7

I have my pusher key set and initialized within Laravel 5.3. When I test it on my local environment, it works. When I try to run the exact same code on our production environment, I get this error:

Pusher : Error : {"type":"WebSocketError","error":{"type":"PusherError","data":{"code":null,"message":"Auth info required to subscribe to private-App.User.16"}}}

I've confirmed the Pusher key is identical on both my local and production.

The WS initializes on both environments the same:

wss://ws.pusherapp.com/app/264P9d412196d622od64d?protocol=7&client=js&version=4.1.0&flash=false

The only difference that I can see, is that when our production server contacts the Laravel "broadcasting/auth" route, it simply receives true in the response body.

When my local contacts "broadcasting/auth" it gets this in the response:

{auth: "22459d41299d6228d64d:df5d393fe37df0k3832fa5556098307f145d7e483c07974d8e7b2609200483f8"}

Within my BroadcastServiceProvider.php:

public function boot() { Broadcast::routes(); // Authenticate the user's personal channel. Broadcast::channel('App.User.*', function (User $user, $user_id) { return (int)$user->id === (int)$user_id; }); }

What could cause the broadcast/auth route to return simply true instead of the expected auth?

Improve this question
4
  • Shouldn't that be on route/channels.php ? Link Commented Jan 15, 2018 at 12:15
  • @AntoniosTsimourtos that is for versions after Laravel 5.3. Commented Jan 15, 2018 at 14:47
  • This is basic but I guess it worth asking: are you using composer.lock to make sure you have the same deps in both envs? Commented Jan 18, 2018 at 18:06
  • I would try to find out which method is handling the broadcasting/auth request and then debug it. Commented Jan 18, 2018 at 23:21

3 Answers 3

Reset to default
4
+50

If you check PusherBroadcaster.php file, you will see that the response can be "mixed".

I think the documentation is saying about the default broadcast only.

The channel method accepts two arguments: the name of the channel and a callback which returns true or false indicating whether the user is authorized to listen on the channel.

This is the validAuthenticationResponse method inside PusherBroadcast. 

/** * Return the valid authentication response. * * @param \Illuminate\Http\Request $request * @param mixed $result * @return mixed */ public function validAuthenticationResponse($request, $result) { if (Str::startsWith($request->channel_name, 'private')) { return $this->decodePusherResponse( $this->pusher->socket_auth($request->channel_name, $request->socket_id) ); } return $this->decodePusherResponse( $this->pusher->presence_auth( $request->channel_name, $request->socket_id, $request->user()->getAuthIdentifier(), $result) ); }

Just to give you another example, this is inside RedisBroadcast. 

if (is_bool($result)) { return json_encode($result); }

Short explanation about this "auth request":

BroadcastManager instantiate all "available drivers" (Pusher, Redis, Log,etc) , and create the "auth" route (using BroadcastController + authenticate method).

When you call "auth", this will happen:

  1. Call "broadc.../auth" route.
  2. BroadcastManager will instantiate the proper driver (in your case Pusher)
  3. PusherBroadcaster can throw an exception AccessDeniedHttpException if the user is not authenticated (the "user session" - Auth::user() is not defined/null) and is trying to access a private (or presence) channel type.
  4. If the user is trying to access a private/presence channel and the user is authenticated (Auth::check()), Laravel will check if the auth. user can access the channel. (Check: verifyUserCanAccessChannel method).
  5. After that, validAuthenticationResponse method will be called. This method will make a request to pusher with the user credentials and return an array. This array contains Pusher response (socket auth: https://github.com/pusher/pusher-http-php/blob/03d3417748fc70a889c97271e25e282ff1ff0ae3/src/Pusher.php#L586 / Presence Auth: https://github.com/pusher/pusher-http-php/blob/03d3417748fc70a889c97271e25e282ff1ff0ae3/src/Pusher.php#L615) which is a string.

Short answer:

Soo.. Pusher require this auth response. Otherwise you won't be able to connect/identify the user (wss://ws.pusherapp.com....).

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thanks for the detailed explanation. This points me in the right direction, but why might $result in validAuthenticationResponse be a boolean response from Pusher in different environments?
BROADCAST_DRIVER=redis in your production .env file VS BROADCAST_DRIVER=pusher locally.
1

Edit This is from the version 5.5 docs, not applicable here.

I think the issue maybe with using the '*' wildcard in the channel's name.

I use the following in both local and production:

Broadcast::channel("servers.{id}", function (Authenticatable $user, $id) { return (int)$user->getAuthIdentifier() === (int)$id; });
Improve this answer

2 Comments

That would be odd since the documentation says otherwise.
My bad, I overlooked he noted 5.3 as the version. This is for 5.5.
1

The problem happens because you did not set the proper BROADCAST_DRIVER in your production .env file (which is redis by default).

# before BROADCAST_DRIVER=redis # after BROADCAST_DRIVER=pusher
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.