How to get the raw HTTP request from a multipart/form-data request?
The request is not written to test.log.. Only Response: is saved?
The client can upload files etc. and I need to check if the user gzip the binary data parts.. If not I need to throw an error
request
$boundary = 'jlasdifj439';
$field1 = json_encode(['test' => 123]);
$body = '--'.$boundary."\r\n"
.'Content-Disposition: form-data; name="json"'."\r\n"
.'Content-Type: application/json'."\r\n"
.'Content-Length: '.strlen($field1)."\r\n\r\n"
.$field1."\r\n"
.'--'.$boundary.'--';
$socket = curl_init();
curl_setopt_array($socket, [
CURLOPT_POST => true,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_VERBOSE => true,
CURLOPT_ENCODING => '',
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_2_0,
]);
curl_setopt($socket, CURLOPT_URL, 'https://my-url');
curl_setopt($socket, CURLOPT_HTTPHEADER, [
'Content-Type: multipart/form-data; boundary='.$boundary,
]);
curl_setopt($socket, CURLOPT_POSTFIELDS, $body);
if(!$response = curl_exec($socket)){
echo "ERROR!";
}
echo $response;
response
$body = file_get_contents('php://input');
file_put_contents('/var/www/test.log', "Response:\n".$body);
test.log
Response:
curl verbose
* Hostname was NOT found in DNS cache
* Trying xxx.xxx.xxx.xxx...
* Connected to test.com (xxx.xxx.xxx.xxx) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
* subject: CN=*xxxxx
* start date: 2017-10-02 00:00:00 GMT
* expire date: 2018-12-01 23:59:59 GMT
* subjectAltName: test.com matched
* issuer: C=US; O=thawte, Inc.; OU=Domain Validated SSL; CN=thawte DV SSL SHA256 CA
* SSL certificate verify ok.
> POST / HTTP/1.1
Host: xxxxx
Accept: */*
Accept-Encoding: deflate, gzip
Content-Type: multipart/form-data; boundary=jlasdifj439
Content-Length: 143
* upload completely sent off: 143 out of 143 bytes
< HTTP/1.1 200 OK
* Server nginx is not blacklisted
< Server: nginx
< Date: Sun, 10 Jun 2018 20:49:43 GMT
< Content-Type: application/json
< Transfer-Encoding: chunked
< Connection: keep-alive
< content-encoding: gzip
<
* Connection #0 to host xxxxx left intact
Related
when i am sending request on localhost using curl and php it got success as given below
This request is on localhost and get the output which is required to me
$url = "https://live12p.hotstar.com/hls/live/2024725/ipl2021/hin/1540008470/15mindvrm01c6817544da534447ba5b5f3760666fd923september2021/master_7.m3u8";
$referer = "https://www.hotstar.com/";
$origin = "https://www.hotstar.com";
$host = "live12p.hotstar.com";
$headers = array();
$headers[] = 'Host: ' . $host;
$headers[] = 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Firefox/91.0';
$headers[] = 'Cookie: hs_uid=5221b879-8857-496d-80bd-691646c0fcae; ajs_anonymous_id=%22e1cac957-8325-4cc5-a4c7-04c9322a50b5%22; ajs_user_id=%22971450d482ae40088b5d834ff952f60b%22; ajs_group_id=null; hdntl=exp=1632448848~acl=*ipl2021*~id=5267bf12e30107702f21c2ea2bf8b874~data=ip%3dwzSX5TdVuh1sa432PD6kIOuXAlfHJY32Vve29D3csZOD8xO2AjRrZpV-userid%3d8kP6OEf3LRYFUhAWTlF2R7ooxuElWlYpTzzEAosrFQCW-did%3dYfixYiH5EvZpALjGAYAzylXejGbgnbBi0BBLUmB93Jgj3HHJzJjbH16-~hmac=3508bd69101ca28bef6b9bb4ff4fb833c344404e3d62968cb38bcabb1d756a71';
$headers[] = 'Referer: ' . $referer;
$headers[] = 'Origin: ' . $origin;
//
$response = get_web_page($url);
echo $response;
function get_web_page($url)
{
global $referer;
global $headers;
$ch = curl_init($url);
$verbose = fopen('curl.txt', 'w+');
$options = array(
CURLOPT_REFERER => $referer,
