I'm using Laravel Framework version 5.3.9, fresh download nothing added on via composer(except "laravel/passport": "^1.0"
).
I did all the things suggested in the docs. Tables are created, routes are up, everything works fine. However I need passport for an API.
My routes look like so:
+--------+----------+-----------------------------------------+----------------------+----------------------------------------------------------------------------+------------+
| Domain | Method | URI | Name | Action | Middleware |
+--------+----------+-----------------------------------------+----------------------+----------------------------------------------------------------------------+------------+
| | GET|HEAD | / | | Closure | web |
| | GET|HEAD | api/v1/users/register | api::users::register | AppHttpControllersApiV1SocialController@register | api,auth |
| | POST | oauth/authorize | | LaravelPassportHttpControllersApproveAuthorizationController@approve | web,auth |
| | GET|HEAD | oauth/authorize | | LaravelPassportHttpControllersAuthorizationController@authorize | web,auth |
| | DELETE | oauth/authorize | | LaravelPassportHttpControllersDenyAuthorizationController@deny | web,auth |
| | GET|HEAD | oauth/clients | | LaravelPassportHttpControllersClientController@forUser | web,auth |
| | POST | oauth/clients | | LaravelPassportHttpControllersClientController@store | web,auth |
| | PUT | oauth/clients/{client_id} | | LaravelPassportHttpControllersClientController@update | web,auth |
| | DELETE | oauth/clients/{client_id} | | LaravelPassportHttpControllersClientController@destroy | web,auth |
| | GET|HEAD | oauth/personal-access-tokens | | LaravelPassportHttpControllersPersonalAccessTokenController@forUser | web,auth |
| | POST | oauth/personal-access-tokens | | LaravelPassportHttpControllersPersonalAccessTokenController@store | web,auth |
| | DELETE | oauth/personal-access-tokens/{token_id} | | LaravelPassportHttpControllersPersonalAccessTokenController@destroy | web,auth |
| | GET|HEAD | oauth/scopes | | LaravelPassportHttpControllersScopeController@all | web,auth |
| | POST | oauth/token | | LaravelPassportHttpControllersAccessTokenController@issueToken | |
| | POST | oauth/token/refresh | | LaravelPassportHttpControllersTransientTokenController@refresh | web,auth |
| | GET|HEAD | oauth/tokens | | LaravelPassportHttpControllersAuthorizedAccessTokenController@forUser | web,auth |
| | DELETE | oauth/tokens/{token_id} | | LaravelPassportHttpControllersAuthorizedAccessTokenController@destroy | web,auth |
+--------+----------+-----------------------------------------+----------------------+----------------------------------------------------------------------------+------------+
All the web
routes are there, there are no api
related routes, since Passport doesn't provide anything of that sort out of the box.
The API itself is intended to be used by a trusted client, it's made for a mobile application that does require a login however, said login will bypass a few steps.
Once a user access the /register
route, the registration process itself is quite simple: access the user's facebook account an grab a few fields - email, facebook id, name an profile picture and from that point onwards the users is considered registered. But the user will NOT login with facebook(this is a very important aspect). The consumer app will be issued a token and use that token to access various endpoints of the api(that require a token to use).
So it boils down to this. I need to issue an access token to the consumer app that access the API. The API itself will only have one client, that is the mobile app itself. Users that use the app are not considered clients of the API but clients of the mobile app itself.
So far Passport is a headache to work with when it comes to implementing API related stuff, either that or I can't figure out how to make it work properly.
I've created a test client in the oauth_clients
table that looks like so:
I'm using Postman to access api/v1/users/register
route that has the auth
middleware with the following JSON application/json
{
"grant_type" : "authorization_code",
"client_id" : 5,
"client_secet": "y5dvPIOxQJOjYn7w2zzg4c6TRrphsrNFWbG4gAUL"
}
Which of course will result in a
{"error":"Unauthenticated."}
It makes perfect sense.
Out of pure curiosity I changed the /register
route to this:
Route::group([
'middleware' => [
],
], function ()
{
Route::group([
'prefix' => 'users',
'as' => 'users::',
], function ()
{
// Route::get('/register', ['as' => 'register', 'uses' => 'ApiV1SocialController@register',]);
Route::post('/register', ['as' => 'register', 'uses' => 'LaravelPassportHttpControllersAccessTokenController@issueToken',]);
});
});
With the same json
as before. That resulted in {"error":"invalid_client","message":"Client authentication failed"}
.
I've tracked down the function that, I think, handles the validateClient
part in vendor/league
oauth2-server/src/Grant/AbstractGrant`.
The $client
is null. Now this may or may not be related to Passport, since the documentation on it rather lacking and the thought of digging thru a monster of a package to track down the error that may be largely due to me not doing something right doesn't strike me as a good idea, I'm out of options. To be perfectly honest I don't even know what the problem is.
Really, at this point any sort pointing in the right direction is more than welcome.
The part in questions is
See Question&Answers more detail:
os