Laravel Echo 'Client can not be authenticated, got HTTP status 405'
Asked Answered
C

1

9

I am able to run laravel-echo-server on my local environment using HTTPS settings just fine. However, it seems that there is an issue on my production server (which is Forge-based):

Client cannot be authenticated, got HTTP status 405

I was able to test the private channel locally via HTTPS, and it worked fine, so it does not look like it is a configuration issue.

I should mention that I am using Laravel Passport and that the request that is causing this error is being thrown on a page that is outside of the regular auth middleware.

Just to make sure it isn't my authentication method, I had it return 'true' in my channel config:

Broadcast::channel('App.User.{id}', function ($user, $id) {
    return (int) $user->id === (int) $id;
});

Broadcast::channel('channelReceiveLiveData.{id}', function ($user, $id) {
    return true;
});

Broadcast::channel('channelReceiveTestState.{id}', function ($id) {
    return true;
});

Here is the version of my echo listener that listens to the private channel:

Echo.private('channelReceiveLiveData.' + this.$route.params.testID)
.listen('liveDataTrigger', (e) => {
    if (!that.state.hasPulledInitialData) {
        console.log('Receiving data before initial pull done');
    }

My laravel-echo-server.json file:

 "authHost": "https://app.test.com",
 "authEndpoint": "/broadcasting/auth",
 "clients": [
            {
                    "appId": "....",
                    "key": "...."
            }
    ],
    "database": "redis",
    "databaseConfig": {
            "redis": {},
            "sqlite": {
                    "databasePath": "/database/laravel-echo-server.sqlite"
            }
    },
    "devMode": false,
    "host": null,
    "port": "6001",
    "protocol": "https",
    "socketio": {},
    "sslCertPath": "/etc/nginx/ssl/app.test.com/ssl/server.crt",
    "sslKeyPath": "/etc/nginx/ssl/app.test.com/ssl/server.key",
    "sslCertChainPath": "",
    "sslPassphrase": "",
    "apiOriginAllow": {
            "allowCors": false,
            "allowOrigin": "",
            "allowMethods": "",
            "allowHeaders": ""
    }
}

Here is the verbose output of laravel-echo-server:

