrated with the new Instagram API, what I need to do is just get things like pictures, comments, and likes from my Instagram feed. I'm following all the steps that they mention over here https://developers.facebook.com/docs/instagram-basic-display-api/guides/getting-access-tokens-and-permissions, but I'm still not able to get the final access token I need in order to interact with the API. After getting a lot of different errors now I'm stuck with:
{"error_type": "OAuthException", "code": 400, "error_message": "Error validating verification code. Please make sure your redirect_uri is identical to the one you used in the OAuth dialog request"}
I have verified everything in my Facebook developer setup and everything is ok, the OAuth URL is identical to the one I'm using in the curl command in order to return the access_token and all the setups seem fine. I have noticed that a lot of people are having the same problems but I can't find something that works for me.
This is the way I'm trying to retrieve the access_token:
curl -X POST https://api.instagram.com/oauth/access_token -F client_id=[client_id] -F client_secret=[code] -F grant_type=authorization_code -F redirect_uri=[url] -F code=AQDJxpW5h4r..
I have read that people are using postman and apparently it works over there but I don't know how to use it, any help will be really appreciated.
Upgrade on this, I was finally able to get the access_token via Postman and when I'm trying to use it now I got this error:
{"meta": {"code": 400, "error_type": "OAuthAccessTokenException", "error_message": "The access_token provided is invalid."}}
This is really disappointing, everything was working just fine before this API change. Any ideas?
Just review of the following in your checklist again:
APP_ID and APP_SECRET of "Instagram APP", which is a product added in the Facebook App.
Access Code once submitted in POST request using CURL or Postman, will become invalid for the next request.
The Website Platform is added in "Facebook App".
Test Instagram Users are added and are not pending.
Lastly, Authenticate using the Instagram Test User Profile.
I had the same issue, and actually lost some time solving it.
In my case I only made the configuration in Instagram Product but didn't change the configuration in the login by facebook product.
In summary, you should have in your app in Facebook developers, two products, one Login by Facebook and the other one Instagram. Both must have the same redirect URL.
Hope this helps.
I've gone through the entire page of documentation and as far as I can tell I have everything set up exactly as the documentation states. However, when I attempt to make a GET request to /api/users it always returns a 401 Unauthorized.
If I inspect the request, I see that the laravel_token is indeed being passed along with the request, as well as CSRF.
At this point, I'm not really sure why it's always failing to authenticate, but it's pretty frustrating and I'm sure it's something minor that I'm overlooking somehow.
I'm using Laravel 5.7.5.
Configuration steps done:
Ran php artisan passport:install
Added trait to User model
Added Passport::routes() to AuthServiceProvider::boot()
Changed API driver to passport in config/auth.php
Added CreateFreshApiToken::class to web middleware
After a lot of digging, I finally figured out what my issue was.
In version 5.6 and later of Laravel, cookies are no longer serialized/unserialized. However, Passport still expects that the cookies are serialized. Neither the documentation for Laravel or Passport point this out, and hopefully they'll get more in sync so this isn't an issue.
To fix this, you just need to add Passport::withoutCookieSerialization(); to app\Providers\AuthServiceProvider::boot()
i'm using Larave 5.4 passport to create SPA application. However, i was able to make authentication work. but access token are always short-lived tokens with 600s expiration time.
i could not increase expiration time with:
Passport::tokensExpireIn(Carbon::now()->addDays(15));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(30));
it have no effect at all.
any help? thanks in advance.
Personal access tokens are always long-lived. Their lifetime is not modified when using the tokensExpireIn or refreshTokensExpireIn methods - as explained in Laravel's official documentation (https://laravel.com/docs/5.7/passport#personal-access-tokens).
The option of editing PassportServiceProvider.php in the vendor directory is a bad idea. Every time, you make an update (e.g composer update/install) or by another developer in production, code will be reverted to status quo, and it would start failing.
