3

So, I have created a site using Laravel 5.3 and I have installed passport.

As far as I can see everything is working just fine with the install and the Vue components to create a token etc.

I have created a personal token in my user area and attempted to use that to authorise with the API but I am getting 401 unauthorised every time.

My headers with the request in postman Postman header settings

Am i missing something with the settings here?

I have also tried following the oauth flow in a seperate "consumer.dev" and im getting unauthorised errors there aswell.

I have checked the contents of my config/auth.php and that has the correct driver declaration. 

  'api' => [
        'driver' => 'passport',
        'provider' => 'users',
    ],

I am a touch confused where to go from here. Any help is appreciated.

James mcconnon
  • 579
  • 5
  • 23

2 Answers2

2

Ok so thanks a ton jemaclus from laravel.io chat for this fix.

I will search again to find the page, but he directed me to a page that showed that if you use apache with the JWT token package used in passport, it strips the Authorization header out of the request without some modification to the virtual host in apache.

As a result i switched back to nginx (moved back to using homestead) and all requests in the same project worked perfectly!

In my case i was using Laragon as a test environment (ships with apache on-board, and not nginx)

James mcconnon
  • 579
  • 5
  • 23
  • Seem like everyone just say switch to Nginx no matter where I searched, Can anyone just give the solution for fixing this with Apache? – snowpolar Oct 31 '16 at 11:18
  • I am trying to find the page, but there was a snippet that you can put in your virtual host block to fix it as far as I can remember. – James mcconnon Nov 10 '16 at 11:20
2

Put this into your vhost conf file

RewriteEngine On

RewriteCond %{HTTP:Authorization} ^(.+)$

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

turtec
  • 51
  • 2