CURLOPT_HTTPHEADER => $headers,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "gzip, deflate, br",
CURLOPT_USERAGENT => "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Firefox/91.0",
CURLOPT_CONNECTTIMEOUT => 120,
CURLOPT_TIMEOUT => 120,
CURLOPT_SSL_VERIFYPEER => true,
CURLOPT_SSL_VERIFYHOST => 2,
CURLOPT_VERBOSE => TRUE,
CURLOPT_STDERR => $verbose,
);
curl_setopt_array($ch, $options);
$content = curl_exec($ch);
rewind($verbose);
$verboseLog = stream_get_contents($verbose);
echo "Verbose information:\n<pre>", htmlspecialchars($verboseLog), "</pre>\n";
if (curl_errno($ch)) {
// this would be your first hint that something went wrong
die('Couldn\'t send request: ' . curl_error($ch));
} else {
// check the HTTP status code of the request
$resultStatus = curl_getinfo($ch, CURLINFO_HTTP_CODE);
if ($resultStatus != 200) {
die('Request failed: HTTP status code: ' . $resultStatus);
}
}
curl_close($ch);
return $content;
}
this time the output is what i want
* Trying 2600:140f:5800::17d7:d73a...
* TCP_NODELAY set
* Connected to live12p.hotstar.com (2600:140f:5800::17d7:d73a) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:#STRENGTH
* successfully set certificate verify locations:
* CAfile: /Applications/XAMPP/xamppfiles/share/curl/curl-ca-bundle.crt
CApath: none
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: C=IN; ST=Maharashtra; L=Mumbai; O=Novi Digital Entertainment Pvt. Ltd.; CN=*.hotstar.com
* start date: Jul 5 00:00:00 2021 GMT
* expire date: Jul 13 23:59:59 2022 GMT
* subjectAltName: host "live12p.hotstar.com" matched cert's "*.hotstar.com"
* issuer: C=US; O=DigiCert Inc; CN=DigiCert SHA2 Secure Server CA
* SSL certificate verify ok.
> GET /hls/live/2024725/ipl2021/hin/1540008470/15mindvrm01c6817544da534447ba5b5f3760666fd923september2021/master_7.m3u8 HTTP/1.1
Host: live12p.hotstar.com
Accept: */*
Accept-Encoding: gzip, deflate, br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Firefox/91.0
Cookie: hs_uid=5221b879-8857-496d-80bd-691646c0fcae; ajs_anonymous_id=%22e1cac957-8325-4cc5-a4c7-04c9322a50b5%22; ajs_user_id=%22971450d482ae40088b5d834ff952f60b%22; ajs_group_id=null; hdntl=exp=1632448848~acl=*ipl2021*~id=5267bf12e30107702f21c2ea2bf8b874~data=ip%3dwzSX5TdVuh1sa432PD6kIOuXAlfHJY32Vve29D3csZOD8xO2AjRrZpV-userid%3d8kP6OEf3LRYFUhAWTlF2R7ooxuElWlYpTzzEAosrFQCW-did%3dYfixYiH5EvZpALjGAYAzylXejGbgnbBi0BBLUmB93Jgj3HHJzJjbH16-~hmac=3508bd69101ca28bef6b9bb4ff4fb833c344404e3d62968cb38bcabb1d756a71
Referer: https://www.hotstar.com/
Origin: https://www.hotstar.com
< HTTP/1.1 200 OK
< Akamai-Path-Timestamp: i=1632413538.914;xi=1632413538.921;xo=1632413540.009;s=1632413540.017;
< Content-Encoding: gzip
< Content-Length: 1898
< Last-Modified: Thu, 23 Sep 2021 16:12:18 GMT
< X-Akamai-Live-Origin-QoS: d=4000;t=1632413538.918
< X-Akamai-Server: Akamai-SMT
< Vary: Accept-Encoding
< Akamai-Mon-Iucid-Ing: 2024725
< Expires: Thu, 23 Sep 2021 16:12:21 GMT
< Cache-Control: max-age=0, no-cache, no-store
< Pragma: no-cache
< Date: Thu, 23 Sep 2021 16:12:21 GMT
< Connection: keep-alive
< Content-Type: application/x-mpegURL
< Access-Control-Allow-Origin: https://www.hotstar.com
< Access-Control-Max-Age: 86400
< Access-Control-Allow-Credentials: true
< Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,X-Reference-Error,X-ErrorType
< Access-Control-Allow-Headers: origin,range,hdntl,hdnts,X-allowRequest
< Access-Control-Allow-Methods: GET,POST,OPTIONS
but this time when i am sending this request online from www.xyz.com then the output is 403 Forbidden Why?
