Laravel Passport read from ENV how to?

I was just about to post a very big explanation about how to override certain classes to get this functionality......

And then I found this pull request : https://github.com/laravel/passport/pull/683

So adding this in your env file should work (from PassPort 6 and up):

PASSPORT_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----\nMIIJJwIBAAKCAgEAw3KPag...\n-----END RSA PRIVATE KEY-----"
PASSPORT_PUBLIC_KEY="-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOC...\n-----END PUBLIC KEY-----\n"

// or maybe with escaped \  
PASSPORT_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----\nMIIJJwIBAAKCAgEAw3KPag...\n-----END RSA PRIVATE KEY-----"
PASSPORT_PUBLIC_KEY="-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOC...\n-----END PUBLIC KEY-----\n"

@LOSTDREAMER_NL - Strange I have tried this already today.

I will try once more now and post again.

@LOSTDREAMER_NL - This is what I get as an error message. This is example 2048 key.

Laravel still thinks that I provided PATH.

   "class": "LogicException",
   "message": "Key path \"file:\/\/-----BEGIN RSA PRIVATE KEY-----\\\\nMIIEogIBAAKCAQEAsMoM+MJM7+ihh4WyCqu9iJWNlBuSMTZ7ZvSsRnQPWC5JtWm3\\\\nKrrV\/kSJ1oFeaQdZqyoVrCVzMgm6\/j14yx0IA+6AlMZc2DKg2IMbSRKA5RRCPzp\/\\\\nC01I4aMVkZH8KwYZVodmH8TBAKkis5Q8oPxQ5iXsQA6b1P1tFru3IHDUOsBaAl0R\\\\n4l5i1hPcjVeqYQmLIuZSPRm+zLvXCSkBMIUNwGNhRIh7DebCTf1ruDYX7Z2f4dNr\\\\nfO0OXwcNFFeiqiM2\/8HOYEMZE2qQwFcSG8ekUrgzZkpmm1t7OLNsjQ1MdDzOMa+7\\\\ncRWbUzxdBq+iY7in4KRQYwxzgP5+HYOWZn+pPwIDAQABAoIBAD+N42vqLc5xSuB1\\\\nZ7P+WXyohuUfpEac13ADtYr+XiXNPiJBht+NmzB1YzgB+fa39bxavL\/OFsN+TALq\\\\nBmq+XQtMylyxkt8GFFzBhSWXyU6RId+pH9LoTbMP9ckHOigdYS6CLmxtRxT9uMPm\\\\nHoWhL1QNfgjpN4wyLu1lPkgjR6h2tO82\/AjQZh\/6GD0kVtuXWWFaXRquPbQZhBUn\\\\n0ApPgi8G8\/na2HFqP+Wo9V1Jx9+JtzhM1VqvCEmIkh2XnuvOMPdQwjTHCwgRykvU\\\\npw0fNgP4Lw534WVFXH37GEMSP+RiO0QKeM7I2d9+nNEHU+gz1FZvyBBGPrhPWmAM\\\\nTVVL24ECgYEA1bKfMJh1VPAdxcQ8LNP1gRsLuTLkD8gAUk1Uex9sQfLrg8elWwM\/\\\\nUHbVAYO5T3yFaSP3+k14wytVp1Uurlx6owi1yjkNSvUjHiG0zCWlYd\/nhSkH4bpn\\\\ne2\/+J8smuwfYnNHvaBKSlyatoeSQxXTN1980XcWwDRncnCAPYKPzRmcCgYEA08kM\\\\nmb\/++K8bo52YGaw3tk\/2bmQOTTM\/Nf4GtgcEqslIi1VC5MxMVLiM3p6MMyx97pIA\\\\nf57Y1gSn+D0ZK+Y\/K64CcA5sIvf6lBzGwFXb\/QvThC5oKPDf0ByY3NAK3xBmSG2v\\\\nJfrJ2ssFKmdbOUE9bkZpnkt+fH9+K4lruDhST2kCgYALv5U247rXn5fTbpVsVX7S\\\\nyTzcwqp9H56855l0Z2bZPVSrWweBOG17q\/zL54UBlLP08tBIR4gTGsfLukglt9na\\\\nKrlr07UiYNW8a1f4PT2ZYujkjjvrsgbMZ3zOjUGk2KqU\/Imv7A15F9xF4T4ATQqg\\\\nCppjaWHjZn+VacHOq1TNkwKBgAg1RpO+6TbiMoQI25hDIHWka7yjjBpZ3h1Nlxz+\\\\n8KNd4b3ktA8CDANMk8kdA\/oHw2m3puVLVsQUsh3g4FTfO5uJxvZo2LASRFfxNZLG\\\\nwRvxlWUOF2Ne0o3STepg9crna89q0Nr7+U7Nh4m5L8PsT2EywW0tJ93TYyR00wP0\\\\nytvhAoGASMV3RMrZUpOL68KYXiR0UfyoJrPuG78jDUZcgHBVIgUi6VlqBMPXklhc\\\\nTWQ8ApU5amB9T6ZxFiQHvB154bLE091cEiUT7cKgC7CmaEjFr\/23Vm0rg8K87ASu\\\\nCq+wpmAz7t+scwaRDClMaQFidton47YA0l+1BWTlkBhxSMqBbSk=\\\\n-----END RSA PRIVATE KEY-----\" does not exist or is not readable",
   "code": 0…

