Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error in authenticateViaBearerToken (BearerTokenValidator.php) "The JWT string must have two dots" #60

Closed
novs opened this issue Aug 29, 2016 · 26 comments

Comments

@novs
Copy link

novs commented Aug 29, 2016

I have {error: "Unauthenticated."}
when GET /api/user

headers:
Accept:application/json
Authorization:Bearer 16dd63d4ba079478273850acac2fd1a9c9d46ee26dba31a8b12cc3ffbbbe871f7e742fef6c1f492a
...

SELECT * FROM oauth_access_tokens

16dd63d4ba079478273850acac2fd1a9c9d46ee26dba31a8b12cc3ffbbbe871f7e742fef6c1f492a 1 1 Site [] 0 2016-08-28 21:45:07 2016-08-28 21:45:07 2116-08-28 21:45:07

and catch OAuthServerException

OAuthServerException {#196
-httpStatusCode: 401
-errorType: "access_denied"
-hint: "The JWT string must have two dots"
-redirectUri: null
#message: "The resource owner or authorization server denied the request."
#code: 9
#file: "/home/vagrant/code/givman/vendor/league/oauth2-server/src/Exception/OAuthServerException.php"
#line: 165

League\OAuth2\Server\Exception\OAuthServerException: The resource owner or authorization server denied the request. in /home/vagrant/code/givman/vendor/league/oauth2-server/src/Exception/OAuthServerException.php:165
Stack trace:
#0 /home/vagrant/code/givman/vendor/league/oauth2-server/src/AuthorizationValidators/BearerTokenValidator.php(77): League\OAuth2\Server\Exception\OAuthServerException::accessDenied('The JWT string ...')
#1 /home/vagrant/code/givman/vendor/league/oauth2-server/src/ResourceServer.php(82): League\OAuth2\Server\AuthorizationValidators\BearerTokenValidator->validateAuthorization(Object(Zend\Diactoros\ServerRequest))
#2 /home/vagrant/code/givman/vendor/laravel/passport/src/Guards/TokenGuard.php(109): League\OAuth2\Server\ResourceServer->validateAuthenticatedRequest(Object(Zend\Diactoros\ServerRequest))
#3 /home/vagrant/code/givman/vendor/laravel/passport/src/Guards/TokenGuard.php(89): Laravel\Passport\Guards\TokenGuard->authenticateViaBearerToken(Object(Illuminate\Http\Request))
#4 /home/vagrant/code/givman/vendor/laravel/passport/src/PassportServiceProvider.php(207): Laravel\Passport\Guards\TokenGuard->user(Object(Illuminate\Http\Request))
#5 [internal function]: Laravel\Passport\PassportServiceProvider->Laravel\Passport{closure}(Object(Illuminate\Http\Request))
#6 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Auth/RequestGuard.php(53): call_user_func(Object(Closure), Object(Illuminate\Http\Request))
#7 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Auth/GuardHelpers.php(49): Illuminate\Auth\RequestGuard->user()
#8 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php(61): Illuminate\Auth\RequestGuard->check()
#9 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php(41): Illuminate\Auth\Middleware\Authenticate->authenticate(Array)
#10 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(137): Illuminate\Auth\Middleware\Authenticate->handle(Object(Illuminate\Http\Request), Object(Closure), 'api')
#11 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(33): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}(Object(Illuminate\Http\Request))
#12 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Middleware/SubstituteBindings.php(41): Illuminate\Routing\Pipeline->Illuminate\Routing{closure}(Object(Illuminate\Http\Request))
#13 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(137): Illuminate\Routing\Middleware\SubstituteBindings->handle(Object(Illuminate\Http\Request), Object(Closure))
#14 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(33): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}(Object(Illuminate\Http\Request))
#15 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Middleware/ThrottleRequests.php(48): Illuminate\Routing\Pipeline->Illuminate\Routing{closure}(Object(Illuminate\Http\Request))
#16 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(137): Illuminate\Routing\Middleware\ThrottleRequests->handle(Object(Illuminate\Http\Request), Object(Closure), '60', '1')
#17 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(33): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}(Object(Illuminate\Http\Request))
#18 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(104): Illuminate\Routing\Pipeline->Illuminate\Routing{closure}(Object(Illuminate\Http\Request))
#19 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Router.php(644): Illuminate\Pipeline\Pipeline->then(Object(Closure))
#20 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Router.php(618): Illuminate\Routing\Router->runRouteWithinStack(Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request))
#21 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Router.php(596): Illuminate\Routing\Router->dispatchToRoute(Object(Illuminate\Http\Request))
#22 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(267): Illuminate\Routing\Router->dispatch(Object(Illuminate\Http\Request))
#23 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http{closure}(Object(Illuminate\Http\Request))
#24 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(46): Illuminate\Routing\Pipeline->Illuminate\Routing{closure}(Object(Illuminate\Http\Request))
#25 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(137): Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode->handle(Object(Illuminate\Http\Request), Object(Closure))
#26 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(33): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}(Object(Illuminate\Http\Request))
#27 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(104): Illuminate\Routing\Pipeline->Illuminate\Routing{closure}(Object(Illuminate\Http\Request))
#28 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(149): Illuminate\Pipeline\Pipeline->then(Object(Closure))
#29 /home/vagrant/code/givman/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(116): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter(Object(Illuminate\Http\Request))
#30 /home/vagrant/code/givman/public/index.php(53): Illuminate\Foundation\Http\Kernel->handle(Object(Illuminate\Http\Request))
#31 {main}

@novs novs closed this as completed Aug 29, 2016
@urizev
Copy link

urizev commented Sep 5, 2016

I have the same problem. How do you solved it?

