passport: Error in authenticateViaBearerToken (BearerTokenValidator.php) "The JWT string must have two dots"

I have {error: “Unauthenticated.”} when GET /api/user

headers: Accept:application/json Authorization:Bearer 16dd63d4ba079478273850acac2fd1a9c9d46ee26dba31a8b12cc3ffbbbe871f7e742fef6c1f492a …

SELECT * FROM oauth_access_tokens

16dd63d4ba079478273850acac2fd1a9c9d46ee26dba31a8b12cc3ffbbbe871f7e742fef6c1f492a 1 1 Site [] 0 2016-08-28 21:45:07 2016-08-28 21:45:07 2116-08-28 21:45:07

and catch OAuthServerException

OAuthServerException {#196 -httpStatusCode: 401 -errorType: “access_denied” -hint: “The JWT string must have two dots” -redirectUri: null #message: “The resource owner or authorization server denied the request.” #code: 9 #file: “/home/vagrant/code/givman/vendor/league/oauth2-server/src/Exception/OAuthServerException.php” #line: 165

League\OAuth2\Server\Exception\OAuthServerException: The resource owner or authorization server denied the request. in /home/vagrant/code/givman/vendor/league/oauth2-server/src/Exception/OAuthServerException.php:165 Stack trace: #0 /home/vagrant/code/givman/vendor/league/oauth2-server/src/AuthorizationValidators/BearerTokenValidator.php(77): League\OAuth2\Server\Exception\OAuthServerException::accessDenied(‘The JWT string …’) #1 /home/vagrant/code/givman/vendor/league/oauth2-server/src/ResourceServer.php(82): League\OAuth2\Server\AuthorizationValidators\BearerTokenValidator->validateAuthorization(Object(Zend\Diactoros\ServerRequest)) #2 /home/vagrant/code/givman/vendor/laravel/passport/src/Guards/TokenGuard.php(109): League\OAuth2\Server\ResourceServer->validateAuthenticatedRequest(Object(Zend\Diactoros\ServerRequest)) #3 /home/vagrant/code/givman/vendor/laravel/passport/src/Guards/TokenGuard.php(89): Laravel\Passport\Guards\TokenGuard->authenticateViaBearerToken(Object(Illuminate\Http\Request)) #4 /home/vagrant/code/givman/vendor/laravel/passport/src/PassportServiceProvider.php(207): Laravel\Passport\Guards\TokenGuard->user(Object(Illuminate\Http\Request)) #5 [internal function]: Laravel\Passport\PassportServiceProvider->Laravel\Passport{closure}(Object(Illuminate\Http\Request)) #6 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Auth/RequestGuard.php(53): call_user_func(Object(Closure), Object(Illuminate\Http\Request)) #7 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Auth/GuardHelpers.php(49): Illuminate\Auth\RequestGuard->user() #8 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php(61): Illuminate\Auth\RequestGuard->check() #9 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php(41): Illuminate\Auth\Middleware\Authenticate->authenticate(Array) #10 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(137): Illuminate\Auth\Middleware\Authenticate->handle(Object(Illuminate\Http\Request), Object(Closure), ‘api’) #11 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(33): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}(Object(Illuminate\Http\Request)) #12 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Middleware/SubstituteBindings.php(41): Illuminate\Routing\Pipeline->Illuminate\Routing{closure}(Object(Illuminate\Http\Request)) #13 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(137): Illuminate\Routing\Middleware\SubstituteBindings->handle(Object(Illuminate\Http\Request), Object(Closure)) #14 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(33): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}(Object(Illuminate\Http\Request)) #15 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Middleware/ThrottleRequests.php(48): Illuminate\Routing\Pipeline->Illuminate\Routing{closure}(Object(Illuminate\Http\Request)) #16 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(137): Illuminate\Routing\Middleware\ThrottleRequests->handle(Object(Illuminate\Http\Request), Object(Closure), ‘60’, ‘1’) #17 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(33): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}(Object(Illuminate\Http\Request)) #18 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(104): Illuminate\Routing\Pipeline->Illuminate\Routing{closure}(Object(Illuminate\Http\Request)) #19 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Router.php(644): Illuminate\Pipeline\Pipeline->then(Object(Closure)) #20 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Router.php(618): Illuminate\Routing\Router->runRouteWithinStack(Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request)) #21 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Router.php(596): Illuminate\Routing\Router->dispatchToRoute(Object(Illuminate\Http\Request)) #22 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(267): Illuminate\Routing\Router->dispatch(Object(Illuminate\Http\Request)) #23 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http{closure}(Object(Illuminate\Http\Request)) #24 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(46): Illuminate\Routing\Pipeline->Illuminate\Routing{closure}(Object(Illuminate\Http\Request)) #25 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(137): Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode->handle(Object(Illuminate\Http\Request), Object(Closure)) #26 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(33): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}(Object(Illuminate\Http\Request)) #27 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(104): Illuminate\Routing\Pipeline->Illuminate\Routing{closure}(Object(Illuminate\Http\Request)) #28 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(149): Illuminate\Pipeline\Pipeline->then(Object(Closure)) #29 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(116): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter(Object(Illuminate\Http\Request)) #30 /home/vagrant/code/givman/public/index.php(53): Illuminate\Foundation\Http\Kernel->handle(Object(Illuminate\Http\Request)) #31 {main}

About this issue

  • Original URL
  • State: closed
  • Created 8 years ago
  • Comments: 26

Commits related to this issue

Most upvoted comments

Ha ha, after almost 2 days of researching … same here 😵 …

+4
vkovic on Jan 9, 2017

omg I feel so ashamed… I was copy pasting just a part of the token and not all of it.

cc @urizev @novs

+3
dimsav on Sep 8, 2016

Wow, it works. Thank you for your support @goDamri

+2
anususmi on Jul 30, 2018

The same for me

+2
L0renzo on Feb 23, 2017

OMG!! 😵😵😵 Same for me!! Double click selection and and my stupidity… At least I hope it helps other people Thanks @dimsav.

+2
urizev on Sep 8, 2016

Hi there, I experience the exact same issue randomly. I don’t understand the way to solve it. Of course adding “OauthServerException” to “$dontReport” will hide the issue, but this is a patch not a bug fixing. I am looking for a real solution! Thanks!

+1
profexpress on Sep 30, 2022

@anususmi use dontReport to exclude exception of OauthServerException being logged

+1
godamri on Jul 28, 2018

I did copied it completely and the error is still there. https://github.com/laravel/passport/issues/349

+1
libasoles on Apr 14, 2017

Has anyone managed to solve the problem? In my case some users access and others do not

+1
ViniciusBabugia on Mar 8, 2017
Read more comments on GitHub
← passport: CreateFreshApiToken don't create the laravel_token cookie
passport: {"error":"invalid_client","message":"Client authentication failed"} →