Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Laravel Passport invalid refresh token - token is not linked to client

Tags:

oauth

laravel

laravel-passport

I'm using Passport on Laravel 5.5, receiving error when trying to refresh access token - only on production server - local dev environment works fine!

This is the error returned:

{
"error": "invalid_request",
"message": "The refresh token is invalid.",
"hint": "Token is not linked to client"
}

I've verified that the tokens and clients exist on the database, are not expired, have not been revoked, are stored correctly etc.

Because the system is a multi-tenant system (with each tenant having it's own database) I did not create passport clients using the command

php artisan passport:client

instead I copied the passport oauth_clients table and contents for each tenant - so that each tenant uses the same client credentials for eg logging in from frontend, logging in from app (but with different endpoints).

I'm at a loss as to why it's working fine on my local machine but not production.

Does anyone know what exactly php artisan passport:client does besides creating a row in oauth_clients table?

I'm thinking that perhaps something more than just copying the oauth_clients table contents is needed..

Any advice appreciated! Thanks

like image 823
jeremyj11 Avatar asked Nov 08 '22 03:11

jeremyj11

1 Answers

Well after digging around in vendor code I fixed the problem by modifying

vendor/league/oauth2-server/src/Grant/RefreshTokenGrant.php

function validateOldRefreshToken

changed

if ($refreshTokenData['client_id'] !== $clientId) {
        $this->getEmitter()->emit(new RequestEvent(RequestEvent::REFRESH_TOKEN_CLIENT_FAILED, $request));
        throw OAuthServerException::invalidRefreshToken('Token is not linked to client');
    }

to

if ($refreshTokenData['client_id'] != $clientId) {
        $this->getEmitter()->emit(new RequestEvent(RequestEvent::REFRESH_TOKEN_CLIENT_FAILED, $request));
        throw OAuthServerException::invalidRefreshToken('Token is not linked to client');
    }

even though $clientId was matching, the function is passed a string (as required) but the $refreshTokenData['client_id'] is an integer.

fml.

like image 194
jeremyj11 Avatar answered Nov 15 '22 10:11

jeremyj11
Sign in to Comment

Related questions

Nested relationship stops working after first result
How to update multiple rows from a single query using eloquent/fluent?
Laravel 5.4 subquery in where condition?
Can I use domain AND port in a routing group in Laravel?
Seed multiple custom rows/entries in ModelFactory Laravel
Laravel form array validation
vuex store losing data on PAGE REGRESH
add custom value for "type" column in laravel default notification table
How Do I Pass Parameters to a Queue?
Selecting ten top categories based on a columnt in another table with eloquent
Laravel migrate error
Using Spatie's Browsershot/Headless Chrome to capture extremely long screenshots
Laravel relationships changing table columns makes undefined property
Where should I be saving a model in Laravel MVC?
Will supervisor gracefully restart all of the queue workers if supervisorctl reload / restart?
Auto populate "Form::text" from "Form::model" after adding extra attribute(class) in Laravel
Laravel configuration file structure
How to stop all validations after the first failure in Laravel?
Laravel Nova - Show/Hide form fields based on a parent Select field
Laravel 6.0 php artisan route:list returns “Target class [App\Http\Controllers\SessionsController] does not exist.”

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!