Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

server response with 401 Unauthenticated. #730

Closed
Artessan opened this issue Jun 3, 2018 · 4 comments
Closed

server response with 401 Unauthenticated. #730

Artessan opened this issue Jun 3, 2018 · 4 comments

Comments

@Artessan
Copy link

Artessan commented Jun 3, 2018
edited
Loading

I'm implementing passport v6.0.2 in a laravel 5.6 (last version at this moment) project, on dev enviroment passport works great , but after deploy on server i'm geting a 401 { "message": "Unauthenticated." } response. testing with postman and mobile devices

maybe can be the production enviroment, the implementation is a load balancer with nginx and two servers for the app plus cloudflare free ssl implementation, for the three servers th setup was make with laravel forge the two app server are using envoyer.

Now the thing is, Need I do make some special config to make passport work with the productions enviroment or is this a releate bug on passport???

This it is the internal log for a request whit the 401 response

[2018-06-03 12:59:47] production.ERROR: The resource owner or authorization server denied the request. {"exception":"[object] (League\OAuth2\Server\Exception\OAuthServerException(code: 9): The resource owner or authorization server denied the request. at /home/forge/vewallet.co/releases/20180603094104/vendor/league/oauth2-server/src/Exception/OAuthServerException.php:205)[stacktrace]
-0 /home/forge/vewallet.co/releases/20180603094104/vendor/league/oauth2-server/src/AuthorizationValidators/BearerTokenValidator.php(69): League\OAuth2\Server\Exception\OAuthServerException::accessDenied('Access token co...')
-1 /home/forge/vewallet.co/releases/20180603094104/vendor/league/oauth2-server/src/ResourceServer.php(84): League\OAuth2\Server\AuthorizationValidators\BearerTokenValidator->validateAuthorization(Object(Zend\Diactoros\ServerRequest))
-2 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/passport/src/Guards/TokenGuard.php(109): League\OAuth2\Server\ResourceServer->validateAuthenticatedRequest(Object(Zend\Diactoros\ServerRequest))
-3 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/passport/src/Guards/TokenGuard.php(89): Laravel\Passport\Guards\TokenGuard->authenticateViaBearerToken(Object(Illuminate\Http\Request))
-4 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/passport/src/PassportServiceProvider.php(272): Laravel\Passport\Guards\TokenGuard->user(Object(Illuminate\Http\Request))
-5 [internal function]: Laravel\Passport\PassportServiceProvider->Laravel\Passport\{closure}(Object(Illuminate\Http\Request), NULL)
-6 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Auth/RequestGuard.php(58): call_user_func(Object(Closure), Object(Illuminate\Http\Request), NULL)
-7 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Auth/GuardHelpers.php(50): Illuminate\Auth\RequestGuard->user()
-8 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php(61): Illuminate\Auth\RequestGuard->check()
-9 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php(41): Illuminate\Auth\Middleware\Authenticate->authenticate(Array)
-10 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Illuminate\Auth\Middleware\Authenticate->handle(Object(Illuminate\Http\Request), Object(Closure), 'api')
-11 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
-12 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Routing/Middleware/ThrottleRequests.php(57): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
-13 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Illuminate\Routing\Middleware\ThrottleRequests->handle(Object(Illuminate\Http\Request), Object(Closure), 60, '1')
-14 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
-15 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(104): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
-16 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Routing/Router.php(661): Illuminate\Pipeline\Pipeline->then(Object(Closure))
-17 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Routing/Router.php(636): Illuminate\Routing\Router->runRouteWithinStack(Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request))
-18 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Routing/Router.php(602): Illuminate\Routing\Router->runRoute(Object(Illuminate\Http\Request), Object(Illuminate\Routing\Route))
-19 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Routing/Router.php(591): Illuminate\Routing\Router->dispatchToRoute(Object(Illuminate\Http\Request))
-20 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(176): Illuminate\Routing\Router->dispatch(Object(Illuminate\Http\Request))
-21 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(30): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http\{closure}(Object(Illuminate\Http\Request))
-22 /home/forge/vewallet.co/releases/20180603094104/vendor/tomschlick/laravel-http2-server-push/src/Http2ServerPushMiddleware.php(23): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
-23 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): TomSchlick\ServerPush\Http2ServerPushMiddleware->handle(Object(Illuminate\Http\Request), Object(Closure))
-24 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
-25 /home/forge/vewallet.co/releases/20180603094104/vendor/fideloper/proxy/src/TrustProxies.php(57): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
-26 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Fideloper\Proxy\TrustProxies->handle(Object(Illuminate\Http\Request), Object(Closure))
-27 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
-28 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(31): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
-29 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle(Object(Illuminate\Http\Request), Object(Closure))
-30 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
-31 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(31): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
-32 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle(Object(Illuminate\Http\Request), Object(Closure))
-33 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
-34 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
-35 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Illuminate\Foundation\Http\Middleware\ValidatePostSize->handle(Object(Illuminate\Http\Request), Object(Closure))
-36 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
-37 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(51): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
-38 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode->handle(Object(Illuminate\Http\Request), Object(Closure))
-39 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
-40 /home/forge/vewallet.co/releases/20180603094104/vendor/barryvdh/laravel-cors/src/HandlePreflight.php(35): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
-41 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Barryvdh\Cors\HandlePreflight->handle(Object(Illuminate\Http\Request), Object(Closure))
-42 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
-43 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(104): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
-44 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(151): Illuminate\Pipeline\Pipeline->then(Object(Closure))
-45 /home/forge/vewallet.co/releases/20180603094104/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(116): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter(Object(Illuminate\Http\Request))
-46 /home/forge/vewallet.co/releases/20180603094104/public/index.php(55): Illuminate\Foundation\Http\Kernel->handle(Object(Illuminate\Http\Request))
-47 {main}
"}
@Sephster
Copy link
Contributor

Sephster commented Jun 3, 2018

You mentioned you have multiple servers. Do they all have the ability to protect your API resources? If so, they should all share the same private/public key pairs.

If you have run php artisan passport:keys on each server, you will have generated different keys for each server. This means an access token issued on one instance might not be accepted on another.

@Artessan
Copy link
Author

Artessan commented Jun 3, 2018

Yes, I found that the problem was a multiple keys problem, now since passport 6.0.2 the keys can be set in env file i was thinking that the passport:keys command check for keys on env file before create new set of keys, maybe we an add an option for check for the keys in the emv when we create the key set because if not we have to enter on each server and copy the keys one and one. for me this was my mistake and the issue can be closed, I really want to know the opinion from the laravel team then maybe this can be a pr to ad that option

@Sephster
Copy link
Contributor

Sephster commented Jun 5, 2018

I don't know if this would ever be covered by Passport. Laravel tends to be geared towards a single server set up solution. That's not to say it can't be deployed on multiple servers, but there is little covering this scenario in the docs as far as I can tell.

@cendekia
Copy link

Yes, I found that the problem was a multiple keys problem, now since passport 6.0.2 the keys can be set in env file i was thinking that the passport:keys command check for keys on env file before create new set of keys, maybe we an add an option for check for the keys in the emv when we create the key set because if not we have to enter on each server and copy the keys one and one. for me this was my mistake and the issue can be closed, I really want to know the opinion from the laravel team then maybe this can be a pr to ad that option

In laravel 5.7 there is loadKeysFrom method in passport

@3alampro 3alampro mentioned this issue May 21, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@driesvints @Sephster @cendekia @Artessan