PHP CURL GET/POST 摘要认证

PHP CURL GET/POST Digest authentication

我正在使用 curl 方法从 REST API 获取数据。 API 需要摘要验证。我已经完成摘要身份验证,但不适用于 post 方法。适用于 GET 方法。

$username = 'username';
$password = 'password';

$method = 'GET';
// $method = 'POST';

//  FOR POST METHOD. API REQUIRE THIS FORMAT
// $fields = array('APIRquestData' => '{"name":"value","name1":["v4","v5"]}');

$url = "http://apiurl/getmethodname";
// $url = "http://apiurl/postmethodname";

$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch,CURLOPT_TIMEOUT, 30);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT, 30);
if($method == 'POST')
{
  $fieldsData = http_build_query($fields);
  curl_setopt($ch,CURLOPT_POSTFIELDS, $fieldsData);
}

curl_setopt($ch, CURLOPT_HEADER, 1)
$first_response = curl_exec($ch);
$info = curl_getinfo($ch);

preg_match('/WWW-Authenticate: Digest (.*)/', $first_response, $matches);

if(!empty($matches))
{
  $auth_header = $matches[1];
  $auth_header_array = explode(',', $auth_header);
  $parsed = array();

  foreach ($auth_header_array as $pair)
  {
    $vals = explode('=', $pair);
    $parsed[trim($vals[0])] = trim($vals[1], '" ');
  }

  $response_realm     = (isset($parsed['realm'])) ? $parsed['realm'] : "";
  $response_nonce     = (isset($parsed['nonce'])) ? $parsed['nonce'] : "";
  $response_opaque    = (isset($parsed['opaque'])) ? $parsed['opaque'] : "";

  $authenticate1 = md5($username.":".$response_realm.":".$password);
  $authenticate2 = md5($method.":".$url);

  $authenticate_response = md5($authenticate1.":".$response_nonce.":".$authenticate2);

  $request = sprintf('Authorization: Digest username="%s", realm="%s", nonce="%s", opaque="%s", uri="%s", response="%s"',
  $username, $response_realm, $response_nonce, $response_opaque, $url, $authenticate_response);

  $request_header = array($request);

  $ch = curl_init();
  curl_setopt($ch,CURLOPT_URL, $url);
  curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
  curl_setopt($ch,CURLOPT_SSL_VERIFYHOST, false);
  curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
  curl_setopt($ch,CURLOPT_FOLLOWLOCATION, false);
  curl_setopt($ch,CURLOPT_TIMEOUT, 30);
  curl_setopt($ch,CURLOPT_CONNECTTIMEOUT, 30);

  if($method == 'POST')
  {
    $fieldsData = http_build_query($fields);
    curl_setopt($ch,CURLOPT_POSTFIELDS, $fieldsData);
  }
  curl_setopt($ch, CURLOPT_HTTPHEADER, $request_header);

  $result['response']         = curl_exec($ch);
  $result['info']             = curl_getinfo ($ch);
  $result['info']['errno']    = curl_errno($ch);
  $result['info']['errmsg']   = curl_error($ch); 
}


/*
I am getting this as response

Array
(
  [response] =>  

  HTTP Status 404 - 
  type Status report
  message 
  description The requested resource () is not available.
  [info] => Array
    (
        [url] => http://apiurl/postmethodname
        [content_type] => text/html;charset=ISO-8859-1
        [http_code] => 404
        [header_size] => 361
        [request_size] => 551
        [filetime] => -1
        [ssl_verify_result] => 0
        [redirect_count] => 0
        [total_time] => 0.109
        [namelookup_time] => 0
        [connect_time] => 0.063
        [pretransfer_time] => 0.063
        [size_upload] => 114
        [size_download] => 956
        [speed_download] => 8770
        [speed_upload] => 1045
        [download_content_length] => 956
        [upload_content_length] => 114
        [starttransfer_time] => 0.109
        [redirect_time] => 0
        [redirect_url] => 
        [primary_ip] => XXX.X.XX.XX
        [certinfo] => Array
            (
            )

        [primary_port] => 80
        [local_ip] => XX.XX.XX.XXX
        [local_port] => 58850
        [errno] => 0
        [errmsg] => 
    )
)
*/

响应说,404 表示 URL 未找到。但是 URL 是正确的。

cURL信息7.40.0

提前致谢。

使用 get_headers($url) 而不是第一次卷曲。

在header.

中添加Content-Type:application/json

$request_header = array($request)之后添加$request_header[] = 'Content-Type:application/json';这一行。

感谢@Sufi,POST 请求的工作代码(以防其他人需要):

<?php
$username = 'username';
$password = 'password';

$url = "your url";

$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch,CURLOPT_TIMEOUT, 30);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch,CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_HEADER, 1);
$first_response = curl_exec($ch);
$info = curl_getinfo($ch);

preg_match('/WWW-Authenticate: Digest (.*)/', $first_response, $matches);

if(!empty($matches))
{
  $auth_header = $matches[1];
  $auth_header_array = explode(',', $auth_header);
  $parsed = array();

  foreach ($auth_header_array as $pair)
  {
    $vals = explode('=', $pair);
    $parsed[trim($vals[0])] = trim($vals[1], '" ');
  }

  $response_realm     = (isset($parsed['realm'])) ? $parsed['realm'] : "";
  $response_nonce     = (isset($parsed['nonce'])) ? $parsed['nonce'] : "";
  $response_opaque    = (isset($parsed['opaque'])) ? $parsed['opaque'] : "";

  $authenticate1 = md5($username.":".$response_realm.":".$password);
  $authenticate2 = md5("POST:".$url);

  $authenticate_response = md5($authenticate1.":".$response_nonce.":".$authenticate2);

  $request = sprintf('Authorization: Digest username="%s", realm="%s", nonce="%s", opaque="%s", uri="%s", response="%s"',
  $username, $response_realm, $response_nonce, $response_opaque, $url, $authenticate_response);

  $request_header = array($request);
  $request_header[] = 'Content-Type:application/json';

  $ch = curl_init();
  curl_setopt($ch,CURLOPT_URL, $url);
  curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
  curl_setopt($ch,CURLOPT_SSL_VERIFYHOST, false);
  curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
  curl_setopt($ch,CURLOPT_FOLLOWLOCATION, false);
  curl_setopt($ch,CURLOPT_TIMEOUT, 30);
  curl_setopt($ch,CURLOPT_CONNECTTIMEOUT, 30);
  curl_setopt($ch,CURLOPT_CUSTOMREQUEST, "POST");
  curl_setopt($ch, CURLOPT_HTTPHEADER, $request_header);

  $result['response']         = curl_exec($ch);
  $result['info']             = curl_getinfo ($ch);
  $result['info']['errno']    = curl_errno($ch);
  $result['info']['errmsg']   = curl_error($ch); 

  var_dump($result);
}
?>