Hello guys
I have a problem with one request to my /auth/profile route
My headers
Accept: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz...
When I send once it fails, when I send for the second time it works, that pattern repeats it self
When fails I have the error: "The resource owner or authorization server denied the request."
My route code:
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Http\Resources\Auth\ProfileResource;
use Illuminate\Http\Request;
class ProfileController extends Controller
{
/**
* @param Request $request
* @return mixed
*/
public function index(Request $request)
{
return new ProfileResource($request->user());
}
}
Could you please check
rdehnhardt
All 15 comments
@rdehnhardt Could this be maybe due change in Laravel cookie serialization?
Check this docs: https://laravel.com/docs/5.6/upgrade#upgrade-5.6.30
zoranlorkovic
on 20 Aug 2018
Hello @zlorkovic, the problem still happens, I try this, but I think the problem is not related to cookie becouse I use the API middleware, and this middleware dosent have cookies
rdehnhardt
on 20 Aug 2018
Have you upgraded to Laravel 5.7, if that is the case this version of Laravel requires passport version > 7
jhoffe
on 21 Aug 2018
Hello @hoffmannjonas
I'm using 5.6.33 Laravel version.
I will change for 5.7 to test
rdehnhardt
on 21 Aug 2018
I ran into the same thing, the tokenguard from passport calls the decrypt method without setting the unserialize property to false or checking the serialize property from the encrypter middleware.
I added a check to my encrypter middleware to serialize only the passport cookie, that fixes it if you are stuck on laravel 5.5 like me.
Zae
on 23 Aug 2018
@Zae Can you share a code example?
gilbitron
on 23 Aug 2018
Hi @gilbitron ,
I don't think it' the same problem, my bearer tokens are working fine, my problem was with the laravel_token laravel sets.
See https://github.com/laravel/passport/issues/805 for my fix.
Zae
on 23 Aug 2018
I was analyzing and I saw that passport routes have web middleware, is that correct? Why use web middleware in API routes?
rdehnhardt
on 23 Aug 2018
The fix for me was to add Passport::withoutCookieSerialization(); to AppServiceProvider in the boot method. While documented in the upgrade instructions, it reads to me like it is a method reserved for those who mean to not implement cookie serialization.
bradenkeith
on 24 Aug 2018
@bradenkeith did not work for me.
NeekPizza
on 3 Sep 2018
@bradenkeith I came here from the documentation instructions because they're woefully unclear. It also isn't clear that protected static $serialize = true; is set to false inside Illuminate\Cookie\Middleware\EncryptCookies which is the base class for the App\Http\Middleware\EncryptCookies middleware. That means that unless you explicitly change it, cookies are no longer serialized.
w0rd-driven
on 6 Sep 2018
@w0rd-driven did not work. changed it, cache and config cleared then tried again still not working
NeekPizza
on 6 Sep 2018
I add Passport::withoutCookieSerialization() to boot() function in App\Providers\AuthServiceProvider class and it works.
teslamint
on 14 Sep 2018
Please try to the Passport::withoutCookieSerialization() like others have suggested. I'm going to close this now but if you're still experiencing the error please respond back with clear code samples, preferable link to a test Laravel app which can recreate the problem.
driesvints
on 15 Oct 2018
same issue, Passport::withoutCookieSerialization() return this error: Call to undefined method Laravel\PassportPassport::withoutCookieSerialization()
Please help!
vdtuan
on 25 Dec 2018
Related issues
aluferraz
·
3Comments
mind-control
·
3Comments
soubhikchatterjee
·
4Comments
SwiTool
·
3Comments
andcl
·
3Comments
Most helpful comment
The fix for me was to add
Passport::withoutCookieSerialization();toAppServiceProviderin the boot method. While documented in the upgrade instructions, it reads to me like it is a method reserved for those who mean to not implement cookie serialization.