Tried to access session data without an active access token laravel

857 Views Asked by At

I have the code below to generate access token using LucaDegasperi\OAuth2Server\Authorizer and I need to get the authId for the audit log.

Route::post('oauth/access_token', ['middleware' => $pre_token_middleware, 
function () {

    $access_token = Authorizer::issueAccessToken();

    // Create log for logged in user
    $auth_id = Authorizer::getResourceOwnerId();
    // another code here..

    return \Response::json($access_token);
}]);

But I get Tried to access session data without an active access token error when the getResourceOwnerId function is executed. I already tried moving the code to a controller but got the same error.

1

There are 1 best solutions below

5
On BEST ANSWER

I don't know about this bunddle(How it functional/work) but I think you missed something. Check below detail from lucadegasperi-oauth2-server-laravel.

If the middlewares isn't in the correct order, methods like the Authorizer::getResourceOwnerId() wont work.

Please note that the middlewares has to be applied in a certain order. The OAuthMiddleware has to be added before the OAuthClientOwnerMiddleware and the OAuthUserOwnerMiddleware

May this information will help you!

UPDATE
Try below middleware code

Route::post('oauth/access_token', function() {
    return Response::json(Authorizer::issueAccessToken());
});

Route::group(['middleware' => 'oauth'], function () {

    Route::get('authroute', function() {
        //OAuth will be required to access this route
    });

    Route::post('postwithauth', function(Request $request) {
        $userID = Authorizer::getResourceOwnerId();
        $input = $request->input();
        return response()->json(array('userID' => $userID, 'input' => $input));
    });

});

Here authroute and postwithauth need to update with your one.