I'm attempting to run both a PHP SoapClient and a SoapServer (for Magento) behind a proxy, where the only network traffic allowed out is via the proxy server.
I have got this working with the client as so:
$client = new SoapClient('https://www.domain.co.uk/api/v2_soap/?wsdl=1', [
'soap_version' => SOAP_1_1,
'connection_timeout' => 15000,
'proxy_host' => '192.168.x.x',
'proxy_port' => 'xxxx',
'stream_context' => stream_context_create(
[
'ssl' => [
'proxy' => 'tcp://192.168.x.x:xxxx',
'request_fulluri' => true,
],
'http' => [
'proxy' => 'tcp://192.168.x.x:xxxx',
'request_fulluri' => true,
],
]
),
]);
This works as expected - all the traffic is going via the proxy server.
However, with the SoapServer class, I can't work out how to force it to send all outbound traffic via the SoapServer. It appears to be trying to load http://schemas.xmlsoap.org/soap/encoding/ directly form the network, not via the proxy, which is causing the "can't import schema from 'http://schemas.xmlsoap.org/soap/encoding/'" error to be thrown.
I've tried adding a hosts file entry for schemas.xmlsoap.org to 127.0.0.1 and hosting this file locally, but I'm still getting the same issue.
Is there something I'm missing?
Try stream_context_set_default like in file_get_contents:
file_get_contents behind a proxy?
<?php
// Edit the four values below
$PROXY_HOST = "proxy.example.com"; // Proxy server address
$PROXY_PORT = "1234"; // Proxy server port
$PROXY_USER = "LOGIN"; // Username
$PROXY_PASS = "PASSWORD"; // Password
// Username and Password are required only if your proxy server needs basic authentication
$auth = base64_encode("$PROXY_USER:$PROXY_PASS");
stream_context_set_default(
array(
'http' => array(
'proxy' => "tcp://$PROXY_HOST:$PROXY_PORT",
'request_fulluri' => true,
'header' => "Proxy-Authorization: Basic $auth"
// Remove the 'header' option if proxy authentication is not required
)
)
);
//Your SoapServer here
Or try to run server in non-WSDL mode
<?php
$server = new SoapServer(null, array('uri' => "http://localhost/namespace"));
$server->setClass('myClass');
$data = file_get_contents('php://input');
$server->handle($data);
Related
I hope this question won't be marked as duplicate as I read many related questions and answers on the site: although I tried most of the suggestions out there I still couldn't resolve my problem.
My codebase : (I left comments on purpose to give an idea of what I have been trying so far, based on my browsing)
try {
$opts = array(
//~mrossw 'http' => array(
//~mrossw 'user_agent' => 'PHPSoapClient'
//~mrossw ),
//~mrossw 'socket' => array('bindto' => '158.69.189.149')
'socket' => array('bindto' => '127.0.0.1')
//~mrossw ,
//~mrossw 'ssl' => [
//~mrossw 'verify_peer' => true,
//~mrossw 'verify_peer_name' => true,
//~mrossw 'allow_self_signed' => true
//~mrossw ]
);
$context = stream_context_create($opts);
$client = new SoapClient("https://ws_provider_hostname:xxxx/foo/bar/blah/Operaciones/OpFooBarBlahReqABCS?wsdl",
//~mrossw $client = new SoapClient($doc_root.'OpCotizadorVehiculoExtReqABCS.xml',
array(
'location' => "https://ws_provider_hostname:xxxx/foo/bar/blah/Operaciones/OpFooBarBlahReqABCS?wsdl",
'uri' => "https://ws_provider_hostname:xxxx/foo/bar/blah/Operaciones",
// Stuff for development.
'trace' => 1,
'exceptions' => true,
'keep_alive' => true,
'connection_timeout' => 120,
'stream_context' => $context,
'cache_wsdl' => WSDL_CACHE_NONE,
'compression' => SOAP_COMPRESSION_ACCEPT | SOAP_COMPRESSION_GZIP | SOAP_COMPRESSION_DEFLATE,
//~mrossw 'local_cert' => $certRequest_param['sslcertfile'],
//~mrossw 'login'=>'username',
//~mrossw 'password' => 'password'
)
);
} catch (Exception $e) {
echo \"<h2>Exception Error!</h2>\";
echo $e->getMessage();
// print_r($e);
}
The WS provider has an dev environment on port xxxx and a prod env on port yyyy. Hostname and path request are the same.
SoapClient instanciation and operation call work perfect in dev env.