@urizev
Copy link

urizev commented Sep 6, 2016

I get the same problem. How did you solve it? Thanks!

@dimsav
Copy link

dimsav commented Sep 8, 2016

Same here

@dimsav
Copy link

dimsav commented Sep 8, 2016

omg I feel so ashamed... I was copy pasting just a part of the token and not all of it.

cc @urizev @novs

@urizev
Copy link

urizev commented Sep 8, 2016

OMG!! 😵😵😵
Same for me!! Double click selection and and my stupidity...
At least I hope it helps other people
Thanks @dimsav.

@martinbean
Copy link

I’m having the same issue, and I’m copying the access token properly.

@dimsav
Copy link

dimsav commented Sep 14, 2016

Write tests to be 100% sure

@trevor-sonic
Copy link

trevor-sonic commented Sep 16, 2016

"The JWT string must have two dots" for me too :-/
I just use the same encrypted string to decryption

@mehranhadidi
Copy link

wtf. same me. token didn't copied completely 😮

@vkovic
Copy link

vkovic commented Jan 9, 2017

Ha ha, after almost 2 days of researching ... same here 😵 ...

@L0renzo
Copy link

L0renzo commented Feb 23, 2017

The same for me

@ViniciusBabugia
Copy link

Has anyone managed to solve the problem? In my case some users access and others do not

@mehranhadidi
Copy link

@ViniciusBabugia the problem was just mistake on copy token.

@libasoles
Copy link

I did copied it completely and the error is still there.
#349

@libasoles
Copy link

Dismiss my comment. I was sending the Authentication header and it's not needed with CreateFreshApiToken feature. That was it.

btw: there's a nice learning tutorial by Taylor here: https://laracasts.com/series/whats-new-in-laravel-5-3/episodes/13

@godamri
Copy link

godamri commented Mar 12, 2018

OMG i use refresh token instead of access token. that's my mistake

@CristianDeluxe
Copy link

If you send Authorization header when it's not needed it will fail.

@anususmi
Copy link

anususmi commented Jul 27, 2018

I am also getting the same error "OAuthServerException" but i know this is because of access_token expired. My question is how do i convert OAuthServerException into an json response for api in laravel.
Any one please tell, How to solve it?
Thank you!!

@godamri
Copy link

godamri commented Jul 27, 2018

@anususmi you can handle it on app\Exceptions\Handler.php

@anususmi
Copy link

anususmi commented Jul 28, 2018

@godamri Thank you, this helps me a lot. But in backend there was an Exception.

local.ERROR: The resource owner or authorization server denied the request. {"exception":"[object] (League\OAuth2\Server\Exception\OAuthServerException(code: 9): The resource owner or authorization server denied the request. at /home/www/testproject.com/vendor/league/oauth2-server/src/Exception/OAuthServerException.php:173)
[stacktrace]
#0 /home/www/testproject.com/vendor/league/oauth2-server/src/AuthorizationValidators/BearerTokenValidator.php(82): League\OAuth2\Server\Exception\OAuthServerException::accessDenied('Access token ha...')
#1 /home/www/testproject.com/vendor/league/oauth2-server/src/ResourceServer.php(82): League\OAuth2\Server\AuthorizationValidators\BearerTokenValidator->validateAuthorization(Object(Zend\Diactoros\ServerRequest)).....

I want to catch this exception, because this Exception always comes when the access_token expired.
Can you also please help me to solve this..

@godamri
Copy link

godamri commented Jul 28, 2018

@anususmi use dontReport to exclude exception of OauthServerException being logged

@anususmi
Copy link

Wow, it works. Thank you for your support @godamri

@anususmi
Copy link

anususmi commented Aug 7, 2018

Anyone help me about this issue...... Refresh token code in laravel 5.5 #793

@sadeghgit
Copy link

In my header there is HTTP/1.0 and in the splitJwt it explodes the header by dot. and guess what!

@sadeghgit
Copy link

I solved it in my case! my issue was when I was decoding the token, I was passing the whole header to the function. So What I did, got the content of the header, json decoded, got the token value from it and passed it to the lexik jwt decoder.

@profexpress
Copy link

Hi there, I experience the exact same issue randomly.
I don't understand the way to solve it.
Of course adding "OauthServerException" to "$dontReport" will hide the issue, but this is a patch not a bug fixing.
I am looking for a real solution!
Thanks!

utsavsomaiya added a commit to utsavsomaiya/passport that referenced this issue Aug 31, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests