Laravel Passport invalid_grant for password grant_type
Asked Answered
U

3

5

I've been trying to create an access_token for my api. I've followed the setup and am using Postman to test/create a token. I can't seem to get past an invalid_grant error.

I've tried what seems like every combination I've been able to find without any luck. Here is my setup:

Sending a POST request to: http://mywebsite.local/oauth/token

In the body, I am setting form-data to this (name/value):

grant_type      password
client_id       1
client_secret   <super_long_string>
username        [email protected]
password        secret

I've used tinker to create a dummy user:

factory('App\User')->create()

I use the newly created user for my username/password above.

Regardless of what I'm doing (short of not passing anything) this is the error I'm always seeing:

{
    "error": "invalid_grant",
    "error_description": "The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.",
    "hint": "",
    "message": "The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."
}

I've read many times this means the grant_type I'm trying to get doesn't match up to the client. I'm using php artisan passport:client --password to create the client, so I don't understand why it's invalid. I only have one client, so I know I'm using the correct id. This issue seems like the same thing, I am seeing but has since been closed.

For my headers I'm only setting Content-Type application/json, and I have nothing set for Authorization headers.

I'm not sure what else to try. Thank you for any suggestions!

Usurious answered 8/2, 2020 at 3:11 Comment(0)
M
7

as it is stated here, from the 5.8 version the default password "secret" has beeen updated to "password". so you are entering the old password.

Millhon answered 12/2, 2020 at 15:25 Comment(1)
The level of silly and embarrassment I feel right now is off the charts. Thank you for humoring me.Usurious
C
3

Try to hash your password for the user. At first I think the password needs to be at least 8 characters long. Then, e.g. if you use "test1234" as the password for the created user, go to your terminal and type:

>> php artisan tinker

>> echo bcrypt('test1234')

Copy the output and save it in the password database column of your created user instead of test1234. Now your post request to http://mywebsite.local/oauth/token should work.

Commander answered 24/4, 2020 at 12:10 Comment(0)
M
0

I faced the same problem in laravel 8 and I solve it by reinstalling laravel passport

these are the steps:

1- comment this line in AuthServiceProvider.php

if (! $this->app->routesAreCached()) {       
   //Passport::routes();
}

2- in composer.json delete this following line:

 "laravel/passport": "^xx.x",

3- run these commands:

composer dump-autoload
composer update
php artisan migrate:fresh

now we are going to install laravel passport 4- run these commands:

composer require laravel/passport
php artisan migrate
php artisan passport:install --force

5- in AuthServiceProvider.php add these lines:

use Laravel\Passport\Passport;
class AuthServiceProvider extends ServiceProvider
{
    protected $policies = [
        'App\Models\Model' => 'App\Policies\ModelPolicy',
    ];

    public function boot()
    {
        $this->registerPolicies();

        if (! $this->app->routesAreCached()) {
            
            Passport::routes();
        }
    }
}

6- in config\auth.php add these codes:

    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],
        'api' => [
            'driver' => 'passport',
            'provider' => 'users',
        ],
    ],

finish, after these steps, laravel-passport is working well

Mcelrath answered 8/11, 2021 at 9:46 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.