Laravel Passport invalid_grant for password grant_type

与世无争的帅哥 提交于 2020-07-20 13:34:30

问题


I've been trying to create an access_token for my api. I've followed the setup and am using Postman to test/create a token. I can't seem to get past an invalid_grant error.

I've tried what seems like every combination I've been able to find without any luck. Here is my setup:

Sending a POST request to: http://mywebsite.local/oauth/token

In the body, I am setting form-data to this (name/value):

grant_type      password
client_id       1
client_secret   <super_long_string>
username        my@email.com
password        secret

I've used tinker to create a dummy user:

factory('App\User')->create()

I use the newly created user for my username/password above.

Regardless of what I'm doing (short of not passing anything) this is the error I'm always seeing:

{
    "error": "invalid_grant",
    "error_description": "The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.",
    "hint": "",
    "message": "The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."
}

I've read many times this means the grant_type I'm trying to get doesn't match up to the client. I'm using php artisan passport:client --password to create the client, so I don't understand why it's invalid. I only have one client, so I know I'm using the correct id. This issue seems like the same thing, I am seeing but has since been closed.

For my headers I'm only setting Content-Type application/json, and I have nothing set for Authorization headers.

I'm not sure what else to try. Thank you for any suggestions!


回答1:


as it is stated here, from the 5.8 version the default password "secret" has beeen updated to "password". so you are entering the old password.




回答2:


Try to hash your password for the user. At first I think the password needs to be at least 8 characters long. Then, e.g. if you use "test1234" as the password for the created user, go to your terminal and type:

>> php artisan tinker

>> echo bcrypt('test1234')

Copy the output and save it in the password database column of your created user instead of test1234. Now your post request to http://mywebsite.local/oauth/token should work.



来源:https://stackoverflow.com/questions/60123601/laravel-passport-invalid-grant-for-password-grant-type

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!