Passport: Error in authenticateViaBearerToken (BearerTokenValidator.php) "The JWT string must have two dots"

Created on 29 Aug 2016  ·  25Comments  ·  Source: laravel/passport

I have {error: "Unauthenticated."}
when GET /api/user

headers:
Accept:application/json
Authorization:Bearer 16dd63d4ba079478273850acac2fd1a9c9d46ee26dba31a8b12cc3ffbbbe871f7e742fef6c1f492a
...

SELECT * FROM oauth_access_tokens

16dd63d4ba079478273850acac2fd1a9c9d46ee26dba31a8b12cc3ffbbbe871f7e742fef6c1f492a 1 1 Site [] 0 2016-08-28 21:45:07 2016-08-28 21:45:07 2116-08-28 21:45:07

and catch OAuthServerException

OAuthServerException {#196
-httpStatusCode: 401
-errorType: "access_denied"
-hint: "The JWT string must have two dots"
-redirectUri: null
#message: "The resource owner or authorization server denied the request."
#code: 9
#file: "/home/vagrant/code/givman/vendor/league/oauth2-server/src/Exception/OAuthServerException.php"
#line: 165

League\OAuth2\Server\Exception\OAuthServerException: The resource owner or authorization server denied the request. in /home/vagrant/code/givman/vendor/league/oauth2-server/src/Exception/OAuthServerException.php:165
Stack trace:

0 /home/vagrant/code/givman/vendor/league/oauth2-server/src/AuthorizationValidators/BearerTokenValidator.php(77): League\OAuth2\Server\Exception\OAuthServerException::accessDenied('The JWT string ...')

1 /home/vagrant/code/givman/vendor/league/oauth2-server/src/ResourceServer.php(82): League\OAuth2\Server\AuthorizationValidators\BearerTokenValidator->validateAuthorization(Object(Zend\Diactoros\ServerRequest))

2 /home/vagrant/code/givman/vendor/laravel/passport/src/Guards/TokenGuard.php(109): League\OAuth2\Server\ResourceServer->validateAuthenticatedRequest(Object(Zend\Diactoros\ServerRequest))

3 /home/vagrant/code/givman/vendor/laravel/passport/src/Guards/TokenGuard.php(89): Laravel\Passport\Guards\TokenGuard->authenticateViaBearerToken(Object(Illuminate\Http\Request))

4 /home/vagrant/code/givman/vendor/laravel/passport/src/PassportServiceProvider.php(207): Laravel\Passport\Guards\TokenGuard->user(Object(Illuminate\Http\Request))

5 [internal function]: Laravel\Passport\PassportServiceProvider->Laravel\Passport{closure}(Object(Illuminate\Http\Request))

6 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Auth/RequestGuard.php(53): call_user_func(Object(Closure), Object(Illuminate\Http\Request))

7 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Auth/GuardHelpers.php(49): Illuminate\Auth\RequestGuard->user()

8 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php(61): Illuminate\Auth\RequestGuard->check()

9 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php(41): Illuminate\Auth\Middleware\Authenticate->authenticate(Array)

10 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(137): Illuminate\Auth\Middleware\Authenticate->handle(Object(Illuminate\Http\Request), Object(Closure), 'api')

11 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(33): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}(Object(Illuminate\Http\Request))

12 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Middleware/SubstituteBindings.php(41): Illuminate\Routing\Pipeline->Illuminate\Routing{closure}(Object(Illuminate\Http\Request))

13 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(137): Illuminate\Routing\Middleware\SubstituteBindings->handle(Object(Illuminate\Http\Request), Object(Closure))

14 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(33): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}(Object(Illuminate\Http\Request))

15 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Middleware/ThrottleRequests.php(48): Illuminate\Routing\Pipeline->Illuminate\Routing{closure}(Object(Illuminate\Http\Request))

16 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(137): Illuminate\Routing\Middleware\ThrottleRequests->handle(Object(Illuminate\Http\Request), Object(Closure), '60', '1')

17 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(33): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}(Object(Illuminate\Http\Request))

18 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(104): Illuminate\Routing\Pipeline->Illuminate\Routing{closure}(Object(Illuminate\Http\Request))

19 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Router.php(644): Illuminate\Pipeline\Pipeline->then(Object(Closure))

20 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Router.php(618): Illuminate\Routing\Router->runRouteWithinStack(Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request))

21 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Router.php(596): Illuminate\Routing\Router->dispatchToRoute(Object(Illuminate\Http\Request))

22 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(267): Illuminate\Routing\Router->dispatch(Object(Illuminate\Http\Request))

23 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http{closure}(Object(Illuminate\Http\Request))

24 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(46): Illuminate\Routing\Pipeline->Illuminate\Routing{closure}(Object(Illuminate\Http\Request))

25 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(137): Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode->handle(Object(Illuminate\Http\Request), Object(Closure))

26 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(33): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}(Object(Illuminate\Http\Request))

27 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(104): Illuminate\Routing\Pipeline->Illuminate\Routing{closure}(Object(Illuminate\Http\Request))

28 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(149): Illuminate\Pipeline\Pipeline->then(Object(Closure))