When i change the port to fetch against prod env I get the following error:
SOAP-ERROR: Parsing WSDL: Couldn't load from 'https://ws_provider_hostname:xxxx/foo/bar/blah/Operaciones/OpFooBarBlahReqABCS?wsdl' : failed to load external entity "https://ws_provider_hostname:xxxx/foo/bar/blah/Operaciones/OpFooBarBlahReqABCS?wsdl"
Provider says my public web server's IP is correctly set as allowed in their firewall. It looks right because when I tried to run the code from a different server with different IP and it fails with the same error in both dev and prod env.
When I run that code from a server inside a private network, it works in both
environment ! I don't know much about security, but this sounds to me like a security breach. I mention it here though, in case it can give a clue. I guess this is because this server has a private ip and the provider's firewall don't filter it.
When I go to https://ws_provider_hostname:xxxx/foo/bar/blah/Operaciones/OpFooBarBlahReqABCS?wsdl in my PC browser i get the correct wsdl's xml.
Do you have an idea of what can prevent the code to work form my public web server ?
Or maybe what else can I check ?
For example I couldn't find a way to check the ws server's http response code from outside my browser.
I could neither get a curl request form bash to return the wsdl xml, but that should be another question maybe.
Also let me know if i can provide any other relevant test or data.
Currently i'm trying to build a little PHP - Soap Connector, which worked pretty good so far. But when i'm deploying my little script to my server, it won't work anymore and i have no clue, why.
I'm connecting in 2 different ways (by curling the SOAP WSDL Scheme, and saving it temporary in the script location, and creating from that a new SOAP Client, and creating a SOAP Client directly by using the SOAP WSDL Scheme URL):
$opts = array(
'http'=>array(
'user_agent' => 'PHP Soap Client'
)
);
$context = stream_context_create($opts);
// SOAP 1.2 client
$params = array (
'encoding' => 'UTF-8',
'verifypeer' => false,
'verifyhost' => false,
'soap_version' => SOAP_1_2,
'trace' => 1,
'exceptions' => 1,
'connection_timeout' => 30,
);
$curlStuff = curl_init($soapURL);
curl_setopt($curlStuff,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curlStuff,CURLOPT_FOLLOWLOCATION,true);
curl_setopt($curlStuff,CURLOPT_TIMEOUT,30);
$response = curl_exec($curlStuff);
$info = curl_getinfo($curlStuff);
if($response) {
file_put_contents("./tempSoapScheme.wsdl", $response);
}
$soapClient = new SoapClient(
'./tempSoapScheme.wsdl',
array(
'trace' => 1,
'stream_context' => $context,
'cache_wsdl' => WSDL_CACHE_NONE
)
);
$soapClientTwo = new SoapClient(
$soapURL,
array(
'trace' => 1,
'stream_context' => $context,
'cache_wsdl' => WSDL_CACHE_NONE
)
);
$result = $soapClient->myLoginMethod(
array(
'username' => 'my#email.example',
'password' => 'password'
)
);
As i said earlier - on my local machine it works like a charm, and everything is fine. The param "soapURL", which is not inside the script, is just the https path to my SOAP WSDL Scheme.
I've tried different options inside "$params" array, other curl setopt settings, but i can't make it work.
The response from both SoapClients:
SOAP-ERROR: Parsing WSDL: Couldn't load from '<MyURL>' : failed to load external entity "<MyURL>", which is pretty uncommon, because the CURL could save everything.
Do you have any suggestions for me?
EDIT - forgot the most important thing:
- The server, which should execute the script, has very strong firewall restrictions, and the SOAP URL Scheme is on another server (not the same). And i guess, that is the point, why it won't work, but i receive an answer from the Scheme by executing CURL.. So it's just SOAP?
i have a problem with running methods with SOAP. I'm using Apache and PHP.
this is the PHP code:
$opts = array(
'ssl' => array('ciphers'=>'RC4-SHA')
);
ini_set('soap.wsdl_cache_enabled',0);
ini_set('soap.wsdl_cache_ttl',0);
$client = new SoapClient('https://host?wsdl', array (
'stream_context' => stream_context_create($opts),
"trace" => 1,
"exceptions" => 0,
"connection_timeout"=>2000));
var_dump($client->__getFunctions());
$params = array ("key" => "value");
$result = $client->availabeFunction($params);
var_dump($result);
The __getFunctions() It returns me all of the available functions.
Then when i'm trying to call the the available function with parameters.
