401使用Laravel Passport的持有人令牌未经授权

Question

So, I have created a site using Laravel 5.3 and I have installed passport.

As far as I can see everything is working just fine with the install and the Vue components to create a token etc.

I have created a personal token in my user area and attempted to use that to authorise with the API but I am getting 401 unauthorised every time.

My headers with the request in postman

Am i missing something with the settings here?

I have also tried following the oauth flow in a seperate "consumer.dev" and im getting unauthorised errors there aswell.

I have checked the contents of my config/auth.php and that has the correct driver declaration.

  'api' => [
        'driver' => 'passport',
        'provider' => 'users',
    ],

I am a touch confused where to go from here. Any help is appreciated.

Answer 1

Ok so thanks a ton jemaclus from laravel.io chat for this fix.

I will search again to find the page, but he directed me to a page that showed that if you use apache with the JWT token package used in passport, it strips the Authorization header out of the request without some modification to the virtual host in apache.

As a result i switched back to nginx (moved back to using homestead) and all requests in the same project worked perfectly!

In my case i was using Laragon as a test environment (ships with apache on-board, and not nginx)

Answer 2

Put this into your vhost conf file

RewriteEngine On

RewriteCond %{HTTP:Authorization} ^(.+)$

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]