Using Passport Oauth2 in server access token issue - laravel

Hello To All I'm facing problem for using passport Oauth2 Authentication in laravel 5.4, I am working on project where I define two routes
1. For login through API http://localhost:8000/api/login from Which, I got a response as Access Token.
2. Another for get user details http://localhost/api/user and I am getting the user details.
But When I deploy my App to server and try to Hit the above two URL in Postman I am getting the access token but While tried to access the user with the generated access token. It send me error of Unauthenticated.
Do I need to generate passport key in server with php artisan passport:keys

Yes you'll need the encryption keys on the server as well:
php artisan passport:keys
// or with new installations
php artisan passport:install
Also ensure you're using the correct auth guard, auth:api, when accessing the user:
// middleware
Route::group(['middleware' => ['auth:api'])->(...)
// and with the user helper
auth('api')->user()

Related

Laravel Passport Passport::hashClientSecrets() always gives unathenticated error Error

I am using laravel 9 passport for authenticating user by issuing personal access token.
First I generated client id and client secret by running the following command
php artisan passport:client --personal
and then generated personal access token for a user which is working fine. But when I create hashed secret key by adding
Passport::hashClientSecrets();
into AuthServiceProvider.php and try to create token, I always get the following error
League\OAuth2\Server\Exception\OAuthServerException: client authentication failed...
But when I uncomment the following then everything starts working fine
Passport::hashClientSecrets();
Can anyone explain what I am missing and how can I create personal access token using hashed secret key?

How to generate only API_KEY and USER_SECRET in with laravel passport

I am developing api using laravel passport. But i have tried using the various grant types, the authorization code, password grants, client credentials but still not getting the desired result i want. Maybe i am not able to understand well. Looking at stripe, after you signup, you get api key and a secret which you use in your application. How do I achieve same result using passport where after user signup, user get API_KEY and USER_SECRET to use in his application.
To generate passport:keys you need to execute:
php artisan passport:keys
More you can read here.
Also, you will need to create client with:
php artisan passport:client
More in docs.

Laravel 5.7 Passport oauth - Single client for multiple users

Is there a way I could use the same OAuth client for all my users instead of using one client per user?
If you use the Password Grant Client you can pass a username and password to the client and it will authenticate your users with only one client.
To protect your routes use the auth middleware and the api guard.
Remember to set the driver for your api guard to passport.
https://laravel.com/docs/5.7/passport#password-grant-tokens
Use this link to help you.
There must be an issue when creating a client via front end.
I ran
php artisan migrate:fresh --seed
composer dump-autoload
php artisan config:clear
Then created a user manually.
next
php artisan passport:client

Laravel Passport is failing to validate my newly generated token

Suddenly my application stopped working when trying to access endpoints protected by auth:api middleware in the Laravel 5.6.35 back-end using Passport 7.0.1.
The issue is that it is generating when I register and log-in.
return Response::json([
'token' => $user->createToken('foobar')->accessToken,
'user' => $user
], HTTPResponse::$HTTP_OK);
Insomnia rest will then show the following when accessing the routes belonging to the auth:api middleware.
"message": "Unauthenticated."
It was working until an hour ago, and it stopped after I refreshed the database. I dropped and created a new one, registered a test user and attempted to access and endpoint passing the token as Bearer token and Accept header to application/json. I've done it like this many times, always running php artisan passport:install --force after each refresh.
I don't know how to solve it. I saw where it was failing in TokenGuard.php file, but what to do? Why has it suddenly stopped?
The reason of the issue was because I was setting another field as the primary key of users table, and it was causing an error in the Passport's auto-generated tables.
you must reinstall the passport after refreshed the database.Then only Token will generate
php artisan passport:install
In case you are using Apache Server, Add this line to your httpd.conf file.
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

How to use Laravel passport if default Laravel auth is not being used

I am using laravel 5.4 and not using the default Auth for user authentication with it.
I have created a custom users table and using it with a custom Auth system having all custom middlewares etc.
I have thus not run the command php artisan make:auth or php aritsan migrate in the initial setup.
How i I integrate the project with Laravel/Passport for API authentication ? Also how do I issue tokens with passport if the default auth is not used not even Auth::attempt();

Resources