Summer Sale! All accounts are 50% off this week.

GrahamMorbyDev's avatar

Passport Guzzle response directs to login page

Hey guys , So i have 2 web apps talking and im trying to get a list of blog post from one to another. I have set up passport and I seem to be getting keys accepted etc but my

echo $response->getBody();

Just gives me the app login page

My Guzzle call looks like this

 $response = $client->post('http://138.68.180.100/oauth/token', [
                'form_params' => [
                    'client_id' => 2,
                    // The secret generated when you ran: php artisan passport:install
                    'client_secret' => 'secret',
                    'grant_type' => 'password',
                    'username' => '[email protected]',
                    'password' => 'secret',
                    'scope' => '*',
                ]
            ]);

            // You'd typically save this payload in the session
            $auth = json_decode((string)$response->getBody());

            $response = $client->get('http://138.68.180.100/news/articles', [
                'headers' > [
                    'Authorization' => 'Bearer ' . $auth->access_token,
                    'Accept' => 'application/json'
                ]
            ]);
            echo $response->getBody();
            die();

On the other app side I have a route Route::get('news/articles', 'ApiController@hello')->middleware('auth:api');

A controller method

 public function hello() {
        $articles = new Articles();
        $articles = $articles->get();
        return $articles;
    }

and I also updated my .htaccess

 # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} ^(.*)
    RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

Any ideas would be greatly appricated

0 likes
5 replies
QuentinLozach's avatar

Hey there. I've got EXACTLY the same problem.

By any chance, did you find a solution in the meantime that could be usefull ?

Thanks !

WallyJ's avatar

Sorry to tag along, but I have the same issue. If I go to a URL (For a site I am logged into) directly in Chrome, the page shows fine.

But if I use Guzzle and the command:

$client = new \GuzzleHttp\Client();
        $res = $client->request('GET', $url);
        echo $res->getbody();

I receive the login page, as if I'm not logged in, and also in my case, there are no images on the page.

I'm thinking there is a simple fix for this, but I am new to using Guzzle and DOM functions.

Cronix's avatar

@WallyJ You'd need to send the session cookie with the request in order for the app to be able to determine if you're logged in. It's basically like you logged in using the chrome browser, and then also loaded the site with Firefox. The firefox browser wouldn't be logged in since it's can't share the session cookie from Chrome. They're totally separate instances, just like your guzzle scenario.

So basically, you'd need to set up a cookie jar in guzzle, and then log in with guzzle (sending a post request to the login route with email/password) in order to be authenticated.

binung's avatar

I am implementing SSO for multiple Laravel and PHP applications. I have facing the same issues. What should I do to obtain an access_token when registering a user on the client side? Please thank you for help me.

martinbean's avatar

@binung Then create your own thread with your own question, instead of bumping a thread that’s more than half a decade old.

Please or to participate in this conversation.