Laravel API Authentication (Passport) Implicit Grant Tokens - 401 error

Question

I have a really strange problem with Laravel 5.5 Passport API Authentication.

I need to permit an external site to authenticate via 'Implicit Grant Token' method and get data from the API.

I'm stuck on authentication. JavaScript sends an AJAX request to the API, but all it gets in return is an 401 (Unauthorized) Error (instead of a token).

The setup is by the book (https://laravel.com/docs/5.5/passport#implicit-grant-tokens)

1. Fresh Laravel 5.5 install

2. Laravel CORS added https://github.com/barryvdh/laravel-cors

3. Passport package install composer require laravel/passport

4. Migration php artisan migrate

5. Passport install php artisan passport:install

6. App\User model adjusted

7. AuthServiceProvider adjusted

8. config/auth.php adjusted

9. Sample client created with php artisan passport:client

10. Passport::enableImplicitGrant(); added to AuthServiceProvider

The JS looks like this:

var serialize = function(obj) {
    var str = [];
    for (var key in obj)
        if (obj.hasOwnProperty(key)) {
            str.push(encodeURIComponent(key) + "=" + encodeURIComponent(obj[key]));
        }
    return str.join("&");
}

var request = new XMLHttpRequest();
var data = {
    'client_id': '1',
    'response_type': 'token',
    'redirect_uri': 'http://localhost',
    'scope': ''
}
request.onreadystatechange = function(res) {
    if (request.readyState == XMLHttpRequest.DONE) {
        //console.log(res.responseText);
    }
}
request.open('GET', '//localhost/oauth/authorize?' + serialize(data), true);
request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded; charset=UTF-8');
request.setRequestHeader('Accept', 'application/json');

request.send();

Unfortunately, 401 ERROR is all it GETs.

All the files are available on: https://github.com/michalduda/laravel-passport.git

Do you have any idea what is wrong?

Answer 1

You missing post your content from:

route\api.php