Error Invalid Request on Consumer App use Laravel 7.x

[PanjiNamjaElf]

• Passport Version: 8.4
• Laravel Version: 7.0
• PHP Version: 7.4.4
• Database Driver & Version: SQLite

Description:

When i set my consumer laravel app .env like on my laravel client app no error

But when use different env for example DB_CONNECTION=mysql for consumer app and DB_CONNECTION=sqlite for client app and also for different APP_KEY i got error message like this..

{
  "error": "invalid_request",
  "error_description": "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.",
  "hint": "Cannot decrypt the authorization code",
  "message": "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed."
}

It seem my CLIENT app retrieve .env from CONSUMER app...

Steps To Reproduce:

• Redirecting For Authorization

    public function redirect()
    {
        $query = http_build_query([
            'client_id'     => 4,
            'redirect_uri'  => 'http://consumer.ex.lara/callback',
            'response_type' => 'code',
            'scope'         => '',
        ]);

        return redirect('http://oauth.ex.lara/oauth/authorize?' . $query);
    }

• Converting Authorization Codes To Access Tokens

    public function callback(Request $request)
    {
        $response = Http::post('http://oauth.ex.lara/oauth/token', [
            'grant_type'    => 'authorization_code',
            'client_id'     => 4,
            'client_secret' => 'ocf46ZxiP2OaBUxlXTsrvUJ2TH7OzA7fC9m2IQOP',
            'redirect_uri'  => 'http://consumer.ex.lara/callback',
            'code'          => $request->code,
        ]);

        return $response;

        session()->put('token', json_decode((string) $response->body(), true));

        return redirect('/posts');
    }

Stacktrace

[stacktrace]
#0 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\passport\\src\\Http\\Controllers\\AccessTokenController.php(65): Laravel\\Passport\\Http\\Controllers\\AccessTokenController->withErrorHandling(Object(Closure))
#1 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\ControllerDispatcher.php(48): Laravel\\Passport\\Http\\Controllers\\AccessTokenController->issueToken(Object(Nyholm\\Psr7\\ServerRequest))
#2 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Route.php(225): Illuminate\\Routing\\ControllerDispatcher->dispatch(Object(Illuminate\\Routing\\Route), Object(Laravel\\Passport\\Http\\Controllers\\AccessTokenController), 'issueToken')
#3 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Route.php(182): Illuminate\\Routing\\Route->runController()
#4 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(681): Illuminate\\Routing\\Route->run()
#5 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(128): Illuminate\\Routing\\Router->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#6 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Middleware\\ThrottleRequests.php(59): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#7 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Routing\\Middleware\\ThrottleRequests->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#8 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#9 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(683): Illuminate\\Pipeline\\Pipeline->then(Object(Closure))
#10 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(658): Illuminate\\Routing\\Router->runRouteWithinStack(Object(Illuminate\\Routing\\Route), Object(Illuminate\\Http\\Request))
#11 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(624): Illuminate\\Routing\\Router->runRoute(Object(Illuminate\\Http\\Request), Object(Illuminate\\Routing\\Route))
#12 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(613): Illuminate\\Routing\\Router->dispatchToRoute(Object(Illuminate\\Http\\Request))
#13 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php(165): Illuminate\\Routing\\Router->dispatch(Object(Illuminate\\Http\\Request))
#14 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(128): Illuminate\\Foundation\\Http\\Kernel->Illuminate\\Foundation\\Http\\{closure}(Object(Illuminate\\Http\\Request))
#15 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#16 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#17 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#18 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#19 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize.php(27): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#20 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#21 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode.php(63): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#22 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#23 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\fruitcake\\laravel-cors\\src\\HandleCors.php(36): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#24 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Fruitcake\\Cors\\HandleCors->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#25 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\fideloper\\proxy\\src\\TrustProxies.php(57): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#26 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Fideloper\\Proxy\\TrustProxies->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#27 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#28 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php(140): Illuminate\\Pipeline\\Pipeline->then(Object(Closure))
#29 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php(109): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter(Object(Illuminate\\Http\\Request))
#30 D:\\Xampp\\htdocs\\example\\framework\\oauth\\public\\index.php(55): Illuminate\\Foundation\\Http\\Kernel->handle(Object(Illuminate\\Http\\Request))
#31 {main}

