We Keep Coding

GET request with postman works, while with PHP cURL I get an empty string

I'm trying to get some data out of an API with GET request.
I get everything done with Postman, but when I'm trying the exact same thing from PHP cURL I only get an empty string.
I've looked for similar questions and only found that in some sites it helps adding user-agent header. I've added it and the response is the same - empty string.
please help me.

Apparently I just wrote the 'AuthToken' incorrectly.
should be
'AuthToken: ' . $token

REST (PHP, CURL) PUT/POST XML Issue: 400 Bad Request, "Invalid URL" Response with Walmart OAuth API (Postman to test)

There's a lot to unpack here. First of all, I've edited the title because I realize while eventually my REST request will be implemented into PHP code, right now I've stripped this down to Postman to test JUST the REST, so I've stripped it as low and basic as possible. I can officially say the problem is with my request.
Basically, I'm making a POST request and also testing with a PUT request to Walmart's API using the "new" OAuth authentication. Sounds grand. GET works BEAUTIFULLY in Postman and in my actual PHP code. POST and PUT immediately return the exact same error, no matter what and how I do: 400 Bad Request, Invalid URL. In the case of my PUT test, which I was doing because it's a simpler and faster text with far less XML to try to comb through, here's the exact response in HTML headers:
<HTML>
<HEAD>
<TITLE>Invalid URL</TITLE>
</HEAD>
<BODY>
<H1>Invalid URL</H1>
The requested URL "http://%5bNo%20Host%5d/v3/inventory?", is invalid.
<p>
Reference #9.c9384317.1556319123.8c89b8dc
</BODY>
</HTML>
I have left testing in PHP through my server and moved into Postman to try to locate the exact issue I'm having, and GET requests work beautifully. I am generating a new Token every 15 minutes or so. I have done... SO many minor changes, but the way the Feed examples and requests work, for all that I can tell I'm doing everything right. I honestly think I'm losing my marbles at this point.
What is most frustrating to me is that GET works. My TOKEN is working. My OAuth is working just fine. A lot of the headers that GET uses for the Walmart API are the exact same between PUT/POST/GET. The difference here is ONLY that the link has query parameters AND XML being shoved into the body. Edit: What I mean is that my headers do not change between the GET and the POST; the only thing that changes in what I am supplying is that XML is being sent in the body, and that query params are required. This is the only thing that changes between a successful GET and an unsuccessful 400 bad request PUT/POST. This leads me to believe something is wrong with how I'm processing the query params or my XML, but considering in the below example I've copy/pasted the XML... I'm not sure. It is an existing item in our catalog, I know for a fact.
Something I have noticed that I'm not quite knowledgeable enough to know if it's an issue or not with Postman is that Walmart's API requests that content-type be multipart/form-data. I've noticed it uses the term "example" when stating this, however, it usually says "this or this" if it'll accept something else. If I switch content-type in Postman to multipart/form-data, however, the Body automatically becomes raw: text instead of raw: XML(application/xml) or text/xml. If I try to swap the raw to those types, it flips my content-type automatically to application/xml, so that's a little... hinky.
I am not going through a Proxy. I've turned off Global Proxy Configuration and Use System Proxy. Request timeout is set to 0. There's nothing Client Certificates. I mean, GET works, and my Token is successfully generated via outside PHP code (not in Postman, couldn't get that to work, said heck it).
HEADERS
PUT URL: https://marketplace.walmartapis.com/v3/inventory?sku=0xyz0
AUTHORIZATION
Bearer Token: Bearer Basic --insert token here--
WM_SVC.NAME: Walmart Marketplace
WM_QOS.CORRELATION_ID: randomString123
WM_SEC.ACCESS_TOKEN: --insert token here--
Accept: application/xml
Host: https://marketplace.walmartapis.com
Content-type: multipart/form-data
BODY
raw: XML(application/xml)
<?xml version="1.0" encoding="UTF-8"?>
<inventory xmlns="http://walmart.com/">
<sku>0xyz0</sku>
<quantity>
<unit>EACH</unit>
<amount>7</amount>
</quantity>
<fulfillmentLagTime>1</fulfillmentLagTime>
</inventory>
Exact response
400 Bad Request
<HTML>
<HEAD>
<TITLE>Invalid URL</TITLE>
</HEAD>
<BODY>
<H1>Invalid URL</H1>
The requested URL "http://%5bNo%20Host%5d/v3/inventory?", is invalid.
<p>
Reference #9.c9384317.1556320429.8ca752c4
</BODY>
</HTML>
Please send help, I think I've been staring at this so long I'm going to leave this physical world behind. Walmart relatively recently updated their authentication to OAuth and they've made vague passes at saying their old authentication will be deprecated and phased out, so I obviously want to try to get this to work.I tried to copy paste everything as best as possible. That XML is copy-pasted almost letter for letter from their example, with my own product switched in.
Also, the reference number down there always changes every time I run this, so it's not something I can actually look up. I've only supplied the Postman side of things because frankly if I can get that to work, my PHP will be fine, I've already knocked out some minor issues with the successful GET request.
If it's a semi-colon issue, I'll scream.
API Documentation: https://developer.walmart.com/#/apicenter/marketPlace/latest#updateInventoryForAnItem

Well, I've figured it out.
You'll notice I'm required to supply a "Host" with my headers. That host is replacing my URl that I'm trying to connect to via POST/PUT/GET, so if my Host is https://marketplace.walmartapis.com, then my request URL is https://https://marketplace.walmartapis.com.
Once I took the https:// out of the host, the entire thing granted me a 200 response. The times I got a correct GET response, I had actually copy-pasted the correct HOST without the HTTPS by pure chance, so I completely missed this between my two separate test cases.