Client can not be authenticated, got HTTP status 405
  socket.io-parser encoding packet {"type":2,"data":["subscription_error","private-channelReceiveTestState.asdf23f",405],"nsp":"/"} +234ms
  socket.io-parser encoded {"type":2,"data":["subscription_error","private-channelReceiveTestState.asdf23f",405],"nsp":"/"} as 2["subscription_error","private-channelReceiveTestState.asdf23f",405] +1ms
  socket.io:client writing packet ["2[\"subscription_error\",\"private-channelReceiveTestState.asdf23f\",405]"] +356ms
  engine:socket sending packet "message" (2["subscription_error","private-channelReceiveTestState.asdf23f",405]) +237ms
  engine:socket flushing buffer to transport +0ms
  engine:polling writing "70:42["subscription_error","private-channelReceiveTestState.asdf23f",405]" +187ms
  engine upgrading existing transport +221ms
  engine:socket might upgrade socket transport from "polling" to "websocket" +36ms
  engine intercepting request for path "/socket.io/" +25ms
  engine handling "GET" http request "/socket.io/?EIO=3&transport=polling&t=MGQq611&sid=6gfNSDGZdH3lXQwZAAAA" +0ms
  engine setting new request for existing client +1ms
  engine:polling setting request +60ms
  engine:socket executing batch send callback +25ms
  engine:ws received "2probe" +0ms
  engine:ws writing "3probe" +1ms
  engine:socket writing a noop packet to polling for fast upgrade +129ms
  engine:polling writing "1:6" +129ms
  engine:ws received "5" +152ms
  engine:socket got upgrade packet - upgrading +50ms
  engine:polling closing +51ms
  engine:polling transport discarded - closing right away +0ms
  engine intercepting request for path "/socket.io/" +838ms
  engine handling "GET" http request "/socket.io/?EIO=3&transport=polling&t=MGQq6E8" +1ms
  engine handshaking client "_glN99nDAdsKhhZBAAAB" +2ms
  engine:socket sending packet "open" ({"sid":"_glN99nDAdsKhhZBAAAB","upgrades":["websocket"],"pingInterval":25000,"pingTimeout":5000}) +663ms
  engine:socket sending packet "message" (0) +3ms
  engine:polling setting request +666ms
  engine:socket flushing buffer to transport +1ms
  engine:polling writing "96:0{"sid":"_glN99nDAdsKhhZBAAAB","upgrades":["websocket"],"pingInterval":25000,"pingTimeout":5000}2:40" +0ms
  engine:socket executing batch send callback +1ms
  socket.io:server incoming connection with id _glN99nDAdsKhhZBAAAB +1s
  socket.io:client connecting to namespace / +910ms
  socket.io:namespace adding socket to nsp / +1s
  socket.io:socket socket connected - writing packet +1s
  socket.io:socket joining room _glN99nDAdsKhhZBAAAB +0ms
  socket.io:socket packet already sent in initial handshake +1ms
  socket.io:socket joined room _glN99nDAdsKhhZBAAAB +0ms
  engine intercepting request for path "/socket.io/" +65ms
  engine handling "POST" http request "/socket.io/?EIO=3&transport=polling&t=MGQq6FB&sid=_glN99nDAdsKhhZBAAAB" +1ms
  engine setting new request for existing client +0ms
  engine:polling received "133:42["subscribe",{"channel":"channelReceiveLiveData.3","auth":{"headers":{"X-CSRF-TOKEN":"6qYUDXsZb7dKnqjOfOdmucoCw9bHi5OiqMIVQoRt"}}}]" +62ms
  engine:socket packet +62ms
  socket.io-parser decoded 2["subscribe",{"channel":"channelReceiveLiveData.3","auth":{"headers":{"X-CSRF-TOKEN":"6qYUDXsZb7dKnqjOfOdmucoCw9bHi5OiqMIVQoRt"}}}] as {"type":2,"nsp":"/","data":["subscribe",{"channel":"channelReceiveLiveData.3","auth":{"headers":{"X-CSRF-TOKEN":"6qYUDXsZb7dKnqjOfOdmucoCw9bHi5OiqMIVQoRt"}}}]} +971ms
  socket.io:socket got packet {"type":2,"nsp":"/","data":["subscribe",{"channel":"channelReceiveLiveData.3","auth":{"headers":{"X-CSRF-TOKEN":"6qYUDXsZb7dKnqjOfOdmucoCw9bHi5OiqMIVQoRt"}}}]} +59ms
  socket.io:socket emitting event ["subscribe",{"channel":"channelReceiveLiveData.3","auth":{"headers":{"X-CSRF-TOKEN":"6qYUDXsZb7dKnqjOfOdmucoCw9bHi5OiqMIVQoRt"}}}] +0ms
  socket.io:socket dispatching an event ["subscribe",{"channel":"channelReceiveLiveData.3","auth":{"headers":{"X-CSRF-TOKEN":"6qYUDXsZb7dKnqjOfOdmucoCw9bHi5OiqMIVQoRt"}}}] +1ms
  socket.io:socket joining room channelReceiveLiveData.3 +0ms
  socket.io:socket joined room channelReceiveLiveData.3 +0ms
  engine intercepting request for path "/socket.io/" +5ms
  engine handling "GET" http request "/socket.io/?EIO=3&transport=polling&t=MGQq6FD&sid=_glN99nDAdsKhhZBAAAB" +0ms
  engine setting new request for existing client +0ms
