Passport: Laravel Passport Authorization failed

Created on 18 Jul 2017 · 4Comments · Source: laravel/passport

After the security improvements of php league oauth2 server, Laravel passport authorization get failed.

Exception says

You must set the encryption key going forward to improve the security of this library - see this page for more information https://oauth2.thephpleague.com/v5-security-improvements/
According to their documentation it is must to set encryption key.

// Setup the authorization server
$server = new AuthorizationServer(
    $clientRepository,
    $accessTokenRepository,
    $scopeRepository,
    $privateKeyPath,
    $publicKeyPath
);
$server->setEncryptionKey('lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen');

but Laravel passport current release does not include this fix.

what I did was added setEncryptionKey() manually to

/vendor/laravel/passport/src/PassportServiceProvider.php

public function makeAuthorizationServer()
    {
        $server = new AuthorizationServer(
            $this->app->make(Bridge\ClientRepository::class),
            $this->app->make(Bridge\AccessTokenRepository::class),
            $this->app->make(Bridge\ScopeRepository::class),
            'file://'.Passport::keyPath('oauth-private.key'),
            'file://'.Passport::keyPath('oauth-public.key')
        );
        $server->setEncryptionKey('lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen');
        return $server;
    }

This is works for me. But technically I can not edit this file. Is there any suitable fix for this ?

Source