Verbose information:
* Added hotstar.com:2600:140f:5800::17d7:d73a to DNS cache
* Trying 23.37.230.73:443...
* Connected to live12p.hotstar.com (23.37.230.73) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: C=IN; ST=Maharashtra; L=Mumbai; O=Novi Digital Entertainment Pvt. Ltd.; CN=*.hotstar.com
* start date: Jul 5 00:00:00 2021 GMT
* expire date: Jul 13 23:59:59 2022 GMT
* subjectAltName: host "live12p.hotstar.com" matched cert's "*.hotstar.com"
* issuer: C=US; O=DigiCert Inc; CN=DigiCert SHA2 Secure Server CA
* SSL certificate verify ok.
> GET /hls/live/2024725/ipl2021/hin/1540008470/15mindvrm01c6817544da534447ba5b5f3760666fd923september2021/master_7.m3u8 HTTP/1.1
Host: live12p.hotstar.com
Accept: */*
Cookie: hs_uid=5221b879-8857-496d-80bd-691646c0fcae; ajs_anonymous_id=%22e1cac957-8325-4cc5-a4c7-04c9322a50b5%22; ajs_user_id=%22971450d482ae40088b5d834ff952f60b%22; ajs_group_id=null; hdntl=exp=1632451493~acl=*ipl2021*~id=e1acc4c006ec4a10fb2422774e4b9806~data=ip%3dwzSX5TdVuh1sa432PD6kIOuXAlfHJY32Vve29D3csZOD8xO2AjRrZpV-userid%3d8kP6OEf3LRYFUhAWTlF2R7ooxuElWlYpTzzEAosrFQCW-did%3dYfixYiH5EvZpALjGAYAzylXejGbgnbBi0BBLUmB93Jgj3HHJzJjbH16-~hmac=c9248d2c8ea8b9e0420ad176918a1ea25561bab8af14b444594515491d00fb6e
Referer: https://www.hotstar.com/
Origin: https://www.hotstar.com
X-FORWARDED-FOR: 223.190.135.254
* old SSL session ID is stale, removing
* Mark bundle as not supporting multiuse
< HTTP/1.1 403 Forbidden
< Server: AkamaiGHost
< Mime-Version: 1.0
< Content-Type: text/html
< Content-Length: 416
< X-Reference-Error: 18.45e62517.1632413497.90e1a77
< Expires: Thu, 23 Sep 2021 16:11:37 GMT
< Cache-Control: max-age=0, no-cache, no-store
< Pragma: no-cache
< Date: Thu, 23 Sep 2021 16:11:37 GMT
< Connection: keep-alive
< Country: IN
< X-ErrorType: geo-blocked
< Access-Control-Allow-Origin: https://www.hotstar.com
< Access-Control-Max-Age: 86400
< Access-Control-Allow-Credentials: true
< Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,X-Reference-Error,X-ErrorType
< Access-Control-Allow-Headers: origin,range,hdntl,hdnts,X-allowRequest
< Access-Control-Allow-Methods: GET,POST,OPTIONS
<
* Connection #0 to host live12p.hotstar.com left intact
Request failed: HTTP status code: 403
I don't know why this is happening and how can i solve it
if any one have idea please help me to solve this
The service you're trying to access is behind Akamai's network and it appears they're geo restricting access.