It returns me a strage error message:
public 'faultstring' => string 'Could not connect to host' (length=25)
public 'faultcode' => string 'HTTP' (length=4)
So i presume it is for some reasons are connecting to through the HTTP, but not through HTTPS.
I've looked up the web, and in some cases they are using a local_cert value with a .pem file.
It it neccecity to have it? Or i'm missing something else?
It's an openssl library bug.
At first try to disable SSL check by adding this params
"stream_context" => stream_context_create(
array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
)
)
)
And next try to not use ?wsdl in location link, try use something like
.wsdl
The solution was much easier as i thoguht it will be:
ini_set('soap.wsdl_cache_enabled',0);
ini_set('soap.wsdl_cache_ttl',0);
$location = 'https://host';
$client = new SoapClient($location . '?wsdl', array (
"trace" => 1,
"exceptions" => 0,
"connection_timeout"=>2000,
"location"=>$location // <- this was the reqiured parameter
));
Everything else is same as before.
This beeing cause by WSDL file configuration, that instead of https URL, it has http.
Im using zend_http_client and used code below to force traffic to fiddler :
$Http_Client = new Zend_Http_Client($Address);
$config = array(
'adapter' => 'Zend_Http_Client_Adapter_Proxy',
'proxy_host' => '127.0.0.1',
'proxy_port' => 8888,
'timeout' => 60,
'useragent' => 'Test',
'keepalive' => true,
'sslusecontext' => true
);
$Http_Client->setConfig($config);
when I run the program, I just get Http error 400 which means bad request.I searched a lot but found nothing helpful.In addition when I remove this config,everything works but fiddler does not capture any thing.
What can I do for this problem?
I am really stuck in this, and need expert help. Let me explain what I am trying achieve and the setup. I had a script which posts over a https form using Zend_Http_Client. On the server setup I have tor & privoxy running. Everything just worked fine, but now I need to make the code more scalable by running multiple instances of tor & privoxy on the same server.
Hence I shifted the Adapter for Zend from Zend_Http_Client_Adapter_Curl to Zend_Http_Client_Adapter_Proxy . But after changing the adapter I have bumped into a strange error which says - 400 Invalid header received from client and when I dump the object of Zend client, I see the following -
MyWebClientResponse::__set_state(array(
'json' => NULL,
'version' => '1.1',
'code' => 400,
'message' => 'Invalid header received from client',
'headers' =>
array (
'Proxy-agent' => 'Privoxy 3.0.19',
'Content-type' => 'text/plain',
'Connection' => 'close',
),
'body' => 'Invalid header received from client.
',
))
I do not understand what is that I am doing wrong. The code is done in Yii Framework so it is hard to share all the classes and Models, but I am sharing the main parts of the code, which are responsible for this -
$client = MyWebClient::factory();
$adapter = $client->getAdapter();
$adapter->setConfig(array('timeout' => 120,
'proxy_host' => 'localhost',
'proxy_port' => 8124
));
$client->setAdapter($adapter);
$client->setCookieJar(true);
$client->setParameterPost(array(
'name' => 'firstname',
'password' => 'password,
'login' => 'home'
));
$response = $client->setUri('https://www.domain.com/post.php')->requestApi('POST', false);
Here's the constructor of the class MyWebClient, just in case it it required, all other methods are standard.
static public function factory($new = false)
{
if (!isset(self::$client))
{
self::$client = new MyWebClient();
self::$client->setConfig(array(
'adapter' => 'Zend_Http_Client_Adapter_Proxy',
// 'proxy_host' => 'localhost',
// 'proxy_port' => 8118,
'persistent' => false,
'timeout' => 120
));
}
return self::$client;
}
The headers are being set in the requestAPI method and the snippet is -
$headers = array(
'X-PHX' => 'true',
'X-Requested-With' => 'XMLHttpRequest',
'Referer' => 'https://domain.com/index.html',
'User-Agent' => self::getRandomUserAgent()
);
$this->setHeaders($headers);
I would really appreciate help in this regard. Think it's privoxy which is not letting go the request out of the server.
Sachin
Looks like you may need to wrap the user-agent with quotes. Try this when setting the headers and see if that fixes the problem.
$headers = array(
'X-PHX' => 'true',
'X-Requested-With' => 'XMLHttpRequest',
'Referer' => 'https://domain.com/index.html',
'User-Agent' => "'".self::getRandomUserAgent()."'"
);
$this->setHeaders($headers);
Finally I decided to use the native cURL library and the cookieJar which comes with it. It worked like expected.
Cheers,
Sachin