Invalid API key as a reponse of PUT method using RESTServer codeigniter

I am using the codeigniter rest server api library.
When I enter http://localhost/RESTapi/api/question?X-API-KEY=XXX in Postman with the PUT method
I'm getting:
{
"status": false,
"error": "Invalid API key "
}
It works fine with GET method
How can I fix this issue?

I've seen some API's that do not look at the GET params if you make a POST or PUT request for credentials or are inconsistent in how they do it.
Really, credentials should go in headers either via the Authorize header or a custom one for many reasons like 'not logging credentials to access logs', but I digress.
In this case you can try:
Put (no pun) the X-API-KEY=XXX inside the body of the PUT just to see if this works
See if/how the library accepts the API key in a header
Looking at this library in particular (https://github.com/chriskacerguis/codeigniter-restserver), they do support the header X-API-KEY. This should be where you put the key for ALL requests--it's best practice not to pass them as url params.
Here's the commandline example using curl from their Github project.
curl -X POST -H "X-API-KEY: some_key_here" http://example.com/books
In PHP you can use curl to set header like this:
curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-API-KEY: XXX'));

How to stimulate cURL request to a request using postman

I am using the following cURL request to localhost which runs fine:
curl -u admin:e4d4face52f2e3dc22b43b2145ed7c58ce66e26b384d73592c -d "{\"jsonrpc\": \"2.0\", \"method\": \"feed.list\", \"id\": 1}" http://localhost/minifluxR/jsonrpc.php
But when I send the same request using Postman instead of cURL, I am getting:
{"jsonrpc":"2.0","id":null,"error":{"code":-32700,"message":"Parse error"}}
In Postman I used a GET request and sent the following as headers:
url:http://localhost/minifluxR/jsonrpc.php
username:admin
api_token:e4d4face52f2e3dc22b43b2145ed7c58ce66e26b384d73592c
method: feed.list
The following is the PHP function I am trying to trigger:
$server = new Server;
$server->authentication(array(
\Model\Config\get('username') => \Model\Config\get('api_token')
));
// Get all feeds
$server->register('feed.list', function () {
return Model\Feed\get_all();
});
Please help me to correct these errors.

When using cURL, the -u option (or --user) is used to supply the credentials for HTTP Basic authentication. This sets the Authorization header to contain the necessary data to authenticate with the server.
These steps apply to Postman's packaged app. For steps for the legacy app, view this of revision this answer.
To use HTTP Basic authentication as you were in your cURL command, click the Authorization tab and enter your credentials. Clicking Update Request will add the necessary Authorization header for you.
To submit the JSON data in the same way that you did with cURL, use a POST request, select raw under the Body tab, and enter your data like so:
To debug this I used Fiddler - a free web debugging proxy.
I used cURL's --proxy option to make it send its requests through Fiddler like so:
curl \
--proxy http://localhost:8888 \
-u foo:bar \
-d "{\"jsonrpc\": \"2.0\", \"method\": \"feed.list\", \"id\": 1}" \
http://localhost
Now that the request goes through Fiddler, I can select it from the session list, and use the "raw" inspector to see the raw request:
This shows me that the cURL is making a POST request with HTTP Basic authentication and application/x-www-form-urlencoded content. This type of data normally consists of keys and values, such as foo=bar&hoge=fuga. However, this cURL request is submitting a key without a value. A call to var_dump($_POST) will yield the following:
With a = at the end of the data (like so: {"jsonrpc": "2.0", "method": "feed.list", "id": 1}=) the var_dump will yield the following:
However, it seems that JsonRPC will use file_get_contents('php://input') in your case. This returns the data that was submitted with the request, including a =, if the data ends with it. Because it will try to parse the input data as a JSON string, it will fail if the string ends with a =, because that would be invalid JSON.
Using the FoxyProxy extension for Chrome, I created a proxy configuration for Fiddler (127.0.0.1:8888), which allowed me to easily debug the data being sent by Postman's POST request. Using x-www-form-urlencoded with a key of foo with no value, the data sent was actually foo=, which would result in your JSON string being invalid.
However, using "raw" input will allow for the specified data to be sent without a = being added to the end of it, thus ensuring the data is valid JSON.

Curl is using HTTP Basic authentication by default. Your headers set in Postman are something different. Try using Basic Auth in Postman. It is in top panel, you fill in username and password and authorization header will be generated.

get Authorization Header from Recess Request

I'm using the recess framework. Does somebody knows how to get the Authorization header from the request.
Normally, to get the request, we do $this->request, but how to extract the Authorization header which is in a form
Authorization:Basic jadfasdbaHGDWDSJDN==

When the request arrives at the server, the username and password is already decoded, to get the
$Username=$this->request->username;
$Password=$this->request->password;