Note the response header:
X-ErrorType: geo-blocked
Well, I'm having troubles making requests to the Discord API, I'm not understanding how curl is working.
This is my code:
function make_request($mixed, $token, $get_json = true) {
$url = is_string($mixed) ? $mixed : getApiUrl($mixed);
// TODO: Check for valid url!
$log_file = __DIR__.'/../logs/request.txt';
if(!is_readable($log_file)) printError("File '$log_file' is not readable!");
if(!is_writable($log_file)) printError("File '$log_file' is not writable!");
$ch = curl_init();
$f = fopen($log_file, 'w+');
if($f === false) printError("There was an error opening '$log_file'!");
ftruncate($f, 0);
curl_setopt_array($ch, array(
CURLOPT_URL => $url,
CURLOPT_HTTPHEADER => array('Authorization: Bot ' . $token),
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_FOLLOWLOCATION => 1,
CURLOPT_VERBOSE => 1,
CURLOPT_SSL_VERIFYPEER => 0,
CURLOPT_STDERR => $f,
));
$response = curl_exec($ch);
fclose($f);
curl_close($ch);
$contents = file_get_contents($log_file);
if($contents != '')
{
// Censor bot key!
$contents = preg_replace("/^Authorization: Bot.+?$/", "Authorization: Bot xxx", $contents);
printError($contents);
}
if($get_json) {
$pretty = isset($_GET["pretty"]);
if($pretty) {
$json = json_decode($response);
return json_encode($json, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES);
}
return $response;
}
return json_decode($response, true);
}
And this is my output:
[OuterException] System.Exception: * Hostname in DNS cache was stale, zapped
* Trying 162.159.135.233...
* TCP_NODELAY set
* Connected to discordapp.com (162.159.135.233) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:#STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: CN=ssl711320.cloudflaressl.com
* start date: Feb 13 00:00:00 2020 GMT
* expire date: Aug 21 23:59:59 2020 GMT
* subjectAltName: host "discordapp.com" matched cert's "discordapp.com"
* issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO ECC Domain Validation Secure Server CA 2
* SSL certificate verify ok.
> GET /api/guilds/479096180601782274 HTTP/1.1
Host: discordapp.com
Accept: */*
Authorization: Bot ...
< HTTP/1.1 200 OK
< Date: Thu, 20 Feb 2020 17:49:15 GMT
< Content-Type: application/json
< Transfer-Encoding: chunked
< Connection: keep-alive
< Set-Cookie: __cfduid=ddfc25d7448507e06474f24ff3e8352381582220955; expires=Sat, 21-Mar-20 17:49:15 GMT; path=/; domain=.discordapp.com; HttpOnly; SameSite=Lax
< Strict-Transport-Security: max-age=31536000; includeSubDomains
< Via: 1.1 google
< Alt-Svc: clear
< CF-Cache-Status: DYNAMIC
< Set-Cookie: __cfruid=66721d8d16cd42e4884dc62afe94705cbf1e21df-1582220955; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
< Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< Server: cloudflare
< CF-RAY: 568250ea9fe2a861-CDG
<
* Curl_http_done: called premature == 0
* Connection #0 to host discordapp.com left intact
en DiscordIdCrawler.Lib.Core.ApiWorker.CheckForErrors(Object response) en E:\PHP\discord-flooder-bot\client\DiscordIdCrawler\DiscordIdCrawler.Lib\Core\ApiWorker.cs:línea 152
en DiscordIdCrawler.Lib.Core.ApiWorker.GetServerName(Int64 serverId) en E:\PHP\discord-flooder-bot\client\DiscordIdCrawler\DiscordIdCrawler.Lib\Core\ApiWorker.cs:línea 312
en DiscordIdCrawler.Lib.Core.DriverWorker.GoToServer(IWebDriver web, Int32 serverNum, Boolean storeOnDB) en E:\PHP\discord-flooder-bot\client\DiscordIdCrawler\DiscordIdCrawler.Lib\Core\DriverWorker.cs:línea 141
My question is that maybe I'm printing an error when curl is just showing a verbosed log, but I'm not sure if the CURLOPT_STDERR is used to print errors or the entire log.
