We Keep Coding

"WISO mein Büro" API doesnt work or it is my fault

unfortunately I get no good response from the api provider.
No I need your support. I build a test extension in "wiso mein büro" for testing.
I would like to create an order with php and this api:
https://api.meinbuero.de/openapi/documentation/#/orders/postorderCreate
My code:
$wisoApiKey = "XXX";
$wisoSecretApiKey = "XXX";
$wisoOwnershipId = "XXX";
$positionen[] = array ('id' => 769541, 'amount' => 60);
$ch = curl_init('https://api.meinbuero.de/openapi/order/');
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/json" , "Authorization: Bearer ".$wisoToken));
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_USERPWD, $wisoApiKey . ":" . $wisoSecretApiKey);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode(
array (
"customerId" => 1698487,
"articles" => $positionen
)
));
$createOrder = curl_exec($ch);
curl_close($ch);
echo '<pre>';
print_r($createOrder);
Result:
HTTP/1.1 500 Internal Server Error
Server: nginx/1.19.0
Date: Mon, 09 Aug 2021 18:38:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=7776000; includeSubDomains; preload
Access-Control-Allow-Origin: *
All other apis works fine like create, get customer, create invoice from order, ...
Only the api create order doesn't work for me.
I don't know why ...

Get jsonRPC data with PHP curl,

Setting up a JSON-RPC on my vps which I want to connect via PHP CURL on my website doing a basic request and looking for getmasternodecount.
Tried many scripts and libraries before however none seems to work in my case. Now I try to write some basic php code, but this skill isnt my best.
<?php
error_reporting(E_ALL);
ini_set('display_errors', '1');
function coinFunction () {
$feed = 'http://user:pass#ip/';
$post_string = '{"method": "getmasternodecount", "params": []}';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $feed);
curl_setopt($ch, CURLOPT_PORT, port);
curl_setopt($ch, CURLOPT_USERPWD, "user:pass");
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_string);
//curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-type: application/stratum', 'Content-length: '.strlen($post_string)));
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-type: application/json', 'Content-length: '.strlen($post_string)));
$output = curl_exec($ch);
curl_close($ch);
return $output;
}
$data = coinFunction();
var_dump($data);
echo $data;
?>
And gives me this data dump:
string(127) "HTTP/1.1 403 Forbidden Date: Sun, 24 May 2020 00:06:21 GMT Content-Length: 0 Content-Type: text/html; charset=ISO-8859-1 " HTTP/1.1 403 Forbidden Date: Sun, 24 May 2020 00:06:21 GMT Content-Length: 0 Content-Type: text/html; charset=ISO-8859-1
When i delete all the var dump information etc, it send me a whitepage and sometimes NULL.
Kindly Regards,

Let's work with the first snippet. Since it's a POST request, file_get_contents is rather out of place here. Add the following setopt lines:
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_HEADER, 0);
Without those, the result of curl_exec won't contain the returned content.
It would also be advisable to specify the Content-Type of the request (which is application/json). The server might handle it even without, but just in case:
curl_setopt($curl, CURLOPT_HTTPHEADER, array(
'Content-Type:application/json'));
Authentication is another thing. Credentials in the URL suggest Basic, but the server might expect otherwise... See CURLOPT_HTTPAUTH.

How to retrieve attachment with http response header using PHP cURL library

I'm trying to retrieve the raw attachment of an http request made using the php cURL library. Right now I get the html response but not the attachment.
There's a very similar question here that says use cURL option -j. I can't find the equivalent set_opt in the php cURL library.
When I make a request in the browser the desired attachment is referred to in the header information and the browser knows to download it automatically. In my script I just need the raw data of the attachment loaded into a variable.
How do I load the attachment data into a variable in php?
Header response from remote server:
Cache-Control:must-revalidate, post-check=0, pre-check=0
Content-Disposition:attachment; filename=exel_file.xls
Content-Length:65
Content-Transfer-Encoding:binary
Content-Type:application/download
Date:Thu, 30 Jun 2016 15:12:05 GMT
Expires:Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified:Thu, 30 Jun 2016 16:33:14 GMT
Pragma:public
Server:Microsoft-IIS/7.5
X-Powered-By:PHP/5.2.17
My php cURL request:
$url = "https://subdomain.example.com?parameter=1";
$post = "post1=false&".
"post2=&".
"post3=false&".
"post4=&".
"post5=&".
"post6=1243123421";
$ch = curl_init($url);
curl_setopt ($ch, CURLOPT_COOKIEJAR, $cookieFile);
curl_setopt ($ch, CURLOPT_COOKIEFILE, $cookieFile);
curl_setopt($ch, CURLOPT_USERAGENT, $userAgent);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_AUTOREFERER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
$html = curl_exec($ch);
I've already tried accessing exel_file.xls directly at https://subdomain.example.com/exel_file.xls and to no avail.
UPDATE:
I did manage to directly reach the file eventually when I found it in Chrome developer tools. I filtered the network responses to "doc" and found the request tied to the attachment. The file was located at https://example.com/exel_file.xls instead of https://subdomain.example.com/exel_file.xls.

