I'm building a request with PHP using curl, for the basic authentication it is necessary to use the preemptive authentication.
Can I force curl to use the preemptive authentication?
Or is there any other way to build my request with PHP?
#Bas van Stein
I'm not sure if I understand this correctly. I tried it like this:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $URL);
curl_setopt($ch, CURLOPT_TIMEOUT, 30); //timeout after 30 seconds
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// auth header
$headers = array(
sprintf('Authorization: Basic %s',base64_encode(sprintf("%s:%s",$username,$password))),
);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_POST, 1);
// preemptive authentication (first request)
$result = curl_exec($ch);
// extend header for payload
$boundary = $this->generateRandomString();
curl_setopt($ch, CURLOPT_HTTPHEADER, array_merge_values($headers,array(
'Content-Encoding: gzip',
'Content-Type: multipart/mixed;boundary=' . $boundary,
)));
curl_setopt($ch, CURLOPT_ENCODING, 'gzip');
$multiPart = sprintf("--%s\r\nContent-Disposition: content\r\nContent-Type: application/xx.xx\r\nContent-Version: 1.5\r\n\r\n%s\r\n--%s--",$boundary,$data,$boundary);
curl_setopt($ch, CURLOPT_POSTFIELDS, gzencode($multiPart));
// request with payload (second request)
$result = curl_exec($ch);
curl_close($ch);
but it doesn't worked.
Thanks
katzu
Related
I'm trying to submit a POST request with JSON data to an api endpoint. The endpoint requires a querystring passing the api credentials, but also requires the JSON data to be POSTed.
When I try to do this with PHP cURL as shown below, the querystring is apparently removed - thus the api is rejecting the request due to missing api key.
I can do this easily with Postman when testing access to the api endpoint.
How can I make the cURL request include both the querystring AND the JSON POST body?
Example code:
// $data is previously defined as an array of parameters and values.
$url = "https://api.endpoint.url?api_key=1234567890";
$ch = curl_init();
$json = json_encode($data);
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_POST, true);
curl_setopt($ch,CURLOPT_POSTFIELDS, $json);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Content-Type: application/json',
'Content-Length: ' . strlen($json)
]
//execute post
$result = curl_exec($ch);
//close connection
curl_close($ch);
You are doing almost right.
Sometimes you need to relax SSL verification.
Otherwise, update php ca bundle:
https://docs.bolt.cm/3.7/howto/curl-ca-certificates
Add the following:
$headers = array(
"Content-type: application/json;charset=UTF-8",
"Accept-Encoding: gzip,deflate",
"Content-length: ".strlen($json),
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 300);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $json);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_ENCODING, "identity, deflate, gzip");
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
$result = curl_exec($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
Sometimes you need to change encoding too:
$result = utf8_decode($result);
And check the returning data.
I am trying to use the Zoho API Version 2 to do a simple record update in Leads. I am using PHP and CURL and my sample code for this call (to update a single field in the record) is as follows:-
$apiUrl = "https://www.zohoapis.com/crm/v2/Leads/" . {valid record id here};
$headers = array(
'Content-Type: application/json',
'Content-Length: ' . strlen($fields),
sprintf('Authorization: Zoho-oauthtoken %s', {valid auth token here})
);
$fields = json_encode([["data" => ["City" => "Egham"]]]);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $apiUrl);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT");
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 60);
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
$result = curl_exec($ch);
curl_close($ch);
No matter how I format the JSON, I always get the following returned:
{"code":"INVALID_DATA","details": {"expected_data_type":"jsonobject"},"message":"body","status":"error"}
It is not a matter of invalid auth tokens etc because I have successfully used PHP and CURL with the Zoho API to read data and I decode the JSON returned successfully.
Please could somebody help with passing valid JSON data?
The above code constructs input JSON like this
[{"data":{"City":"Egham"}}]. This JSON is not valid as per the ZOHO CRM APIs(API help).
It should be like this {"data":[{"City":"Egham"}]}.
Change the code like this :
$apiUrl = "https://www.zohoapis.com/crm/v2/Leads/" . {valid record id here};
$fields = json_encode(array("data" => array(["City" => "Egham"])));
// *strlen must be called after defining the variable. So moved headers down to $fields*
$headers = array(
'Content-Type: application/json',
'Content-Length: ' . strlen($fields),
sprintf('Authorization: Zoho-oauthtoken %s', {valid auth token here})
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $apiUrl);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT");
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 60);
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
$result = curl_exec($ch);
curl_close($ch);
You must escape the data into JSON format:
import json
response = requests.post(url, data=json.dumps(data), headers=headers)
I am working with an API that provides a token for me to use to connect. It gives these instructions.
This token is then sent in all subsequent calls to the server in header variable Auth Digest.
I am not sure what this means. I've tried several approaches and read several stack overflow questions. Here's what I've tried. See code comments included for details.
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FAILONERROR, true);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_AUTOREFERER, true);
curl_setopt($ch, CURLOPT_BINARYTRANSFER,true);
curl_setopt($ch, CURLOPT_TIMEOUT, 20);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_VERBOSE, true);
// I have tried setting both of these
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
// In combination of the above separately, I have tried each of these individually
curl_setopt($ch, CURLOPT_USERPWD, $username . ":" . $token);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Auth Digest: ' . $token));
curl_setopt($ch, CURLOPT_POST, true);
$post_data = array('Auth Digest' => $token);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post_data));
curl_setopt($ch, CURLOPT_USERPWD, $token);
// Then I execute and close, either giving me a failed response and a response that says token is not valid
$response = curl_exec($ch);
$header_sent = curl_getinfo($ch, CURLINFO_HEADER_OUT);
if (!$response) {
echo $action . ' curl request failed';
return false;
}
curl_close($ch);
$response_json = json_decode($response);
var_dump($response_json);
Here are some related stackoverflow questions that I've tried to apply to my problem without success.
