phplaravellaravel-5oauth

Laravel Passport Password Grant - Client authentication failed


After hearing a lot about laravel passport, i thought of implementing it into my new project where my requirement is to create an API that'll be used in a mobile app.

So my mobile app is a client, which will further have its users.

I followed the steps mentioned by Taylor and also read about it here. In a nutshell I followed these steps:

  1. Installed laravel/passport.
  2. Created a website user.
  3. Generated passport keys php artisan passport:install
  4. Generated client_id and client_secret using php artisan passport:client
  5. Added redirection and callback routes in web.php
  6. Authorized the user and got the final access token.

Then I tried calling api/user( with Header Authorization containing value Bearer eyJ0eXAiOiJKV1...(token)

I received the data. Pretty simple and neat.

But my app users won't have these details. So I thought of configuring Password Grant Tokens which fits perfectly in my requirement.

Now starts the real headache. I've been trying to set this up for the last 3 days and continuously getting

{"error":"invalid_client","message":"Client authentication failed"}

I've tried almost every guide I followed online: Redirection Issues, Add Atleast One Scope Solution, P100Y Issue etc.

But I'm still getting invalid client error. Here's what I'm passing through POSTMAN to oauth/token:

{
    "grant_type": "password",
    "client_id": "3",
    "client_secret": "8BUPCSyYEdsgtZFnD6bFG6eg7MKuuKJHLsdW0k6g",
    "username": "test@gmail.com",
    "password": "123456",
    "scope": ""
}

Any help would be appreciated.


Solution

  • Check your credentials first if they are correct, Secondly check your model table which uses \Laravel\Passport\HasApiTokens trait that whether it contains email column, because by default it is used to identify user when validating credentials. if your table has username column or any other column which is used in validating credentials you must define a function findForPassport in that model. like this,

    public function findForPassport($username) {
           return self::where('username', $username)->first(); // change column name whatever you use in credentials
        }
    

    I use username and password column to validate a user, in {project_directory}\vendor\laravel\passport\src\Bridge\UserRepository.php

    this function validates your credentials,

    public function getUserEntityByUserCredentials($username, $password, $grantType, ClientEntityInterface $clientEntity)
        {
            if (is_null($model = config('auth.providers.users.model'))) {
                throw new RuntimeException('Unable to determine user model from configuration.');
            }
    
            if (method_exists($model, 'findForPassport')) { // if you define the method in that model it will grab it from there other wise use email as key 
                $user = (new $model)->findForPassport($username);
            } else {
                $user = (new $model)->where('email', $username)->first();
            }
    
            if (! $user || ! $this->hasher->check($password, $user->password)) {
                return;
            }
    
            return new User($user->getAuthIdentifier());
        }
    

    notice the second if statement and you will get to know what is happening there.

    hope this help :)