[previous exception] [object] (League\\OAuth2\\Server\\Exception\\OAuthServerException(code: 3): The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. at D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\league\\oauth2-server\\src\\Exception\\OAuthServerException.php:142)
[stacktrace]
#0 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\league\\oauth2-server\\src\\Grant\\AuthCodeGrant.php(125): League\\OAuth2\\Server\\Exception\\OAuthServerException::invalidRequest('code', 'Cannot decrypt ...', Object(LogicException))
#1 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\league\\oauth2-server\\src\\AuthorizationServer.php(198): League\\OAuth2\\Server\\Grant\\AuthCodeGrant->respondToAccessTokenRequest(Object(Nyholm\\Psr7\\ServerRequest), Object(League\\OAuth2\\Server\\ResponseTypes\\BearerTokenResponse), Object(DateInterval))
#2 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\passport\\src\\Http\\Controllers\\AccessTokenController.php(63): League\\OAuth2\\Server\\AuthorizationServer->respondToAccessTokenRequest(Object(Nyholm\\Psr7\\ServerRequest), Object(Laminas\\Diactoros\\Response))
#3 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\passport\\src\\Http\\Controllers\\HandlesOAuthErrors.php(24): Laravel\\Passport\\Http\\Controllers\\AccessTokenController->Laravel\\Passport\\Http\\Controllers\\{closure}()
#4 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\passport\\src\\Http\\Controllers\\AccessTokenController.php(65): Laravel\\Passport\\Http\\Controllers\\AccessTokenController->withErrorHandling(Object(Closure))
#5 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\ControllerDispatcher.php(48): Laravel\\Passport\\Http\\Controllers\\AccessTokenController->issueToken(Object(Nyholm\\Psr7\\ServerRequest))
#6 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Route.php(225): Illuminate\\Routing\\ControllerDispatcher->dispatch(Object(Illuminate\\Routing\\Route), Object(Laravel\\Passport\\Http\\Controllers\\AccessTokenController), 'issueToken')
#7 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Route.php(182): Illuminate\\Routing\\Route->runController()
#8 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(681): Illuminate\\Routing\\Route->run()
#9 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(128): Illuminate\\Routing\\Router->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#10 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Middleware\\ThrottleRequests.php(59): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#11 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Routing\\Middleware\\ThrottleRequests->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#12 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#13 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(683): Illuminate\\Pipeline\\Pipeline->then(Object(Closure))
#14 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(658): Illuminate\\Routing\\Router->runRouteWithinStack(Object(Illuminate\\Routing\\Route), Object(Illuminate\\Http\\Request))
#15 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(624): Illuminate\\Routing\\Router->runRoute(Object(Illuminate\\Http\\Request), Object(Illuminate\\Routing\\Route))
#16 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(613): Illuminate\\Routing\\Router->dispatchToRoute(Object(Illuminate\\Http\\Request))
#17 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php(165): Illuminate\\Routing\\Router->dispatch(Object(Illuminate\\Http\\Request))
#18 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(128): Illuminate\\Foundation\\Http\\Kernel->Illuminate\\Foundation\\Http\\{closure}(Object(Illuminate\\Http\\Request))
#19 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#20 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#21 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#22 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#23 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize.php(27): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#24 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#25 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode.php(63): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#26 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#27 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\fruitcake\\laravel-cors\\src\\HandleCors.php(36): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#28 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Fruitcake\\Cors\\HandleCors->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#29 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\fideloper\\proxy\\src\\TrustProxies.php(57): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#30 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Fideloper\\Proxy\\TrustProxies->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#31 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#32 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php(140): Illuminate\\Pipeline\\Pipeline->then(Object(Closure))
#33 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php(109): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter(Object(Illuminate\\Http\\Request))
#34 D:\\Xampp\\htdocs\\example\\framework\\oauth\\public\\index.php(55): Illuminate\\Foundation\\Http\\Kernel->handle(Object(Illuminate\\Http\\Request))
#35 {main}