Curl request with digest auth in PHP for download Bitbucket private repository
Client part of the Digest Authentication using PHP POST to Web Service
How do I make a request using HTTP basic authentication with PHP curl?
I need to know what the raw http header that they're likely expecting or how I can use php curl to generate the header they're likely expecting.
An digest authorization header typically looks like:
Authorization: Digest _data_here_
So in your case, try:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
//... existing options here
$headers = array(
'Authorization: Digest ' . $token,
);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$response = curl_exec($ch);
If you use CURLOPT_HTTPHEADER, that just specifies additional headers to send and doesn't require you to add all the headers there.
If the other headers you're sending all have explicit options, use those and just pass the one authorization header to CURLOPT_HTTPHEADER.
i'm trying using cURL for a GET request like this:
function connect($id_user){
$ch = curl_init();
$headers = array(
'Accept: application/json',
'Content-Type: application/json',
);
curl_setopt($ch, CURLOPT_URL, $this->service_url.'user/'.$id_user);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_HEADER, 0);
$body = '{}';
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
curl_setopt($ch, CURLOPT_POSTFIELDS,$body);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Timeout in seconds
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
$authToken = curl_exec($ch);
return $authToken;
}
As you an see i want to pass $body as the request's body , but i don't know if its correct or not and i can't debug this actually, do you know if is the right to use curl_setopt($ch, CURLOPT_POSTFIELDS,$body); with a GET request?
Cause this enteire code works perfect with POST, now i'm trying change this to GET as you can see
The accepted answer is wrong. GET requests can indeed contain a body. This is the solution implemented by WordPress, as an example:
curl_setopt( $ch, CURLOPT_CUSTOMREQUEST, 'GET' );
curl_setopt( $ch, CURLOPT_POSTFIELDS, $body );
EDIT: To clarify, the initial curl_setopt is necessary in this instance, because libcurl will default the HTTP method to POST when using CURLOPT_POSTFIELDS (see documentation).
CURLOPT_POSTFIELDS as the name suggests, is for the body (payload) of a POST request. For GET requests, the payload is part of the URL in the form of a query string.
In your case, you need to construct the URL with the arguments you need to send (if any), and remove the other options to cURL.
curl_setopt($ch, CURLOPT_URL, $this->service_url.'user/'.$id_user);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_HEADER, 0);
//$body = '{}';
//curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
//curl_setopt($ch, CURLOPT_POSTFIELDS,$body);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
<?php
$post = ['batch_id'=> "2"];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,'https://example.com/student_list.php');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post));
$response = curl_exec($ch);
$result = json_decode($response);
curl_close($ch); // Close the connection
$new= $result->status;
if( $new =="1")
{
echo "<script>alert('Student list')</script>";
}
else
{
echo "<script>alert('Not Removed')</script>";
}
?>
For those coming to this with similar problems, this request library allows you to make external http requests seemlessly within your php application. Simplified GET, POST, PATCH, DELETE and PUT requests.
A sample request would be as below
use Libraries\Request;
$data = [
'samplekey' => 'value',
'otherkey' => 'othervalue'
];
$headers = [
'Content-Type' => 'application/json',
'Content-Length' => sizeof($data)
];
$response = Request::post('https://example.com', $data, $headers);
// the $response variable contains response from the request
Documentation for the same can be found in the project's README.md
you have done it the correct way using
curl_setopt($ch, CURLOPT_POSTFIELDS,$body);
but i notice your missing
curl_setopt($ch, CURLOPT_POST,1);
I've been trying for a while now to call a REST API, but still with no luck.
I've tested the connection, propreties and credentials with WizTools, so I'm 100% all the data is correct and working. Only when I try to connect to the API using custom PHP, things go wrong.
I use Fiddler for debugging and all I see is a request to the local path of the file with the code. For some reason, the snippet isn't calling the REST endpoint... I would like to know how does it come and what do I do wrong...
The code is hosted local (dev.testing.com).
At first sight, I would think the code below is correct, so I'm wondering why I get a GET http://dev.testing.com/talent.php HTTP/1.1 result in Fiddler, while I should get a POST https://api.some_url.com/package/REST/service/criteria?api_key=my_Key HTTP/1.1..
<?php
// Set all the data
$service_url = "https://api.some_url.com/package/REST/service/criteria?api_key=my_Key";
$service_user = 'iiii_My_Username:text:FO';
$service_pass = 'password';
// Initialize the cURL
$ch = curl_init($service_url);
// Set service authentication
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($ch, CURLOPT_USERPWD, "{$service_user}:{$service_pass}");
// Composing the HTTP headers
$body = "<searchCriteriaSorting></searchCriteriaSorting>";
$headers = array();
$headers[] = 'Accept: application/xml';
$headers[] = 'Content-Type: application/xml; charset=UTF-8';
// Set the cURL options
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_HEADER, TRUE);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_ENCODING, '');
curl_setopt($ch, CURLOPT_TIMEOUT, 15);
//WARNING: this would prevent curl from detecting a 'man in the middle' attack
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
// Execute the cURL
$data = curl_exec($ch);
// Print the result
echo $data;
?>