PHP CURL GET/POST 摘要认证
PHP CURL GET/POST Digest authentication
我正在使用 curl 方法从 REST API 获取数据。 API 需要摘要验证。我已经完成摘要身份验证,但不适用于 post 方法。适用于 GET 方法。
$username = 'username';
$password = 'password';
$method = 'GET';
// $method = 'POST';
// FOR POST METHOD. API REQUIRE THIS FORMAT
// $fields = array('APIRquestData' => '{"name":"value","name1":["v4","v5"]}');
$url = "http://apiurl/getmethodname";
// $url = "http://apiurl/postmethodname";
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch,CURLOPT_TIMEOUT, 30);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT, 30);
if($method == 'POST')
{
$fieldsData = http_build_query($fields);
curl_setopt($ch,CURLOPT_POSTFIELDS, $fieldsData);
}
curl_setopt($ch, CURLOPT_HEADER, 1)
$first_response = curl_exec($ch);
$info = curl_getinfo($ch);
preg_match('/WWW-Authenticate: Digest (.*)/', $first_response, $matches);
if(!empty($matches))
{
$auth_header = $matches[1];
$auth_header_array = explode(',', $auth_header);
$parsed = array();
foreach ($auth_header_array as $pair)
{
$vals = explode('=', $pair);
$parsed[trim($vals[0])] = trim($vals[1], '" ');
}
$response_realm = (isset($parsed['realm'])) ? $parsed['realm'] : "";
$response_nonce = (isset($parsed['nonce'])) ? $parsed['nonce'] : "";
$response_opaque = (isset($parsed['opaque'])) ? $parsed['opaque'] : "";
$authenticate1 = md5($username.":".$response_realm.":".$password);
$authenticate2 = md5($method.":".$url);
$authenticate_response = md5($authenticate1.":".$response_nonce.":".$authenticate2);
$request = sprintf('Authorization: Digest username="%s", realm="%s", nonce="%s", opaque="%s", uri="%s", response="%s"',
$username, $response_realm, $response_nonce, $response_opaque, $url, $authenticate_response);
$request_header = array($request);
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch,CURLOPT_TIMEOUT, 30);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT, 30);
if($method == 'POST')
{
$fieldsData = http_build_query($fields);
curl_setopt($ch,CURLOPT_POSTFIELDS, $fieldsData);
}
curl_setopt($ch, CURLOPT_HTTPHEADER, $request_header);
$result['response'] = curl_exec($ch);
$result['info'] = curl_getinfo ($ch);
$result['info']['errno'] = curl_errno($ch);
$result['info']['errmsg'] = curl_error($ch);
}
/*
I am getting this as response
Array
(
[response] =>
HTTP Status 404 -
type Status report
message
description The requested resource () is not available.
[info] => Array
(
[url] => http://apiurl/postmethodname
[content_type] => text/html;charset=ISO-8859-1
[http_code] => 404
[header_size] => 361
[request_size] => 551
[filetime] => -1
[ssl_verify_result] => 0
[redirect_count] => 0
[total_time] => 0.109
[namelookup_time] => 0
[connect_time] => 0.063
[pretransfer_time] => 0.063
[size_upload] => 114
[size_download] => 956
[speed_download] => 8770
[speed_upload] => 1045
[download_content_length] => 956
[upload_content_length] => 114
[starttransfer_time] => 0.109
[redirect_time] => 0
[redirect_url] =>
[primary_ip] => XXX.X.XX.XX
[certinfo] => Array
(
)
[primary_port] => 80
[local_ip] => XX.XX.XX.XXX
[local_port] => 58850
[errno] => 0
[errmsg] =>
)
)
*/
响应说,404 表示 URL 未找到。但是 URL 是正确的。
cURL信息7.40.0
提前致谢。
使用 get_headers($url)
而不是第一次卷曲。
在header.
中添加Content-Type:application/json
在$request_header = array($request)
之后添加$request_header[] = 'Content-Type:application/json';
这一行。
感谢@Sufi,POST 请求的工作代码(以防其他人需要):
<?php
$username = 'username';
$password = 'password';
$url = "your url";
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch,CURLOPT_TIMEOUT, 30);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch,CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_HEADER, 1);
$first_response = curl_exec($ch);
$info = curl_getinfo($ch);
preg_match('/WWW-Authenticate: Digest (.*)/', $first_response, $matches);
if(!empty($matches))
{
$auth_header = $matches[1];
$auth_header_array = explode(',', $auth_header);
$parsed = array();
foreach ($auth_header_array as $pair)
{
$vals = explode('=', $pair);
$parsed[trim($vals[0])] = trim($vals[1], '" ');
}
$response_realm = (isset($parsed['realm'])) ? $parsed['realm'] : "";
$response_nonce = (isset($parsed['nonce'])) ? $parsed['nonce'] : "";
$response_opaque = (isset($parsed['opaque'])) ? $parsed['opaque'] : "";
$authenticate1 = md5($username.":".$response_realm.":".$password);
$authenticate2 = md5("POST:".$url);
$authenticate_response = md5($authenticate1.":".$response_nonce.":".$authenticate2);
$request = sprintf('Authorization: Digest username="%s", realm="%s", nonce="%s", opaque="%s", uri="%s", response="%s"',
$username, $response_realm, $response_nonce, $response_opaque, $url, $authenticate_response);
$request_header = array($request);
$request_header[] = 'Content-Type:application/json';
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch,CURLOPT_TIMEOUT, 30);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch,CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_HTTPHEADER, $request_header);
$result['response'] = curl_exec($ch);
$result['info'] = curl_getinfo ($ch);
$result['info']['errno'] = curl_errno($ch);
$result['info']['errmsg'] = curl_error($ch);
