总是收到“消息”:“未经身份验证”。- Laravel 护照
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/49445559/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Always got "message": "Unauthenticated." - Laravel Passport
提问by Kasnady
I had find many tutorial this whole day. And my setup is exactly the same as all the basic tutorial out there.
我一整天都找到了很多教程。我的设置与所有基本教程完全相同。
Currently, i'm able to access http://localhost/oauth/tokenwith successfully return token to me.
目前,我可以http://localhost/oauth/token成功地将令牌返回给我进行访问。
After that, i'm using ARC (Advanced Rest Client) to do the testing of calling my own api.
之后,我使用ARC(Advanced Rest Client)来测试调用我自己的api。
I had passed header such as
我已经通过了标题,例如
Authorization: Bearer the_token_here
accept: application/json
From that header, I just wanted to access the default API provided by laravel /user.
从该标头中,我只想访问 laravel 提供的默认 API /user。
But, I always got response of { "message": "Unauthenticated." }
但是,我总是得到回应 { "message": "Unauthenticated." }
Refer this tutorial https://itsolutionstuff.com/post/laravel-5-how-to-create-api-authentication-using-passport-example.html
I'm able to do login as per tutorial, but i'm unable to get data by endpoint details. It returning response of { "message": "Unauthenticated." }
我可以按照教程进行登录,但我无法通过端点获取数据details。它返回响应{ "message": "Unauthenticated." }
My route of api.php
我的路线 api.php
Route::group(['prefix' => 'v1', 'middleware' => 'auth:api'], function(){
Route::get('/user', function( Request $request ){
return $request->user();
});
});
By the way, there are no error message in laravel.log and i had set to Debug mode
顺便说一句,laravel.log 中没有错误消息,我已经设置为调试模式
UPDATE Thanks to Comment point out by Mayank
更新 感谢 Mayank 指出的评论
League\OAuth2\Server\Exception\OAuthServerException: The resource owner or authorization server denied the request. in /.../vendor/league/oauth2-server/src/Exception/OAuthServerException.php:173
Stack trace:
#0 /.../vendor/league/oauth2-server/src/AuthorizationValidators/BearerTokenValidator.php(59): League\OAuth2\Server\Exception\OAuthServerException::accessDenied('Missing "Author...')
#1 /.../vendor/league/oauth2-server/src/ResourceServer.php(82): League\OAuth2\Server\AuthorizationValidators\BearerTokenValidator->validateAuthorization(Object(Zend\Diactoros\ServerRequest))
#2 /.../vendor/laravel/passport/src/Http/Middleware/CheckClientCredentials.php(46): League\OAuth2\Server\ResourceServer->validateAuthenticatedRequest(Object(Zend\Diactoros\ServerRequest))
回答by Kasnady
In order to get detail error message of the causes, you need to go to CheckClientCredentialsclass detail as below
为了获得原因的详细错误消息,您需要转到CheckClientCredentials类详细信息,如下所示
public function handle($request, Closure $next, ...$scopes)
{
$psr = (new DiactorosFactory)->createRequest($request);
try {
$psr = $this->server->validateAuthenticatedRequest($psr);
} catch (OAuthServerException $e) {
error_log($e->getHint()); // add this line to know the actual error
throw new AuthenticationException;
}
$this->validateScopes($psr, $scopes);
return $next($request);
}
Based on the error message. in my question.
根据错误信息。在我的问题中。
The solution is adding this to .htaccessof root folder (not only inside the public folder)
解决方案是将此添加到.htaccess根文件夹(不仅在公共文件夹内)
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
There's also a note in the official documents refer here
官方文档中还有一个注释请参考这里
Without above configuration, the Authorizationheader will be ignored during call from anywhere to app. Once ignored, inside class will unable to retrieve this header data
如果没有以上配置,则Authorization在从任何地方调用应用程序时将忽略标头。一旦忽略,内部类将无法检索此标头数据
回答by Savlon
In the event you've tried everything and nothing seems to work, try clearing your configuration cache. I spent two days reinstalling passport, following a billion tutorials, creating test projects etc. all to eventually realise I needed to clear my cache
如果您尝试了所有方法但似乎没有任何效果,请尝试清除配置缓存。我花了两天时间重新安装通行证,遵循十亿个教程,创建测试项目等,最终意识到我需要清除缓存
php artisan config:cache
php artisan config:cache
回答by Emitate
In case anyone has the same problem, and the selected solution do not solve it. Check the following:
万一有人遇到同样的问题,并且选择的解决方案没有解决它。检查以下内容:
1) Check you are sending the X-CSRF-TOKEN in the header of the request. In my case i? using vue with axios:
1) 检查您是否在请求的标头中发送 X-CSRF-TOKEN。在我的情况下,我?将 vue 与 axios 结合使用:
let token = window.$('meta[name="csrf-token"]').attr('content');
window.axios.defaults.headers.common['X-CSRF-TOKEN'] = token;
If you are sending it, try changing the following value in vendor/laravel/passport/src/Passport.phpline 125 (may change)
如果您要发送它,请尝试更改vendor/laravel/passport/src/Passport.php第 125 行中的以下值(可能会更改)
From Trueto False
从真到假
public static $unserializesCookies = false;
The issue may be similar to the one in https://github.com/laravel/passport/issues/452
该问题可能与https://github.com/laravel/passport/issues/452 中的问题类似
An explanation about serialization is in the issue
关于序列化的解释在问题中
UPDATE 01/02/2020
更新 01/02/2020
As Zac Griersoncommented, vendors files should not be modified as they will change in the following
正如 Zac Grierson评论的那样,不应修改供应商文件,因为它们将在以下内容中发生变化
composer update
作曲家更新
mickspfound a better solution: "add protected static $serialize = false; to your app/Http/Middleware/EncryptCookies.php. Then remove your browser cookies."
micksp找到了一个更好的解决方案:“将受保护的静态 $serialize = false; 添加到您的 app/Http/Middleware/EncryptCookies.php。然后删除您的浏览器 cookie。”