This is the part of CryptKey that does the work:

    const RSA_KEY_PATTERN =
        '/^(-----BEGIN (RSA )?(PUBLIC|PRIVATE) KEY-----)\R.*(-----END (RSA )?(PUBLIC|PRIVATE) KEY-----)\R?$/s';

    public function __construct($keyPath, $passPhrase = null, $keyPermissionsCheck = true)
    {
        if (preg_match(self::RSA_KEY_PATTERN, $keyPath)) {
            $keyPath = $this->saveKeyToFile($keyPath);
        }
        if (strpos($keyPath, 'file://') !== 0) {
            $keyPath = 'file://' . $keyPath;
        }
        if (!file_exists($keyPath) || !is_readable($keyPath)) {
            throw new LogicException(sprintf('Key path "%s" does not exist or is not readable', $keyPath));
        }

Looking at that, it will first do the regexp to see if you're supplying a key or a path.

If it's a key, it should be saving it to a file for you before using it.

As it's giving you the File Not Found error, I'm guessing the key did not pass that regular expression.

so to do the testing a bit easier:

Route:get('test', function() {
    $key = 'my-private-key-here';

    $pattern = '/^(-----BEGIN (RSA )?(PUBLIC|PRIVATE) KEY-----)\R.*(-----END (RSA )?(PUBLIC|PRIVATE) KEY-----)\R?$/s';

        if (preg_match($pattern, $keyPath)) {
            exit('The key is ok');
        }

    exit('Not ok');
});

Try putting your key in there and try the route /test.

If it says it's not correct, try playing around by replacing the \n in your key with \r I think that's it looking at the regular expression.

As soon as it says it's correct, try it out in your env file.

If it does not work in there, add the \ escapes as well.

@LOSTDREAMER_NL - I could find the code partial inside laravel/passport files.

Here is sample script which does not pass, both single \n and \n.