var_dump($result);
}
?>
我正在使用 curl 方法从 REST API 获取数据。 API 需要摘要验证。我已经完成摘要身份验证,但不适用于 post 方法。适用于 GET 方法。
$username = 'username';
$password = 'password';
$method = 'GET';
// $method = 'POST';
// FOR POST METHOD. API REQUIRE THIS FORMAT
// $fields = array('APIRquestData' => '{"name":"value","name1":["v4","v5"]}');
$url = "http://apiurl/getmethodname";
// $url = "http://apiurl/postmethodname";
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch,CURLOPT_TIMEOUT, 30);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT, 30);
if($method == 'POST')
{
$fieldsData = http_build_query($fields);
curl_setopt($ch,CURLOPT_POSTFIELDS, $fieldsData);
}
curl_setopt($ch, CURLOPT_HEADER, 1)
$first_response = curl_exec($ch);
$info = curl_getinfo($ch);
preg_match('/WWW-Authenticate: Digest (.*)/', $first_response, $matches);
if(!empty($matches))
{
$auth_header = $matches[1];
$auth_header_array = explode(',', $auth_header);
$parsed = array();
foreach ($auth_header_array as $pair)
{
$vals = explode('=', $pair);
$parsed[trim($vals[0])] = trim($vals[1], '" ');
}
$response_realm = (isset($parsed['realm'])) ? $parsed['realm'] : "";
$response_nonce = (isset($parsed['nonce'])) ? $parsed['nonce'] : "";
$response_opaque = (isset($parsed['opaque'])) ? $parsed['opaque'] : "";
$authenticate1 = md5($username.":".$response_realm.":".$password);
$authenticate2 = md5($method.":".$url);
$authenticate_response = md5($authenticate1.":".$response_nonce.":".$authenticate2);
$request = sprintf('Authorization: Digest username="%s", realm="%s", nonce="%s", opaque="%s", uri="%s", response="%s"',
$username, $response_realm, $response_nonce, $response_opaque, $url, $authenticate_response);
$request_header = array($request);
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch,CURLOPT_TIMEOUT, 30);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT, 30);
if($method == 'POST')
{
$fieldsData = http_build_query($fields);
curl_setopt($ch,CURLOPT_POSTFIELDS, $fieldsData);
}
curl_setopt($ch, CURLOPT_HTTPHEADER, $request_header);
$result['response'] = curl_exec($ch);
$result['info'] = curl_getinfo ($ch);
$result['info']['errno'] = curl_errno($ch);
$result['info']['errmsg'] = curl_error($ch);
}
/*
I am getting this as response
Array
(
[response] =>
HTTP Status 404 -
type Status report
message
description The requested resource () is not available.
[info] => Array
(
[url] => http://apiurl/postmethodname
[content_type] => text/html;charset=ISO-8859-1
[http_code] => 404
[header_size] => 361
[request_size] => 551
[filetime] => -1
[ssl_verify_result] => 0
[redirect_count] => 0
[total_time] => 0.109
[namelookup_time] => 0
[connect_time] => 0.063
[pretransfer_time] => 0.063
[size_upload] => 114
[size_download] => 956
[speed_download] => 8770
[speed_upload] => 1045
[download_content_length] => 956
[upload_content_length] => 114
[starttransfer_time] => 0.109
[redirect_time] => 0
[redirect_url] =>
[primary_ip] => XXX.X.XX.XX
[certinfo] => Array
(
)
[primary_port] => 80
[local_ip] => XX.XX.XX.XXX
[local_port] => 58850
[errno] => 0
[errmsg] =>
)
)
*/
响应说,404 表示 URL 未找到。但是 URL 是正确的。
cURL信息7.40.0
提前致谢。
使用 get_headers($url)
而不是第一次卷曲。
在header.
中添加Content-Type:application/json在$request_header = array($request)
之后添加$request_header[] = 'Content-Type:application/json';
这一行。
感谢@Sufi,POST 请求的工作代码(以防其他人需要):
<?php
$username = 'username';
$password = 'password';
$url = "your url";
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch,CURLOPT_TIMEOUT, 30);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch,CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_HEADER, 1);
$first_response = curl_exec($ch);
$info = curl_getinfo($ch);
preg_match('/WWW-Authenticate: Digest (.*)/', $first_response, $matches);
if(!empty($matches))
{
$auth_header = $matches[1];
$auth_header_array = explode(',', $auth_header);
$parsed = array();
foreach ($auth_header_array as $pair)
{
$vals = explode('=', $pair);
$parsed[trim($vals[0])] = trim($vals[1], '" ');
}
$response_realm = (isset($parsed['realm'])) ? $parsed['realm'] : "";
$response_nonce = (isset($parsed['nonce'])) ? $parsed['nonce'] : "";
$response_opaque = (isset($parsed['opaque'])) ? $parsed['opaque'] : "";
$authenticate1 = md5($username.":".$response_realm.":".$password);
$authenticate2 = md5("POST:".$url);
$authenticate_response = md5($authenticate1.":".$response_nonce.":".$authenticate2);
$request = sprintf('Authorization: Digest username="%s", realm="%s", nonce="%s", opaque="%s", uri="%s", response="%s"',
$username, $response_realm, $response_nonce, $response_opaque, $url, $authenticate_response);
$request_header = array($request);
$request_header[] = 'Content-Type:application/json';
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch,CURLOPT_TIMEOUT, 30);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch,CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_HTTPHEADER, $request_header);
$result['response'] = curl_exec($ch);
$result['info'] = curl_getinfo ($ch);
$result['info']['errno'] = curl_errno($ch);
$result['info']['errmsg'] = curl_error($ch);
var_dump($result);
}
?>