A better approach is to use Password Grant Tokens. The OAuth2 password grant allows your other first-party clients, such as a mobile application, to obtain an access token using an e-mail address / username and password. This allows you to issue access tokens securely to your first-party clients without requiring your users to go through the entire OAuth2 authorization code redirect flow. Be sure that you have duly installed passport (See Guide: https://laravel.com/docs/5.7/passport#installation), then run this command
php artisan passport:client --password
Having done this, you can request an access token by issuing a POST request to /oauth/token. Remember, this route is already registered by the Passport::routes method so there is no need to define it manually. If the request is successful, you will receive an access_token and refresh_token in the JSON response from the server. See payload sample below:
{
"grant_type" : "password",
"client_id":"your-client-id",
"client_secret":"your-client-secret",
"username":"twady77#gmail.com",
"password":"123456",
"scope":""
}
Sample response:
{
"token_type":"Bearer",
"expires_in":1296000,
"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjVkMWJjN2NhOTU0ZWU2YTZmOGNkMGEyOTFjOTI5YzU4Zjk3ODk3M2YxZDJmNjQ2NjkyZjhjODQyZjYxNTBjZGRiYzMwY2RjMzRmZjJhYmU1In0.eyJhdWQiOiI4IiwianRpIjoiNWQxYmM3Y2E5NTRlZTZhNmY4Y2QwYTI5MWM5MjljNThmOTc4OTczZjFkMmY2NDY2OTJmOGM4NDJmNjE1MGNkZGJjMzBjZGMzNGZmMmFiZTUiLCJpYXQiOjE1NDkyOTI5MjcsIm5iZiI6MTU0OTI5MjkyNywiZXhwIjoxNTUwNTg4OTI3LCJzdWIiOiIxIiwic2NvcGVzIjpbXX0.cSvu30xAT-boA5zmVuxTr0TfH_5MYuVWYi6NVQRbryZSswt8EAFTi5QXHH1f0O63DWnLA6VFBS2AfDe4-ryJZACDnt4gtPJOeuu1rNMZ53MU1vjxnyC8FsYz8v9vmYJsZPKqfTJpuJFYRFh7kkV7uWAmrEkuF3POnDn-GjW50f4i26lIZW5ta5j4nZQrIJCQUEzwXaQtn9H-qef3bTWAaplWaV-k7Blic-0TXXVfWa_CdoKCAzHROVBRWY1Idhe1LJkvGKldUGzUfliiB1x7EVVInq94VYEP5d9__90Z2UMUn5dCEgWkXvcEHYy87_4OSwu4TQk_f3hD82OVOEtJGgPyJqK51WqnQCBYwNtxNjqAW2oaMgpritp3G8nccUiyhkE4Pd_kj3cb2OvSNRXdDS9z-RnJb1OXUkja-4Xe_JfIWUjlTnkss18xMg89hcU_3xtBwUXBWHgffzcbNoI1oOwUL6Whekduiy8csf665v0cnzkPXISmvyGhiMseIlBEN9m9uESaJqD_g7WzbsEs7meI0CAF3230UgrI1MdYSAJMW0mMPF9EScH31a_Qpde5O233Ty6-S4NAp323Wneqs_jpGSfw81CvoI1JeY0hZccRC-MBBsQ2Ox7AM36H5L3p-ybricmT3oCcHEqhufq-ygyfqk1RufJwwRblwYPyaJE",
"refresh_token":"def50200c6b2378110190ac28d9d55f622885bb0b470a20543a6f1eefb18ed93c57b7040dc4db9444aa8853209bde9d5443a407d43fcaf1deb2e1f3f5ea3ce7431c4ec5e111bdc0cc71ca76034cd2a884441c51e4c922dddfa3f6e3a3fa8e1fbb8efe4581ce70d76590e732b3fa8b0c41a8abff4a8759f9dd1cc3ae46134fb67a8f25cd79e3229f6ee3238701ebfe0e8b0e2f14bd13c7fde3f813708a3de9928c8e992850994ca97bf61984cdb846bd0d72916312d9985472fc4293a3b3f2c55e1ef19621ef009623a6780f800ece9c8d835871dc795fda5daa43ac3fdae467e66b46e4eb73d53b8cb821522ee60979711c28c54fb2085f6000ac7e96e019ce51b9f92ea3fa2028aa0238fc3dca9c900e8dd77907782b22482f95a5e55708e5bda8c28f3732ff55e361f08447b33fe05d5646cecfb9faed462d327efdcc2a3742f46f9f825275d296b4ced25c05f3b6add68f43a2b448e4523d5410c631dc45bba"
}
Try to use this library: https://github.com/GeneaLabs/laravel-caffeine , and you can look laravel session config options
tokenExpireIn() instead of refreshTokensExpireIn() use then solve tokenExpireIn problem.
for passport grant token
Passport::tokensExpireIn(Carbon::now()->addDays(10));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(15));
This is only adding 10 minutes of expiry time. Don't know how and why, but instead changing internal codes. I Changed
Passport::tokensExpireIn(Carbon::now()->addDays(10000));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(12000));
Now it's adding 7 days of expiry time. Seems like addDays function adding 10000 minutes.
I have the same issue before for my application, I spent two days try to find what is the problem, The best solution that I came up with is to change the expire date directly in the PassportServiceProvider
Go to vendor/laravel/passport/src/PassportServiceProvider.php line 108
new PersonalAccessGrant, new DateInterval('P1Y')
for example to set the expire date to one week
new PersonalAccessGrant, new DateInterval('P1W')
I know this is a bad solution for fixing the issue, recently I have found the same issue on Laravel Git repo
https://github.com/laravel/passport/issues/47
I want to update data in Kinvey Database. I used Rest API (PUT Method). but it is not working .
Same Authorization token in GET and POST method is working fine. Here is the Error :
{ "error": "InsufficientCredentials", "description": "The
credentials used to authenticate this request are not authorized to
run this operation. Please retry your request with appropriate
credentials", "debug": "" }
Please correct me.
I finally found the solution after wasting my two days.
Kinvey applys permission on collection level. So you have to change that permission.
Here is the reference link.
http://devcenter.kinvey.com/rest/guides/security#collectionpermissions
Please see the snap, so you can better understand.