On the docs: https://www.php.net/manual/en/function.curl-setopt.php
An alternative location to output errors to instead of STDERR.
Maybe is because CURLOPT_VERBOSE is enabled.
TRUE to output verbose information. Writes output to STDERR, or the file specified using CURLOPT_STDERR.
On that case, I need to know when an error happens. Any tip here?
You're on the right track. If you want the diagnostic output, you have to arrange to capture it before you make your request. The usual way to do this is by storing it in RAM, checking for curl error, and handling appropriately.
That code looks like:
$ch = curl_init();
curl_setopt_array($ch, [
// ... other options here
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_VERBOSE => 1,
CURLOPT_STDERR => ($log = fopen('php://temp', 'w')),
]);
$response = curl_exec($ch);
if (false === $response) {
$errno = curl_error($ch);
$errmsg = curl_strerror($errno);
$logtext = stream_get_contents($log, -1, 0);
// ... log the info above, take action, etc.
} else {
// ... $response is your HTTP response
}
curl_close($ch);
I'm attempting to make POST requests to an external API(Code below). I manage to get the curl coding working on my localhost but when I go to my staging server the curl returns error Peer reports incompatible or unsupported protocol version(35). From reading into this I need to add an error buffer to get more debugging info but the documentation is confusing.
Yet when I make a curl request directly in the servers terminal with I receive a connection successful. Which makes me extremely confused as the server is clearly capable to make curl requests.
PHP Curl Code
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode($body),
CURLOPT_HTTPHEADER => $header,
));
$response = curl_exec($curl);
$err = curl_error($curl);
echo "response: " . $response;
echo "<br><br>error: " . $err;
curl_close($curl);
Server Curl Response
curl https://support.zendesk.com/api/v2/users/create_or_update.json
* About to connect() to support.zendesk.com port 443 (#0)
* Trying 104.16.51.111...
* Connected to support.zendesk.com (104.16.51.111) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: CN= support.zendesk.com,O="CloudFlare, Inc.",L=San Francisco,ST=CA,C=US
* start date: Mar 08 00:00:00 2019 GMT
* expire date: Mar 08 12:00:00 2020 GMT
* common name: support.zendesk.com
* issuer: CN=CloudFlare Inc ECC CA-2,O="CloudFlare, Inc.",L=San Francisco,ST=CA,C=US
> GET /api/v2/users/create_or_update.json HTTP/1.1
> User-Agent: curl/7.29.0
> Host: support.zendesk.com
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Date: Fri, 12 Apr 2019 12:52:28 GMT
< Content-Type: application/json; charset=UTF-8
< Content-Length: 37
< Connection: keep-alive
< Set-Cookie: __cfduid=da0ecd56691c96b9b3dac091df58383d51555073548; expires=Sat, 11-Apr-20 12:52:28 GMT; path=/; domain=.ralphandrussoclientcare.zendesk.com; HttpOnly
< WWW-Authenticate: Basic realm="Web Password"
< Strict-Transport-Security: max-age=31536000;
< Cache-Control: no-cache
< X-Zendesk-Origin-Server: app23.pod17.euw1.zdsys.com
< X-Request-Id: 4c65566eacc82981-DUB
< X-Runtime: 0.032000
< X-Zendesk-Request-Id: 3360f95a861586e6f414
< Set-Cookie: __cfruid=7af98f1cbac97922c1c15b82f7c133c3945a446e-1555073548; path=/; domain=.ralphandrussoclientcare.zendesk.com; HttpOnly
< Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< Server: cloudflare
< CF-RAY: 4c65566eacc82981-DUB
<
* Connection #0 to host support.zendesk.com left intact
{"error":"Couldn't authenticate you"}
In order to solve this problem I performed a server SSL test using https://www.ssllabs.com/ssltest/ which showed me which Protocols were already open and available on the server.
From that I followed the answer to this question TLS 1.2 not working in cURL which showed me which PHP CURLOPT_SSLVERSION number to use in order to access an open protocol.