[previous exception] [object] (LogicException(code: 0): Integrity check failed. at D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\league\\oauth2-server\\src\\CryptTrait.php:74)
[stacktrace]
#0 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\league\\oauth2-server\\src\\Grant\\AuthCodeGrant.php(114): League\\OAuth2\\Server\\Grant\\AbstractGrant->decrypt('def50200486cd00...')
#1 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\league\\oauth2-server\\src\\AuthorizationServer.php(198): League\\OAuth2\\Server\\Grant\\AuthCodeGrant->respondToAccessTokenRequest(Object(Nyholm\\Psr7\\ServerRequest), Object(League\\OAuth2\\Server\\ResponseTypes\\BearerTokenResponse), Object(DateInterval))
#2 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\passport\\src\\Http\\Controllers\\AccessTokenController.php(63): League\\OAuth2\\Server\\AuthorizationServer->respondToAccessTokenRequest(Object(Nyholm\\Psr7\\ServerRequest), Object(Laminas\\Diactoros\\Response))
#3 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\passport\\src\\Http\\Controllers\\HandlesOAuthErrors.php(24): Laravel\\Passport\\Http\\Controllers\\AccessTokenController->Laravel\\Passport\\Http\\Controllers\\{closure}()
#4 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\passport\\src\\Http\\Controllers\\AccessTokenController.php(65): Laravel\\Passport\\Http\\Controllers\\AccessTokenController->withErrorHandling(Object(Closure))
#5 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\ControllerDispatcher.php(48): Laravel\\Passport\\Http\\Controllers\\AccessTokenController->issueToken(Object(Nyholm\\Psr7\\ServerRequest))
#6 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Route.php(225): Illuminate\\Routing\\ControllerDispatcher->dispatch(Object(Illuminate\\Routing\\Route), Object(Laravel\\Passport\\Http\\Controllers\\AccessTokenController), 'issueToken')
#7 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Route.php(182): Illuminate\\Routing\\Route->runController()
#8 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(681): Illuminate\\Routing\\Route->run()
#9 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(128): Illuminate\\Routing\\Router->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#10 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Middleware\\ThrottleRequests.php(59): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#11 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Routing\\Middleware\\ThrottleRequests->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#12 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#13 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(683): Illuminate\\Pipeline\\Pipeline->then(Object(Closure))
#14 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(658): Illuminate\\Routing\\Router->runRouteWithinStack(Object(Illuminate\\Routing\\Route), Object(Illuminate\\Http\\Request))
#15 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(624): Illuminate\\Routing\\Router->runRoute(Object(Illuminate\\Http\\Request), Object(Illuminate\\Routing\\Route))
#16 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(613): Illuminate\\Routing\\Router->dispatchToRoute(Object(Illuminate\\Http\\Request))
#17 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php(165): Illuminate\\Routing\\Router->dispatch(Object(Illuminate\\Http\\Request))
#18 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(128): Illuminate\\Foundation\\Http\\Kernel->Illuminate\\Foundation\\Http\\{closure}(Object(Illuminate\\Http\\Request))
#19 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#20 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#21 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#22 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#23 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize.php(27): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#24 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#25 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode.php(63): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#26 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#27 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\fruitcake\\laravel-cors\\src\\HandleCors.php(36): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#28 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Fruitcake\\Cors\\HandleCors->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#29 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\fideloper\\proxy\\src\\TrustProxies.php(57): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#30 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Fideloper\\Proxy\\TrustProxies->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#31 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#32 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php(140): Illuminate\\Pipeline\\Pipeline->then(Object(Closure))
#33 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php(109): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter(Object(Illuminate\\Http\\Request))
#34 D:\\Xampp\\htdocs\\example\\framework\\oauth\\public\\index.php(55): Illuminate\\Foundation\\Http\\Kernel->handle(Object(Illuminate\\Http\\Request))
#35 {main}