29 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(116): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter(Object(Illuminate\Http\Request))

30 /home/vagrant/code/givman/public/index.php(53): Illuminate\Foundation\Http\Kernel->handle(Object(Illuminate\Http\Request))

31 {main}

picture novs

Most helpful comment

Ha ha, after almost 2 days of researching ... same here 😵 ...

picture vkovic on 9 Jan 2017
🎉2 😄2

All 25 comments

I have the same problem. How do you solved it?

urizev picture urizev on 5 Sep 2016

I get the same problem. How did you solve it? Thanks!

urizev picture urizev on 6 Sep 2016

Same here

dimsav picture dimsav on 8 Sep 2016

omg I feel so ashamed... I was copy pasting just a part of the token and not all of it.

cc @urizev @novs

dimsav picture dimsav on 8 Sep 2016
👍3

OMG!! 😵😵😵
Same for me!! Double click selection and and my stupidity...
At least I hope it helps other people
Thanks @dimsav.

urizev picture urizev on 8 Sep 2016
👍2

I’m having the same issue, and I’m copying the access token properly.

martinbean picture martinbean on 14 Sep 2016

Write tests to be 100% sure

dimsav picture dimsav on 14 Sep 2016

"The JWT string must have two dots" for me too :-/
I just use the same encrypted string to decryption

trevor-sonic picture trevor-sonic on 16 Sep 2016

wtf. same me. token didn't copied completely :open_mouth:

mehranhadidi picture mehranhadidi on 10 Dec 2016

Ha ha, after almost 2 days of researching ... same here 😵 ...

vkovic picture vkovic on 9 Jan 2017
🎉2 😄2

The same for me

L0renzo picture L0renzo on 23 Feb 2017
👍2

Has anyone managed to solve the problem? In my case some users access and others do not

ViniciusBabugia picture ViniciusBabugia on 8 Mar 2017
👍1

@ViniciusBabugia the problem was just mistake on copy token.

mehranhadidi picture mehranhadidi on 14 Mar 2017

I did copied it completely and the error is still there.
https://github.com/laravel/passport/issues/349

libasoles picture libasoles on 14 Apr 2017
👍1

Dismiss my comment. I was sending the Authentication header and it's not needed with CreateFreshApiToken feature. That was it.

btw: there's a nice learning tutorial by Taylor here: https://laracasts.com/series/whats-new-in-laravel-5-3/episodes/13

libasoles picture libasoles on 15 Apr 2017

OMG i use refresh token instead of access token. that's my mistake

godamri picture godamri on 12 Mar 2018

If you send Authorization header when it's not needed it will fail.

CristianDeluxe picture CristianDeluxe on 25 Mar 2018

I am also getting the same error "OAuthServerException" but i know this is because of access_token expired. My question is how do i convert OAuthServerException into an json response for api in laravel.
Any one please tell, How to solve it?
Thank you!!

anususmi picture anususmi on 27 Jul 2018

@anususmi you can handle it on app\Exceptions\Handler.php

godamri picture godamri on 27 Jul 2018

@goDamri Thank you, this helps me a lot. But in backend there was an Exception.

local.ERROR: The resource owner or authorization server denied the request. {"exception":"[object] (League\OAuth2\Server\Exception\OAuthServerException(code: 9): The resource owner or authorization server denied the request. at /home/www/testproject.com/vendor/league/oauth2-server/src/Exception/OAuthServerException.php:173)
[stacktrace]

0 /home/www/testproject.com/vendor/league/oauth2-server/src/AuthorizationValidators/BearerTokenValidator.php(82): League\OAuth2\Server\Exception\OAuthServerException::accessDenied('Access token ha...')

1 /home/www/testproject.com/vendor/league/oauth2-server/src/ResourceServer.php(82): League\OAuth2\Server\AuthorizationValidators\BearerTokenValidator->validateAuthorization(Object(Zend\Diactoros\ServerRequest)).....

I want to catch this exception, because this Exception always comes when the access_token expired.
Can you also please help me to solve this..

anususmi picture anususmi on 28 Jul 2018

@anususmi use dontReport to exclude exception of OauthServerException being logged

godamri picture godamri on 28 Jul 2018
👍1

Wow, it works. Thank you for your support @goDamri

anususmi picture anususmi on 30 Jul 2018
😄2

Anyone help me about this issue...... Refresh token code in laravel 5.5 #793

anususmi picture anususmi on 7 Aug 2018

In my header there is HTTP/1.0 and in the splitJwt it explodes the header by dot. and guess what!

sadeghgit picture sadeghgit on 21 Aug 2018

I solved it in my case! my issue was when I was decoding the token, I was passing the whole header to the function. So What I did, got the content of the header, json decoded, got the token value from it and passed it to the lexik jwt decoder.

sadeghgit picture sadeghgit on 21 Aug 2018
Was this page helpful?
0 / 5 - 0 ratings

Related issues

MarkVilludo picture MarkVilludo  ·  3Comments
parth-vora-7 picture parth-vora-7  ·  4Comments
cookiejarblush picture cookiejarblush  ·  4Comments
ghost picture ghost  ·  3Comments
seriousjelly picture seriousjelly  ·  3Comments