Therefore I had to add the following line of code to my Curl Array
CURLOPT_SSLVERSION => CURL_SSLVERSION_TLSv1_2
I'm implementing a Drupal WebForm Handler for posting data to the PayU
Web Checkout Integration after submission, after hours of trying I started to think there was a problem with the Guzzle Client, so I took off the code from Drupal to test separately. I used a simple Rest API GET request and worked fine, however this POST request still doesn't return anything and I've tried everything from working with streams to changing Guzzle versions as mentioned here. I've used Postman as well and things work fine there.
<?php
ini_set('display_errors',1);
ini_set('display_startup_errors',1);
error_reporting(E_ALL);
require_once './vendor/autoload.php';
use GuzzleHttp\Client;
use GuzzleHttp\Psr7;
//use GuzzleHttp\Stream\Stream;
try {
$client = new Client();
//$post_url = $this->configuration['submission_url'];
$post_url = 'https://sandbox.gateway.payulatam.com/ppp-web-gateway';
//$response = $client->request('GET', $post_url);
$response = $client->request('POST', $post_url,[
'debug' => true,
'form_params' => [
'merchantId' => '508029',
'ApiKey' => '4Vj8eK4rloUd272L48hsrarnUA',
'referenceCode' => 'TestPayU',
'accountId' => '512326',
'description' => 'Test PAYU',
'amount' => '3',
'tax' => '0',
'taxReturnBase' => '0',
'currency' => 'USD',
'signature' => 'ba9ffa71559580175585e45ce70b6c37',
'test' => '1',
'buyerEmail' => 'test#test.com'
]
]);
//$response = Psr7\stream_for($response->getBody());
var_dump($response->getBody()->getContents());
}
catch(Exception $e) {
echo($e->getMessage());
}
This is the debug report. I'd appreciate any help. Thanks.
* Trying 69.20.41.99... * Connected to sandbox.gateway.payulatam.com
(69.20.41.99) port 443 (#0) * Cipher selection:
ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:#STRENGTH *
successfully set certificate verify locations: * CAfile:
/Applications/DevDesktop/common/cert/cacert.pem CApath: none * SSL
connection using TLSv1.2 / AES256-SHA256 * Server certificate: *
subject: OU=Domain Control Validated; OU=COMODO SSL Unified
Communications; CN=payulatam.com * start date: 2017-06-07 00:00:00 GMT *
expire date: 2019-06-05 23:59:59 GMT * subjectAltName:
sandbox.gateway.payulatam.com matched * issuer: C=GB; ST=Greater
Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Domain
Validation Secure Server CA * SSL certificate verify ok. > POST /ppp-
web-gateway HTTP/1.1 Host: sandbox.gateway.payulatam.com User-Agent:
GuzzleHttp/6.2.1 curl/7.44.0 PHP/7.0.14 Content-Type: application/x-www-
form-urlencoded Content-Length: 234 * upload completely sent off: 234
out of 234 bytes < HTTP/1.1 302 Found < Set-Cookie:
JSESSIONID=79253C01031875A1B442649D8B824674.gateway-nodo1;
Path=/ppp-web-gateway/; Secure; HttpOnly < X-FRAME-OPTIONS:
SAMEORIGIN < Set-Cookie: cookie-pol-checkout-version_512326=V2;
Expires=Fri, 28-Sep-2018 22:54:23 GMT; Path=/ppp-web-gateway/;
Secure < Location: /ppp-web-gateway/page-redirect.zul < Content-
Length: 0 < Date: Tue, 03 Oct 2017 22:54:22 GMT < Server: PayU
server < * Connection #0 to host sandbox.gateway.payulatam.com left
intact * Found bundle for host sandbox.gateway.payulatam.com:
0x7918c650 * Re-using existing connection! (#0) with host
sandbox.gateway.payulatam.com * Connected to
sandbox.gateway.payulatam.com (69.20.41.99) port 443 (#0) > GET
/ppp-web-gateway/page-redirect.zul HTTP/1.1 Host:
sandbox.gateway.payulatam.com User-Agent: GuzzleHttp/6.2.1
curl/7.44.0 PHP/7.0.14 Content-Type: application/x-www-form-
urlencoded < HTTP/1.1 200 OK < Set-Cookie:
JSESSIONID=EF0110093412FCDF3E56DD15F1937F30.gateway-nodo1;
Path=/ppp-web-gateway/; Secure; HttpOnly < X-FRAME-OPTIONS:
SAMEORIGIN < Set-Cookie: cookie-
pol=pol_190_238_194_79_1507071263918; Domain=pagosonline.net;
Expires=Fri, 28-Sep-2018 22:54:23 GMT; Path=/; Secure < Content-
Language: en-US < Content-Length: 0 < Date: Tue, 03 Oct 2017
22:54:22 GMT < Server: PayU server < * Connection #0 to host
sandbox.gateway.payulatam.com left intact string(0) ""
I'm trying to display the latest tweets of a Twitter account on my website, and I'm trying to fetch the data using cURL and PHP. When I use the OAuth tool (signature generator) on the Twitter Developers website. There is a cURL command that is generated and it runs just fine on my terminal. However, when I try to use cURL with the same parameters in my PHP code, I get the following error :
{
"errors": [
{
"code": 215,
"message": "Bad Authentication data."
