Passport: Key path "file:///laravel/storage/oauth-private.key" does not exist or is not readable on Passport 3.0

Hi!
You should consider using FastCGI, fcgi, suPHP or similar method of running php scripts as a website owner - a system user, usually FTP user, that owns all the files. All shared hosting providers that seriously think about security offer at least one of those (better website separation). In this scenario, if you have shell access, you log in as the above user and perform all necessary operations, crons are also run as this user, etc.

I found a workaround (until there is a better solution) to run my tests and artisan commands without breaking the web requests and vice versa.

I made an extra set of oauth keys and placed them in a newly created cli folder inside my storage folder. I chowned the files inside the cli folder to match them with my Linux username. So:

The default keys inside storage/ :

-rw------- 1 www-data www-data   3292 jul 21 10:58 oauth-private.key
-rw------- 1 www-data www-data    812 jul 21 10:58 oauth-public.key

The copied keys inside storage/cli/ :

-rw------- 1 cli-user cli-user   3292 jul 21 10:58 oauth-private.key
-rw------- 1 cli-user cli-user    812 jul 21 10:58 oauth-public.key

Then i changed the static $keyPath property inside \Laravel\Passport\Passport when running from the console (i placed this in the boot method of the AppServiceProvider to ensure it is working):

// don't forget the imports
if (App::runningInConsole()) {
    Passport::$keyPath = storage_path('cli');
}

After this i could both run my tests and access my application via the browser.

This is a really annoying bug to be honest
@Codeklopper Your workaround works perfectly, Thanks.

Hi!

Just adding my two cents. The issue remains even after #418 because Laravel registers its own error/exception handlers in HandleExceptions.php#L28. Throwing E_USER_NOTICE therefore triggers the same error handling logic as any other unhandled exception.

i have the same issue

Hello There,

I have updated my Laravel project with composer update and now I'm getting the following error please give me the fix soon.

(1/1)

ErrorException chmod(/var/www/html/storage/oauth-private.key): Operation failed: Operation not permitted

in CryptKey.php (line 51)

A fix for this is WIP here thephpleague/oauth2-server#776

Please upgrade to Laravel 3.0.* if you haven't already and ensure that league/oauth2-server has been updated to at least 6.0.2.

I have the same issue, changed keys permission and ownership of keys as is advised and I have in my composer i "laravel/passport": "^3.0", however if i check passprorts composer than I see that uses "league/oauth2-server": "^6.0",

In my case this issue happened on OAuth login tests when building on CircleCI. I fixed this issue and by generating the OAuth key pair.

steps:
  - run: openssl genrsa -out storage/oauth-private.key 4096
  - run: openssl rsa -in storage/oauth-private.key -pubout > storage/oauth-public.key

I added those steps before PHPUnit step.

This worked for me in Windows.
php artisan passport:keys