Heroku and Laravel Passport

5
votes

I try to install my app on heroku. This app is a php-laravel app with the "passport" for the authentication. All is running fine in my local machine (mac os).

When I try to do a simple 'post' with postman, I have this error :

2018-03-17T17:05:22.059708+00:00 app[web.1]: [17-Mar-2018 17:05:22 UTC] [2018-03-17 17:05:22] production.ERROR: Key path "file:///app/storage/oauth-private.key" does not exist or is not readable {"exception":"[object] (LogicException(code: 0): Key path \"file:///app/storage/oauth-private.key\" does not exist or is not readable at /app/vendor/league/oauth2-server/src/CryptKey.php:45)"} []

To setup passport, I generated the keys with :

php artisan passport:install

And I see the keys in my database in heroku. So the command worked properly.

So what is this error ?

I tried also to regenerate the keys, to stop and restart the application. Without successes.

Thanks for your suggestions. Merci

Dominique

EDIT : in fact, the key files are not generated in the folder app/storage, that's why there is this error. But why these files are not generated ?

5
laravelherokularavel-passport

5 Answers

17
votes

the solution is here : https://github.com/laravel/passport/issues/267

Add these few lines into your composer.json under the "scripts" property, then commit et deploy into heroku. 

"post-install-cmd": [ 
        "php artisan clear-compiled",
        "chmod -R 777 storage", 
        "php artisan passport:keys"
    ]

BUT : after that you have to delete the keys from the table "oauth-clients" , then regenerate these keys with :

php artisan passport:install

and it worked for me.

Hope it will help.

Dominique

2
votes

About the @Dom answer, It will log out your users with every deployment, so if you're really using Heroku and not Dokku (as in my case), I recommend you to generate the keys by using that command: php artisan passport:keys and then via Nano copy the keys generated in storage/oauth-public.key and storage/oauth-private.key into multiline env variables, then you can use this post install script in composer.json:

"post-install-cmd": [ "php artisan clear-compiled", "chmod -R 777 storage", "echo -n $OAUTH_PRIVATE_KEY > storage/oauth-private.key", "echo -n $OAUTH_PUBLIC_KEY > storage/oauth-public.key" ]

That will regenerate the keys from ENV with every deployment and keep your users logged in.

If that solution doesn't work, you could still remove '/storage/*.key' line from .gitignore

2
votes

Laravel Passport has a configuration that allows to set public and private keys as environment variables.

You can run php artisan vendor:publish --tag=passport-config on your local machine and commit the change.

Then set PASSPORT_PRIVATE_KEY and PASSPORT_PUBLIC_KEY on Heroku config.

Found from this blog

0
votes

My solution was quite straight forward:

  1. go to your .gitignore file
  2. comment out /storage/*.key
  3. re-deploy to heroku

It appears that the oauth-keys are ignored by default in Laravel (v.7)

0
votes

Loading Keys From The Environment
Alternatively, you may publish Passport's configuration file using the vendor:publish Artisan command:

php artisan vendor:publish --tag=passport-config

After the configuration file has been published, you may load your application's encryption keys by defining them as environment variables:

PASSPORT_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----
<private key here>
-----END RSA PRIVATE KEY-----"

PASSPORT_PUBLIC_KEY="-----BEGIN PUBLIC KEY-----
<public key here>
-----END PUBLIC KEY-----"

Passport documentation