Menu
After I updated the following packages I got an error that the oauth-public.key file couldn't be found.
Package operations: 1 install, 2 updates, 0 removals
Updating laravel/framework (v5.4.27 => v5.4.28): Downloading (100%)
Installing defuse/php-encryption (v2.1.0): Downloading (100%)
Updating league/oauth2-server (5.1.3 => 5.1.4): Downloading (100%)
Firstly I deleted the two oauth- files in project/storage and then executed this command: php artisan passport:install to generate new oauth- files.
Now I get the following error when trying to access an api route.
(1/1) ErrorException chmod(/var/dev/project/storage/oauth-public.key): Operation failed: Operation not permitted
Stack trace
in CryptKey.php (line 51)
at HandleExceptions->handleError(2, 'chmod(/var/dev/project/storage/oauth-public.key): Operation failed: Operation not permitted', '/var/dev/project/vendor/league/oauth2-server/src/CryptKey.php', 51, array('keyPath' => 'file:///var/dev/project/storage/oauth-public.key', 'passPhrase' => null, 'keyPathPerms' => '644'))
at chmod('file:///var/dev/project/storage/oauth-public.key', 384) in CryptKey.php (line 51)
at CryptKey->__construct('file:///var/dev/project/storage/oauth-public.key') in ResourceServer.php (line 50)
File permissions
-rw-r--r-- user:user oauth-private.key
-rw-r--r-- user:user oauth-public.key
Update 1
I found out that oauth Libaray introduced a security fix. Oauth V5 Security Improvements
Version 5.1.4 is a backwards compatbile with other 5.1.x releases.
You will notice in your server logs a message like this:
You must set the encryption key going forward to improve the security of this library - see this page for more information https://oauth2.thephpleague.com/v5-security-improvements/
To supress this notice once you have instantiated an instance of \League\OAuth2\Server\AuthorizationServer you should call the setEncryptionKey() method passing in at least 32 bytes of random data.
You can generate this using base64_encode(random_bytes(32)). Alternatively if you’re using a framework such as Laravel which has a encryption key already generated you can pass in that (in the case of Laravel use env('APP_KEY')).
Problem is that the maintainer of Laravel Passport has to fix this.
Update 2
After I removed the vendor folder and executed composer install again I get still the same error.
482
Simply copy and paste them to command line where you run your sail commands and hit enter. After the last composer command completes, you can now a access your application without chmod () flagging an error. WARNING: Please backup your modified Laravel files; especially, routes/web.php before running the above command.
and checking the Docker files in the generated docker folder in your application root. They are actually used by Sail to spin up new containers for your app. If you have anything close to my setup and you encounter the chmod (): Operation not permitted error; simply stop Sail: Wait for all containers to stop running and then bring it back up:
In one project I wanted to upload some images to the public folder. The Laravel documentation says that you should run the php artisan storage:link command in order to symlink the public folder (it maps storage/app/public to public/storage ). By default, uploaded files are private.
The Laravel documentation says that you should run the php artisan storage:link command in order to symlink the public folder (it maps storage/app/public to public/storage ). By default, uploaded files are private.
Try:
sudo chown www-data:www-data storage/oauth-*.key
sudo chmod 600 storage/oauth-*.key
It solves my problem.
131
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