}
]
}
Here is the cURL command :
curl --get 'https://api.twitter.com/1.1/statuses/user_timeline.json' --data 'count=2&screen_name=[my user name]' --header 'Authorization: OAuth oauth_consumer_key="[my key]", oauth_nonce="[my key]", oauth_signature="[the signature]", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1439736924", oauth_version="1.0"' --verbose
And here is my PHP code :
$ch = curl_init("https://api.twitter.com/1.1/statuses/user_timeline.json?count=2&screen_name=XXXXX");
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization' => 'OAuth',
'oauth_consumer_key' => '[my key]',
'oauth_nonce' => '[my key]',
'oauth_signature' => '[the signature]',
'oauth_signature_method' => 'HMAC-SHA1',
'oauth_timestamp' => '1439736924',
'oauth_version' => '1.0')
);
curl_setopt($ch, CURLOPT_POSTFIELDS, array(
'count' => 2,
'screen_name' => '[my username]')
);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
echo curl_exec($ch);
The values are exactly the same and I don't understand why it works with the curl command but not in the PHP code. Here are the two logs :
cURL command (works fine):
* Connected to api.twitter.com (199.16.156.199) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs/
* TLSv1.2, TLS handshake, Client hello (1):
* TLSv1.2, TLS handshake, Server hello (2):
* TLSv1.2, TLS handshake, CERT (11):
* TLSv1.2, TLS handshake, Server key exchange (12):
* TLSv1.2, TLS handshake, Server finished (14):
* TLSv1.2, TLS handshake, Client key exchange (16):
* TLSv1.2, TLS change cipher, Client hello (1):
* TLSv1.2, TLS handshake, Finished (20):
* TLSv1.2, TLS change cipher, Client hello (1):
* TLSv1.2, TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=Twitter, Inc.; OU=Twitter Security; CN=api.twitter.com
* start date: 2014-08-03 00:00:00 GMT
* expire date: 2016-12-31 23:59:59 GMT
* subjectAltName: api.twitter.com matched
* issuer: C=US; O=VeriSign, Inc.; OU=VeriSign Trust Network; OU=Terms of use at https://www.verisign.com/rpa (c)10; CN=VeriSign Class 3 Secure Server CA - G3
* SSL certificate verify ok.