  engine:polling setting request +5ms
  engine upgrading existing transport +118ms
  engine:socket might upgrade socket transport from "polling" to "websocket" +122ms
  engine:ws received "2probe" +900ms
  engine:ws writing "3probe" +1ms
  engine:socket writing a noop packet to polling for fast upgrade +149ms
  engine:polling writing "1:6" +268ms
  engine:ws received "5" +150ms
  engine:socket got upgrade packet - upgrading +50ms
  engine:polling closing +49ms
  engine:polling transport discarded - closing right away +1ms
  socket.io:client client close with reason transport close +10s
  socket.io:socket closing socket - reason transport close +10s
  engine intercepting request for path "/socket.io/" +10s
  engine handling "GET" http request "/socket.io/?EIO=3&transport=polling&t=MGQq8qd" +1ms
  engine handshaking client "rbDPCyhJNywypMPLAAAC" +0ms
  engine:socket sending packet "open" ({"sid":"rbDPCyhJNywypMPLAAAC","upgrades":["websocket"],"pingInterval":25000,"pingTimeout":5000}) +10s
  engine:socket sending packet "message" (0) +0ms
  engine:polling setting request +10s
  engine:socket flushing buffer to transport +1ms
  engine:polling writing "96:0{"sid":"rbDPCyhJNywypMPLAAAC","upgrades":["websocket"],"pingInterval":25000,"pingTimeout":5000}2:40" +1ms
  engine:socket executing batch send callback +0ms
  socket.io:server incoming connection with id rbDPCyhJNywypMPLAAAC +11s
  socket.io:client connecting to namespace / +584ms
  socket.io:namespace adding socket to nsp / +11s
  socket.io:socket socket connected - writing packet +585ms
  socket.io:socket joining room rbDPCyhJNywypMPLAAAC +0ms
  socket.io:socket packet already sent in initial handshake +1ms
  socket.io:socket joined room rbDPCyhJNywypMPLAAAC +0ms
  engine intercepting request for path "/socket.io/" +96ms
  engine handling "GET" http request "/socket.io/?EIO=3&transport=polling&t=MGQq8s8&sid=rbDPCyhJNywypMPLAAAC" +0ms
  engine setting new request for existing client +7ms
  engine:polling setting request +101ms
  engine intercepting request for path "/socket.io/" +19ms
  engine handling "POST" http request "/socket.io/?EIO=3&transport=polling&t=MGQq8sY&sid=rbDPCyhJNywypMPLAAAC" +0ms
  engine setting new request for existing client +0ms
  engine:polling received "148:42["subscribe",{"channel":"private-channelReceiveTestState.asdf23f","auth":{"headers":{"X-CSRF-TOKEN":"6qYUDXsZb7dKnqjOfOdmucoCw9bHi5OiqMIVQoRt"}}}]" +20ms
  engine:socket packet +121ms
  socket.io-parser decoded 2["subscribe",{"channel":"private-channelReceiveTestState.asdf23f","auth":{"headers":{"X-CSRF-TOKEN":"6qYUDXsZb7dKnqjOfOdmucoCw9bHi5OiqMIVQoRt"}}}] as {"type":2,"nsp":"/","data":["subscribe",{"channel":"private-channelReceiveTestState.asdf23f","auth":{"headers":{"X-CSRF-TOKEN":"6qYUDXsZb7dKnqjOfOdmucoCw9bHi5OiqMIVQoRt"}}}]} +11s
  socket.io:socket got packet {"type":2,"nsp":"/","data":["subscribe",{"channel":"private-channelReceiveTestState.asdf23f","auth":{"headers":{"X-CSRF-TOKEN":"6qYUDXsZb7dKnqjOfOdmucoCw9bHi5OiqMIVQoRt"}}}]} +118ms
  socket.io:socket emitting event ["subscribe",{"channel":"private-channelReceiveTestState.asdf23f","auth":{"headers":{"X-CSRF-TOKEN":"6qYUDXsZb7dKnqjOfOdmucoCw9bHi5OiqMIVQoRt"}}}] +1ms
  socket.io:socket dispatching an event ["subscribe",{"channel":"private-channelReceiveTestState.asdf23f","auth":{"headers":{"X-CSRF-TOKEN":"6qYUDXsZb7dKnqjOfOdmucoCw9bHi5OiqMIVQoRt"}}}] +0ms
Chamaeleon answered 15/6, 2018 at 5:23 Comment(1)
Where is your listener? Is it on a page which has the csrf token?Retain
C
2

I had the same issue. I updated my authEndpoint variable in laravel-echo-server.json configuration file.

"authEndpoint": "/api/broadcasting/auth",

When I list routes in my project I see this row.

|        | GET|POST|HEAD | api/broadcasting/auth                   |                       | Illuminate\Broadcasting\BroadcastController@authenticate                  | auth:api                                             |

and it authenticates it.

UPDATE With Laravel Framework 7.18.0

|        | GET|POST|HEAD | broadcasting/auth                       |                                   | Illuminate\Broadcasting\BroadcastController@authenticate                  | web        |

P.S. I'm using Laravel Passport with Laravel Echo Server

Curvy answered 6/3, 2019 at 21:41 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.