I got this issue while setting up LumenPassport in Laravel/Lumen micro framework.
Error
local.ERROR: RuntimeException: The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths
Use case:
When logging in user via LumenPassport /oauth/token endpoint
Route::get('/login', function (Request $request) {
$http = new GuzzleHttp\Client;
$response = $http->post('http://your-app.com/oauth/token', [
'form_params' => [
'grant_type' => 'password',
'client_id' => 'client-id',
'client_secret' => 'client-secret',
'username' => 'username',
'password' => 'password',
],
]);
});Reason
As you can see in the error, lumen is complaining about “key length”, which key?
humm…
We are talking about APP_KEY, that must be stored in .env file.
Either you are missing that key in .env file or you have an incorrect length of the key.
Key must be base64 32 bytes.
Solution
- Generate app key using Base64 String and place in .env APP_KEY= or
- In Laravel run: php artisan key:generate
- But if you are using Lumen, that doesn’t has key:generate command by default you can use this package (maxsky/lumen-app-key-generator) to add command to you Lumen app.
What is APP_KEY?
Want to know more about Laravel/Lumen APP_KEY, take a look at well written and explained article https://tighten.co/blog/app-key-and-you
