Passport - returns invalid grant when logging in AFTER few hours (ie login stops working)

[shez1983]

• Passport Version: 10.1.3
• Laravel Version: 8.39.0
• PHP Version: 8.0
• Database Driver & Version: Mysql 5.6

using Vapor/Amazon MysQl Aurora

Description:

After a while I am unable to login with passport, it returns an invalid_grant error.

Side note: everytime i deploy which run seeder and initialises a client with SET ID & Secret so these dont change

            INSERT INTO `oauth_clients`
            (`id`, `user_id`, `name`, `secret`, `provider`, `redirect`, `personal_access_client`, `password_client`, `revoked`)
            VALUES
            (". config('api.client_id') . ", NULL, 'Laravel Password Grant Client', '". config('api.client_secret')  ."', 'users', '". config('app.url') . "', 0, 1, 0)"
        );

Steps To Reproduce:

1. Refresh/Seed the database
2. make a call to {{url}}/oauth/token with params:

   {
   "grant_type":"password",
   "client_id":"1",
   "client_secret":"clientsecret",
   "username":"email",
   "password":"password",
   "scope":"*",
   "source":"android",
   }

3. it works. even if you repeatedly hit the same endpoint.
4. leave it for approx 7 hours and then the login returns this error:

   "error": "invalid_grant",
   "error_description": "The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.",
   "hint": "",
   "message": "The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."
   }

   i have tried intermittently in between and its been working so for example: i refreshed the database at 10.37 then tried again at these times: 11.56, 13.27, 13.58, and my colleague tried at around 5pm and it was broken.

In the Auth Service provider i have:

 Passport::tokensExpireIn(now()->addMinutes(config('api.access_token_expiry'))); #set to 999999 
        Passport::refreshTokensExpireIn(now()->addMinutes(config('api.refresh_token_expiry'))); #set to 999999 

        Passport::personalAccessTokensExpireIn(now()->addMonths(6));

i tried removing this code and it still didnt make any difference.

The other thing is, i left the server running locally (plain php artisan serve with mysql hosted via brew/locally) and i tried at 10:25 and tried now and it seems to be working. Normally i would add dump() evrywhere even in vendor but as its deploying on vapor which does composer install and not uplaod vendoer directory i cant :/

I have opened a ticket in laracasts (https://laracasts.com/discuss/channels/code-review/laravel-passport-login-doesnt-work-after-some-time) also asked in discord and larachat and no answer so I am coming here as the F/E (App guys) are getting frustrated and so am I :/ i think it must be vapor issue? my vapor yml file for staging is:

    cli-memory: 1024
    database:staging
    gateway-version: 2
    storage: staging
    memory: 512
    runtime: php-8.0:al2
    timeout: 30
    build:
      - 'composer install'
      - 'php artisan event:cache'
    deploy:
      - 'php artisan migrate:fresh --seed'

my vapor ID is: 18075 if that helps..

[driesvints]

I'm very sorry but I can't help you out here. You indicate that the app works properly locally but not on Vapor. My colleagues have also determined this is not a Vapor issue. I'm going to have to ask you to keep trying a support channel, sorry:

• Laracasts Forums
• Laravel.io Forums
• StackOverflow
• Discord
• Larachat
• IRC

[shez1983]

of course a paying customer - isnt important. and login functionality isnt important at all..

i have since figured out (with help of someone) that if i change session driver to dynamoDB (Not cookie) it seems to work. but changing it manually isnt correct way as vapor reverts it back on deploy :/

[johnabelardom]

@shez1983 are you able to fix this?

[shez1983]

@shez1983 are you able to fix this? @johnabelardom sorry it took me a while as i dont use github as much.. so yeah in my .env i manually set the session driver to dynamo and it seems to be working i think