Set CURLOPT_BINARYTRANSFER to TRUE and set the content type.
<?php
$url = "http://slackbuilds.org/slackbuilds/13.37/multimedia/umplayer.tar.gz";
$opts = array(
CURLOPT_URL =>$url,
CURLINFO_CONTENT_TYPE => "text/xml",
CURLOPT_BINARYTRANSFER => TRUE,
CURLOPT_RETURNTRANSFER => TRUE
);
$ch = curl_init();
curl_setopt_array($ch, $opts);
$data = curl_exec($ch);
$info = curl_getinfo($ch);
curl_close($ch);
header("Content-Type: application/x-gzip");
header("Content-disposition: attachment; filename=zipfile.tar.gz");
echo $data;
?>
Does this help

API REST post hash credentials and make GET, DELETE or PUT request

I'm working with this Phalcon PHP API HMAC framework and I have a little question.
I declared a GET route in routes.php and Im trying to make a request from client-connect.php (a simple CURL script to make requests).
That's how the client looks like:
$privateKey = '593fe6ed77014f9502761028801aa376f141916bd26b1b3f0271b5ec3135b989';
$time = time();
$id = 1;
$data = [
'name' => 'bob',
];
$message = buildMessage($time, $id, $data);
$hash = hash_hmac('sha256', $message, $privateKey);
$headers = ['API_ID: ' . $id, 'API_TIME: ' . $time, 'API_HASH: ' . $hash];
$ch = curl_init();
curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
curl_setopt($ch, CURLOPT_URL, $host);
// curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "DELETE");
curl_setopt($ch, CURLOPT_POST, FALSE);
curl_setopt($ch, CURLOPT_HEADER, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLINFO_HEADER_OUT, TRUE);
When I make a post request, all works ok, but when I try to make a GET, PUT or DELETE request (I just uncomment the line commented in client), it returns me an error:
Request:
DELETE /nodes/mikrotik HTTP/1.1
Host: vpn.wibee.com
Accept: */*
API_ID: 1
API_TIME: 1446031137
API_HASH: 4d0852239859da5e90270b3f7dfd2167f6e5153ca83a9c5896ee262e41b19674
Content-Length: 508
Expect: 100-continue
Content-Type: multipart/form-data; boundary=------------------------e71b5fd144802749
Response:
HTTP/1.1 100 Continue
HTTP/1.1 401 Unauthorized
Server: nginx/1.6.2
Date: Wed, 28 Oct 2015 11:18:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access denied
I think it's posible im missing something (something related with authentication). Any solution?
Thanks!

I would try it. In original implementation of client app you have such a part:
curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
curl_setopt($ch, CURLOPT_URL, $host);
switch($method) {
case 'POST':
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
break;
case 'GET':
break;
default:
$data = http_build_query($data);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method);
break;
}
And your implementation is quite different. Once you are using POST method, functionality surprisingly work even with ($ch, CURLOPT_POST, FALSE). But Once using all other requests, you are running into troubles. It's because your implementation of GET does a few things it should not:
curl_setopt($ch, CURLOPT_POST, FALSE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
this is not correct for making GET requests with CURL. It surprisingly works, but you are receiving access denied. It is probably because authentication data, are not properly iterpreted on server side.
Also other methods will have some troubles to work, because you are mising this part of original code:
$data = http_build_query($data);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
My best solution wold be to advise you, to try to use existing code sample instead of rewriting it by hand in buggy way. Extending that code for your use should not be complicated, especially if you are running it from shell.

Bitbucket API bad request while trying to merge

This is my code:
$url = "https://bitbucket.org/api/2.0/repositories/***/***/pullrequests/35/merge";
$curl1 = curl_init();
curl_setopt($curl1, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
curl_setopt($curl1, CURLOPT_USERPWD, "***:***");
curl_setopt($curl1, CURLOPT_HEADER, true);
curl_setopt($curl1, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
curl_setopt($curl1, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl1, CURLOPT_URL, $url);
curl_setopt($curl1, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl1, CURLOPT_POST, true);
echo curl_exec($curl1);
Thats the response:
HTTP/1.1 400 BAD REQUEST Server: nginx/1.5.10 Date: Wed, 04 Mar 2015 06:03:15 GMT Content-Type: text/plain Content-Length: 11 Connection: keep-alive X-Served-By: app19 X-Render-Time: 0.0410010814667 Content-Language: de X-Static-Version: 572a80470390 Vary: Authorization, Accept-Language, Cookie X-Version: 1d224fb664b6 ETag: "825644f747baab2c00e420dbbc39e4b3" X-Request-Count: 27 X-Frame-Options: SAMEORIGIN Bad Request
Why does this not work? (For safety reasons i replaced some informations with ***)

You are missing the mandatory parameters for that particular endpoint which should be included in your request body.
According to the API, those mandatory parameters are owner, repo_slug and pull_request_id.
$request_body = array(
'owner' => 'account-name',
'repo_slug' => 'repo-name',
'pull_request_id' => 35
);
Because you specified application/json as your Content-Type, you need to json_encode the array from above:
curl_setopt($curl1, CURLOPT_POSTFIELDS, json_encode($request_body));
As a side note, you could use bitbucket-api library, which can help you to interact with Bitbucket API in a more easy way.
Accepting a pull request using that library, looks something like this:
$pull = new Bitbucket\API\Repositories\PullRequests();
// set your login credentials here
$pull->getClient()->addListener(
new \Bitbucket\API\Http\Listener\BasicAuthListener('username', 'password')
);
$pull->accept($account_name, $repo_slug, 35);
You can read more in the docs.
Disclaimer: I am the author of bitbucket-api library.