> GET /1.1/statuses/user_timeline.json?count=2&screen_name=XXX HTTP/1.1
> User-Agent: curl/7.38.0
> Host: api.twitter.com
> Accept: */*
> Authorization: OAuth oauth_consumer_key="BBBBBB", oauth_nonce="CCCCCCCC", oauth_signature="DDDDDDDD", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1439736924", oauth_version="1.0"
>
< HTTP/1.1 200 OK
< cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
< content-disposition: attachment; filename=json.json
< content-length: 7512
< content-type: application/json;charset=utf-8
< date: Sun, 16 Aug 2015 16:09:46 GMT
< expires: Tue, 31 Mar 1981 05:00:00 GMT
< last-modified: Sun, 16 Aug 2015 16:09:46 GMT
< pragma: no-cache
< server: tsa_b
< set-cookie: guest_id=v1%3A143974138658672554; Domain=.twitter.com; Path=/; Expires=Tue, 15-Aug-2017 16:09:46 UTC
< status: 200 OK
< strict-transport-security: max-age=631138519
< x-connection-hash: ae1b9fcc59bb90b767b246dfd06f6c94
< x-content-type-options: nosniff
< x-frame-options: SAMEORIGIN
< x-rate-limit-limit: 300
< x-rate-limit-remaining: 298
< x-rate-limit-reset: 1439741812
< x-response-time: 23
< x-transaction: 8515dfd151751885
< x-twitter-response-tags: BouncerCompliant
< x-xss-protection: 1; mode=block
<
PHP log (returns the error message):
* Hostname in DNS cache was stale, zapped
* Trying 199.16.156.199...
* Connected to api.twitter.com (199.16.156.199) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs/
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=Twitter, Inc.; OU=Twitter Security; CN=api.twitter.com
* start date: 2014-08-03 00:00:00 GMT
* expire date: 2016-12-31 23:59:59 GMT
* subjectAltName: api.twitter.com matched
* issuer: C=US; O=VeriSign, Inc.; OU=VeriSign Trust Network; OU=Terms of use at https://www.verisign.com/rpa (c)10; CN=VeriSign Class 3 Secure Server CA - G3
* SSL certificate verify ok.
> GET /1.1/statuses/user_timeline.json?count=2&screen_name=XXXX HTTP/1.1
Host: api.twitter.com
Accept: */*
Authorization: OAuth
oauth_consumer_key: BBBBBB
oauth_nonce: CCCCCCC
oauth_signature: DDDDDDD
oauth_signature_method: HMAC-SHA1
oauth_timestamp: 1439740787
oauth_version: 1.0
< HTTP/1.1 400 Bad Request
< content-length: 62
< content-type: application/json; charset=utf-8
< date: Sun, 16 Aug 2015 16:26:50 GMT
< server: tsa_b
< set-cookie: guest_id=v1%3A143974241022741403; Domain=.twitter.com; Path=/; Expires=Tue, 15-Aug-2017 16:26:50 UTC
< strict-transport-security: max-age=631138519
< x-connection-hash: abbabb47dc8a7d355f595f389f868de2
< x-response-time: 4
<
* Connection #0 to host api.twitter.com left intact
Any help would be appreciated. If possible, I really would like to use cURL instead of a third party library.
Thanks
EDIT : Michael's solution didn't work, but here is the updated PHP output :
Authorization: OAuth oauth_consumer_key="...", oauth_nonce="...", oauth_signature="...", oauth_signature_method="HMAC-SHA1" oauth_timestamp= "1439744503", oauth_version= "1.0"
The chief difference between these is that in the CLI curl command, the Authorization header is specified as a single string with multiple key=value pairs separated by commas. But in your PHP code you have specified those key=value pairs as multiple individual headers. You just need to add a single Authorization header with all of those values concatenated into one string.
The CLI request's header output:
Authorization: OAuth oauth_consumer_key="BBBBBB", oauth_nonce="CCCCCCCC", oauth_signature="DDDDDDDD", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1439736924", oauth_version="1.0"
The PHP request's header output differs:
Authorization: OAuth
oauth_consumer_key: BBBBBB
oauth_nonce: CCCCCCC
oauth_signature: DDDDDDD
oauth_signature_method: HMAC-SHA1
oauth_timestamp: 1439740787
oauth_version: 1.0
So the correct PHP to produce a comparable single-header string would be:
curl_setopt($ch, CURLOPT_HEADER, 0);
// All OAuth values in a single Authorization header string.
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization' => 'OAuth oauth_consumer_key="[my key]", oauth_nonce="[my key]", oauth_signature="[the signature]", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1439736924", oauth_version="1.0"'
)
);
// etc... Everything else should be fine as you have it