*

<?php

$key = '-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEA4C3Nfef8vBOejUUzmFJf4zjMXoILkYcqz3dCJsP42rBWxqXj\nrT3fZOY6ub/mVqI43p5YMzvQuowkgXlw6UvmY/A+vislUHKwjP1nDU774mr5RdwI\nKIGTd1Soq1igwfiaZAvqlaDhhSQxVgDY4CmodFPiAq1Uh33M3HuRpYF84kWKNDoR\nl7IeUBF0zSyK0F3XLVASf5IcD6xJVxTNlPk+dff28DQOjQ2Jg7PbysJWH5RCRyz2\n4UkHua70T04u2seGtoNrZKM4Npww5xB/iozo6fs8wmFakmeeLZbRUhwKZ1AXXWdU\npYzZ13bmIEcad8Xq7lhiGDG2BVQEk0I+YtDCwwIDAQABAoIBAQDVRv4vgNwT2t6H\nLIUvr38GX+0fJL340A3Mn3tSAjPpasbD6uM22JyGE/te6NEtLtzH/wGOjKPCNr4s\nZ+siKVGhVtl6dvXjGZoaKKM4KCK/gGJzMiiY0N4JM4PcsE8Q+4F3GVcuz4Z+8rX1\nSo0Khtd7BKsLPPgkh2y1fuJMAWtcoGAiDAyWXrlSHjSXv+sLG+h2n9i58hdBnwps\nVGWWhiRKnJBwjFIruYU5plKsJ0RWYU7LWMT8ZILL+AxHlYZZANRzGeJmfLRulab3\n1EAYkNbrUw8tNVpC6Bcyv8VwBi71BruXLsBeH4ZcFT6r5mnRaRj8pVM1bNQQu4rn\nUStHVBXhAoGBAPYoxrl2vIlZrFHE3Ev7KEk7DQeAYDi1khbYCeUxgGF0Yvh+G3oo\nUDQrPqNDOoeH89r2m85okSNY1wPt1ed71l6b89lONg1FKx/5RV6zdXCSlF2r+mQD\nSaE4nBhTNpNu7vRofkomgvx2jMd0yvx4ig0v/9NqQVjWf4q75CYV25sLAoGBAOkk\nE6R0cT5Gtznzl91dJm4l/o9aoP7rey+AZwK4QDtljD6AKvJAznFThCxKwYI3dfG4\nagDYZR8U8os9F8AdGIBOVZLK0y2S5Ec6ESh1Eqj+v5J+7UanrUpKlzZfdZnOux4v\nn2RckPQeT50I/sypJ6wFz6b/29hT1326582F04opAoGAdQEWzGsa3LJqDQfkqpz8\nHiraW5lyoyHzCbawpWdtHWWD8ZeHmf31eYagpFu9Q1Sk3YxgrLDZZBLDSRPQm9Iq\nKBg6xSy+1nntMKp8hbIJfXO+3/Nx9f32DpLo50sOYu/U1wmgFcDOfBAhhGEIZw8o\nl3IcSLJ10zNJtnjuzgePtdcCgYAOMMD1UJUX+kvqvhXvRl0xdSSSayzDd2fPE1yx\nwK9ALkUkBL8YcbNfGHtCCubOWzvVk6j4FjPJeYfty7EnY137aUkyHyBNdNRqNXGX\n6dBR8veMHiepFkmo7PNZPuQ0kW24P6PPAwdbpICqCUMhB+a/RLdH7ejeuPOz1m2H\nh+7BSQKBgQD0jHw4BBgvuuaFYWKC9fYVz2ZInlMh7NZvUp1RKOyeV4yMdUW9WIG+\n41YTbVHw4Y3qlpouJzQg3Zzzfp1NhSldGnQLqmtLRg2ciOkr+3lHFe0OYkfBPN1e\nITdRN9PpxTbDI96u7ZI6TK1EOLQvii0xGghO8E4jubutbRP3iOcyCQ==\n-----END RSA PRIVATE KEY-----';

$pattern = '/^(-----BEGIN (RSA )?(PUBLIC|PRIVATE) KEY-----)\R.*(-----END (RSA )?(PUBLIC|PRIVATE) KEY-----)\R?$/s';
if (preg_match($pattern, $key)) {
            exit('The key is ok');
        }

    exit('Not ok');

*

Formatting removed some escapes from RSA keys. Maybe this markdown is more proper.

This one worked:

Route::get('test', function() {
    $key = "-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEA4C3Nfef8vBOejUUzmFJf4zjMXoILkYcqz3dCJsP42rBWxqXj\nrT3fZOY6ub/mVqI43p5YMzvQuowkgXlw6UvmY/A+vislUHKwjP1nDU774mr5RdwI\nKIGTd1Soq1igwfiaZAvqlaDhhSQxVgDY4CmodFPiAq1Uh33M3HuRpYF84kWKNDoR\nl7IeUBF0zSyK0F3XLVASf5IcD6xJVxTNlPk+dff28DQOjQ2Jg7PbysJWH5RCRyz2\n4UkHua70T04u2seGtoNrZKM4Npww5xB/iozo6fs8wmFakmeeLZbRUhwKZ1AXXWdU\npYzZ13bmIEcad8Xq7lhiGDG2BVQEk0I+YtDCwwIDAQABAoIBAQDVRv4vgNwT2t6H\nLIUvr38GX+0fJL340A3Mn3tSAjPpasbD6uM22JyGE/te6NEtLtzH/wGOjKPCNr4s\nZ+siKVGhVtl6dvXjGZoaKKM4KCK/gGJzMiiY0N4JM4PcsE8Q+4F3GVcuz4Z+8rX1\nSo0Khtd7BKsLPPgkh2y1fuJMAWtcoGAiDAyWXrlSHjSXv+sLG+h2n9i58hdBnwps\nVGWWhiRKnJBwjFIruYU5plKsJ0RWYU7LWMT8ZILL+AxHlYZZANRzGeJmfLRulab3\n1EAYkNbrUw8tNVpC6Bcyv8VwBi71BruXLsBeH4ZcFT6r5mnRaRj8pVM1bNQQu4rn\nUStHVBXhAoGBAPYoxrl2vIlZrFHE3Ev7KEk7DQeAYDi1khbYCeUxgGF0Yvh+G3oo\nUDQrPqNDOoeH89r2m85okSNY1wPt1ed71l6b89lONg1FKx/5RV6zdXCSlF2r+mQD\nSaE4nBhTNpNu7vRofkomgvx2jMd0yvx4ig0v/9NqQVjWf4q75CYV25sLAoGBAOkk\nE6R0cT5Gtznzl91dJm4l/o9aoP7rey+AZwK4QDtljD6AKvJAznFThCxKwYI3dfG4\nagDYZR8U8os9F8AdGIBOVZLK0y2S5Ec6ESh1Eqj+v5J+7UanrUpKlzZfdZnOux4v\nn2RckPQeT50I/sypJ6wFz6b/29hT1326582F04opAoGAdQEWzGsa3LJqDQfkqpz8\nHiraW5lyoyHzCbawpWdtHWWD8ZeHmf31eYagpFu9Q1Sk3YxgrLDZZBLDSRPQm9Iq\nKBg6xSy+1nntMKp8hbIJfXO+3/Nx9f32DpLo50sOYu/U1wmgFcDOfBAhhGEIZw8o\nl3IcSLJ10zNJtnjuzgePtdcCgYAOMMD1UJUX+kvqvhXvRl0xdSSSayzDd2fPE1yx\nwK9ALkUkBL8YcbNfGHtCCubOWzvVk6j4FjPJeYfty7EnY137aUkyHyBNdNRqNXGX\n6dBR8veMHiepFkmo7PNZPuQ0kW24P6PPAwdbpICqCUMhB+a/RLdH7ejeuPOz1m2H\nh+7BSQKBgQD0jHw4BBgvuuaFYWKC9fYVz2ZInlMh7NZvUp1RKOyeV4yMdUW9WIG+\n41YTbVHw4Y3qlpouJzQg3Zzzfp1NhSldGnQLqmtLRg2ciOkr+3lHFe0OYkfBPN1e\nITdRN9PpxTbDI96u7ZI6TK1EOLQvii0xGghO8E4jubutbRP3iOcyCQ==\n-----END RSA PRIVATE KEY-----";
    $pattern = '/^(-----BEGIN (RSA )?(PUBLIC|PRIVATE) KEY-----)\R.*(-----END (RSA )?(PUBLIC|PRIVATE) KEY-----)\R?$/s';
    if (preg_match($pattern, $key)) {
        exit('The key is ok');
    }
    exit('Not ok');
});

It was actually in the $key = ''; vs $key = ""; single quotes don't do \n as a newline.

My guess is that if you put this key in your env file between double quotes it will still not work, but after you also replace the current \n with \\n it should work.

Just try both to be sure ;)

Also, just as a note: When you get it to work, don't forget to replace your key and throw this one away as it's now public ;)

Ok sorry, I see it in vendor/league. I will work on this and post the result.

Well, don't know how but I went out for couple of hours, came back tried once more and my escaped keys are working = )

Thanks for your help.

So just put those two ENV vars to specific value and Passport is using your ENV vars.