Laravel

Solved: local.ERROR: RuntimeException: The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths

I got this issue while setting up LumenPassport in Laravel/Lumen micro framework.

Error

local.ERROR: RuntimeException: The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths

Use case:
When logging in user via LumenPassport /oauth/token endpoint

Route::get('/login', function (Request $request) {
    $http = new GuzzleHttp\Client;
    $response = $http->post('http://your-app.com/oauth/token', [
        'form_params' => [
            'grant_type' => 'password',
            'client_id' => 'client-id',
            'client_secret' => 'client-secret',
            'username' => 'username',
            'password' => 'password',
        ],
    ]);
});

Reason

As you can see in the error, lumen is complaining about “key length”, which key?

humm…

We are talking about APP_KEY, that must be stored in .env file.

Either you are missing that key in .env file or you have an incorrect length of the key.

Key must be base64 32 bytes.

Solution

  • Generate app key using Base64 String and place in .env APP_KEY= or
  • In Laravel run: php artisan key:generate
  • But if you are using Lumen, that doesn’t has key:generate command by default you can use this package (maxsky/lumen-app-key-generator) to add command to you Lumen app.

What is APP_KEY?

Want to know more about Laravel/Lumen APP_KEY, take a look at well written and explained article https://tighten.co/blog/app-key-and-you

Author: Danyal
I'm a skilled programmer specializing in Vue.js/Nuxt.js for front-end development and PHP Laravel for back-end solutions. I have a strong focus on API design and development, complemented by experience in web server setup and maintenance. My versatile expertise ensures seamless creation and maintenance of web applications, covering everything from intuitive user interfaces to robust server-side functionality. Passionate about coding and driven by a lifelong learning mindset, I invite you to explore more at danyal.dk.