passport: The payload is invalid while decrypting JWT payload

DecryptException in Encrypter.php line 144:
The payload is invalid.

/vendor/laravel/passport/src/Guards/TokenGuard.php:198

while executing: $this->encrypter->decrypt($this->token) I’ve got error while executing code below looks fine.

dd($this->encrypter, $this->token, (array) JWT::decode(
    ($this->token), 
    $this->encrypter->getKey(), ['HS256']
));


Encrypter {#393
  #key: b"‘=½Ô8î\x12XŸ)0ë’Ç8ÉZ\v9y¤~þU'ß\x06{²¬\x0F\x1A"
  #cipher: "AES-256-CBC"
}
"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOjI1NjY1LCJjc3JmIjoiUWRaSWNGSTZTQ3JjbTYyNGRTTk1MVDlacUZ0Z2pEOUk0ZE9nUjZNbyIsImV4cGlyeSI6MTQ4MDI5MTM5Mn0.ZGQ5__JTz4r6tW2E5ST_GL7ATvDa2N06iYRN-D_0hwQ"
array:3 [
  "sub" => 25665
  "csrf" => "QdZIcFI6SCrcm624dSNMLT9ZqFtgjD9I4dOgR6Mo"
  "expiry" => 1480291392
]

Do I use bad encrypter or what?

About this issue

  • Original URL
  • State: closed
  • Created 8 years ago
  • Reactions: 1
  • Comments: 17 (1 by maintainers)

Most upvoted comments

@craigpaul – just to follow up, I recently upgraded our application from Laravel 5.2 to 5.3. As an interim step, I had to use web middleware on our API routes. After adding the HasApiToken trait to the User and switching our API routes back to using the api middleware, our application is now fully operational. Appreciate the quick responses!

+2
righter on Dec 23, 2016

@mbm-rafal oh man, never even thought about this, but you’re not encrypting your “cookie” because it’s not being sent as a cookie, it’s being sent in the JSON so of course it doesn’t work. If you encrypt the $cookie->getValue() then it would return the proper array. Now all that being said, I think you might want to rethink how you are trying to use this.

The CreateFreshApiToken middleware definitely is useless under API routes as it only attaches cookies to instances of Illuminate\Http\Response, but in your case, you’re sending an Illuminate\Http\JsonResponse instance. If you really need to go this route, I suppose you could just encrypt the $cookie->getValue() and send that. Either way, I don’t think this is really an issue with Passport, we should probably close this and move the convo to Laracasts.

+1
craigpaul on Dec 24, 2016
Read more comments on GitHub
← passport: "storage/oauth-private.key" does not exist or is not readable.
passport: Your requirements could not be resolved to an installable set of packages →