Summer Sale! All accounts are 50% off this week.

uloncl's avatar

Laravel Passport oauth client session state null before callback

so the docs say to do this

Route::get('/callback', function (Request $request) {
    $state = $request->session()->pull('state');
 
    $codeVerifier = $request->session()->pull('code_verifier');
 
    throw_unless(
        strlen($state) > 0 && $state === $request->state,
        InvalidArgumentException::class
    );
 
    $response = Http::asForm()->post('http://passport-app.test/oauth/token', [
        'grant_type' => 'authorization_code',
        'client_id' => 'client-id',
        'redirect_uri' => 'http://third-party-app.com/callback',
        'code_verifier' => $codeVerifier,
        'code' => $request->code,
    ]);
 
    return $response->json();
});

but for me this throws the invalid argument exception because the state and codeverifier values cant be found in the object returned by the session function, state exists in the request variable.

is this example outdated or have i missed something simple somehow

0 likes
0 replies

Please or to participate in this conversation.