[previous exception] [object] (Defuse\\Crypto\\Exception\\WrongKeyOrModifiedCiphertextException(code: 0): Integrity check failed. at D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\defuse\\php-encryption\\src\\Crypto.php:364)
[stacktrace]
#0 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\defuse\\php-encryption\\src\\Crypto.php(151): Defuse\\Crypto\\Crypto::decryptInternal('\\xDE\\xF5\\x02\\x00Hl\\xD0\\f\\x1A{)=5C\\xE7...', Object(Defuse\\Crypto\\KeyOrPassword), false)
#1 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\league\\oauth2-server\\src\\CryptTrait.php(69): Defuse\\Crypto\\Crypto::decryptWithPassword('def50200486cd00...', '\\x91Z\\x16\\x8F\\xC6\\xAA\\xE1\\xB0v]\\xD4\\xA1\\xCC\\x1Dn...')
#2 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\league\\oauth2-server\\src\\Grant\\AuthCodeGrant.php(114): League\\OAuth2\\Server\\Grant\\AbstractGrant->decrypt('def50200486cd00...')
#3 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\league\\oauth2-server\\src\\AuthorizationServer.php(198): League\\OAuth2\\Server\\Grant\\AuthCodeGrant->respondToAccessTokenRequest(Object(Nyholm\\Psr7\\ServerRequest), Object(League\\OAuth2\\Server\\ResponseTypes\\BearerTokenResponse), Object(DateInterval))
#4 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\passport\\src\\Http\\Controllers\\AccessTokenController.php(63): League\\OAuth2\\Server\\AuthorizationServer->respondToAccessTokenRequest(Object(Nyholm\\Psr7\\ServerRequest), Object(Laminas\\Diactoros\\Response))
#5 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\passport\\src\\Http\\Controllers\\HandlesOAuthErrors.php(24): Laravel\\Passport\\Http\\Controllers\\AccessTokenController->Laravel\\Passport\\Http\\Controllers\\{closure}()
#6 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\passport\\src\\Http\\Controllers\\AccessTokenController.php(65): Laravel\\Passport\\Http\\Controllers\\AccessTokenController->withErrorHandling(Object(Closure))
#7 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\ControllerDispatcher.php(48): Laravel\\Passport\\Http\\Controllers\\AccessTokenController->issueToken(Object(Nyholm\\Psr7\\ServerRequest))
#8 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Route.php(225): Illuminate\\Routing\\ControllerDispatcher->dispatch(Object(Illuminate\\Routing\\Route), Object(Laravel\\Passport\\Http\\Controllers\\AccessTokenController), 'issueToken')
#9 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Route.php(182): Illuminate\\Routing\\Route->runController()
#10 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(681): Illuminate\\Routing\\Route->run()
#11 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(128): Illuminate\\Routing\\Router->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#12 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Middleware\\ThrottleRequests.php(59): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#13 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Routing\\Middleware\\ThrottleRequests->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#14 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#15 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(683): Illuminate\\Pipeline\\Pipeline->then(Object(Closure))
#16 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(658): Illuminate\\Routing\\Router->runRouteWithinStack(Object(Illuminate\\Routing\\Route), Object(Illuminate\\Http\\Request))
#17 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(624): Illuminate\\Routing\\Router->runRoute(Object(Illuminate\\Http\\Request), Object(Illuminate\\Routing\\Route))
#18 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php(613): Illuminate\\Routing\\Router->dispatchToRoute(Object(Illuminate\\Http\\Request))
#19 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php(165): Illuminate\\Routing\\Router->dispatch(Object(Illuminate\\Http\\Request))
#20 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(128): Illuminate\\Foundation\\Http\\Kernel->Illuminate\\Foundation\\Http\\{closure}(Object(Illuminate\\Http\\Request))
#21 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#22 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#23 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#24 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#25 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize.php(27): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#26 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#27 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode.php(63): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#28 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#29 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\fruitcake\\laravel-cors\\src\\HandleCors.php(36): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#30 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Fruitcake\\Cors\\HandleCors->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#31 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\fideloper\\proxy\\src\\TrustProxies.php(57): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#32 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(167): Fideloper\\Proxy\\TrustProxies->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#33 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#34 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php(140): Illuminate\\Pipeline\\Pipeline->then(Object(Closure))
#35 D:\\Xampp\\htdocs\\example\\framework\\oauth\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php(109): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter(Object(Illuminate\\Http\\Request))
#36 D:\\Xampp\\htdocs\\example\\framework\\oauth\\public\\index.php(55): Illuminate\\Foundation\\Http\\Kernel->handle(Object(Illuminate\\Http\\Request))
#37 {main}
"} 

[driesvints]

Hey there,

Can you first please try one of the support channels below? If you can actually identify this as a bug, feel free to report back and I'll gladly help you out and re-open this issue.

• Laracasts Forums
• Laravel.io Forums
• StackOverflow
• Discord
• Larachat
• IRC

Thanks!

[diego-lipinski-de-castro]

I ran into this issue a few times, everytime was something misconfigured, make sure all redirect uris are correct, incluing in the database, the redirect column must have the same value as the redirect_uri parameter, make sure its the correct client id and secret

[StratusBase]

I know this is old but I just ran into this same issue and it was caused by blindly copying & pasting the URL parameters returned from the Authorization request (which began with "code") from the browser's address bar.

I had totally missed that the "state" value was also appended to the end... When I copied it all and pasted it into the next request as the value for "code" in Postman, it caused the above error due to the "code" value to be erroneous. It was so long that the field was cut off so it was easy to miss.

I spent wayyyy too much time debugging this until I finally noticed an "=" sign in the value and realized it contained the state value as well as the code value...

Hopefully my stupidity helps someone else...