I just learn how to create a web service and consume it using PHP and (nusoap). now I am confused on how to authenticate a web service URL.
For example I have a web service that has a URL like below
<?php
include_once './lib/nusoap.php';
$server = new nusoap_server();
//print_r($server);
$server->register('abc');
function abc()
{
return 'welcoem';
}
$server->service($HTTP_RAW_POST_DATA);
exit();
?>
localhost/nusoap/webservice91.php
So I give it to a client. but I want to know is that particular person is using web service to whom I give them a URL.
How to get to know if another person is using our web service.
There are several options technically:
HTTP authentication
Soap-based authentication via soap headers.
Roll-your-own authentication with username/password or token being embedded in the soap body as part of the actual request.
Related
I am having account in sandbox.coinbase and I have used oauth2 where I have add new app.
It'll provide me :
clientid = 'xxxxxxxx'
clientsecreateid = 'xxxxxxxxxxxxxxxx'
authredirecturl = 'xxxxxxx'
But when I am configure it using below code
$configuration = Configuration::oauth($accessToken);
$client = Client::create($configuration);
I need $accessToken, I go through the document file but I can't find anywhere so any one have idea where to find or how to get accessToken..?
As the documentation states:
This library does not handle the handshake process, and assumes you
have an access token when it's initialized. You can handle the
handshake process using an OAuth2 client such as league/oauth2-client.
So you have to use the oauth2 client first, configure it with the coinbase server (using clientId, clientSecret and redirectUrl that you have) and pass the authorization process (much like "Login with facebook"). At the end of the oauth2 authorization coinbase will send you both access token and refresh token. They are generated on-the-fly.
Alternatively as I can see you can use the apiKey/apiSecret mode. This is essentially like having login/password.
I am trying to authenticate with a family history web service that authenticates using OAuth2. The basic workflow of the authentication is that I submit a get request against the web service requesting an authentication session. It returns in the body of the response HTML Code with some login components for user name and password. My PHP application then echoes the html code to the browser. The end user can then enter his or her user name and password, then submit to the web service. This is where the behavior becomes unclear. In theory, The web service should redirect to a predefined redirect URI with some parameters included in the URL. In practice, however, submitting the password redirects to the pre registered redirect URI, but there are no parameters included in the URL. My Project is written primarily in PHP. This is a snippit of the code that makes the inital request for an authentication session.
function logOn($mainURL, $credentials)
{
// create a new HTTP_Request object to be used in the login process
$request = new HTTP_Request();
// set the URL of the HTTP_Request object to the family search identity/login endpoint
$request->setUrl("https://web-service/authentication/path?response_type=code&client_id=".$credentials['key']."&redirect_uri=https://www.myredirectPage.edu/");
$request->_useBrackets = false;
$request->addHeader("User-Agent", $credentials['agent']);
$request->addHeader("Accept","text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
$request->sendRequest();
//HTML_HEADER;
//the response will come in the form of an html file
$responseHtml = $request->getResponseBody();
//Dynamically load html from request body onto the browser to allow for authentication
echo $responseHtml;
return $credentials;
}
The end user will enter their login credentials using the loaded html components and hit submit. The web service then redirects to my redirect authentication page. The code there is provided below.
<?php
// process client request (Via url)
//gather code parameters from the redirect url.
if (isset($_GET['code']))
{
echo $_GET['code'];
}
else
{
echo "code not returned";
}
if (isset($_GET['error']))
{
echo $_GET['error'];
}
else
{
echo "error not returned";
}
?>
Thanks in advance to any help with this.
When I use Google Chrome's Network debugger tool, I saw that my project was making unexpected searches for Javascript and Css resources, all resulting in 404 (not found) errors. Upon closer inspection, I could see that the resources were relative paths to resources that are on the web service server. Rather than looking for 'https://webService.net/js/importantJavascript.js' (an existing file located on the service's web server), it was trying to find 'https://mywebpage.edu/js/importantJavascript.js'(a path to a file that doesn't exist).
I'm working with a .net server solution that provides an authentication web service, along with several other service URLs. The access process involves an initial call to the authentication service URL, and using an 'Authenticate' soap call, which is supposed to return an access token. This token is then used to make calls to the other service URLs to retrieve data from the server.
The issue I'm having is that I was provided a username and password for the authentication process, but there's no indication of how the credentials are meant to be sent to the server. Additionally, I'm trying to access the web service (.net based) using PHP.
So far, I've managed to use wsdl2php to generate classes for the authentication service URL, but the classes don't provide any indication of how the username and password are meant to be sent.
I've tried adding the credentials as soap headers:
$headerContent = "<o:UserName xmlns:o=\"$namespace\">
<o:UserName>$uname</o:UserName>
<o:Password>$pword</o:Password>
</o:UserName>";
$headerVar = new SoapVar($headerContent, XSD_ANYXML, null, null, null);
$header = new SoapHeader($namespace, 'o:ClientCredentials', $headerVar);
$this->__setSoapHeaders(array($header));
try {
return $this->__soapCall('Authenticate', array());
} catch (Exception $e) {
throw new Exception( 'Not allowed.', 0, $e);
}
...but I receive an 'Access denied' message. Is there a proper way to pass the credentials to the service in order to successfully authenticate?
There are many different authentication flavors - forms, basic, oauth. If you have a way to login via a browser, I would suggest running Fiddler to peek at the message traffic. Fiddler is a middleware tool that sits between the browser and server. It will give you the packet headers - so you can see the encryption, field formatting and content type. You should then mimic the request.
Has anyone ever created code to connect to Adestra.com's XML RPC API with PHP.
I have seen a couple of XML RPC examples on here, but none of them demonstrate how to send username and password authentication via headers. According to the Adestra Support:-
"We use HTTP basic authentication, which requires the username and password passed through as headers. Most XML-RPC clients will handle this for you by exposing a more convenient interface for supplying credentials. To ensure credentials are passed securely, please connect to the API over https (https://app.adestra.com/api/xmlrpc)."
I [think I] understand the basic process here, i.e. you use an XML RPC library to encode function calls and parameters into XML format, and get a reponse from the server, but how would you send the authentication?
Any help much appreciated.
First you have to download XMLRPC client library. This library is used to create an XMLRPC object which will communicate with ADESTRA API services.
Bellow is example of calling API contact.search method. The principle stays the same for other API methods:
//******* LOGIN DATA*******/
$account = 'account';
$username = 'username';
$password = 'password';
$adestraCoreTable=1;
/**INITIALIZE API*****/
require_once('xmlrpc.inc');//First inlcude XMLRPC client library
//Calling Adestra API with our credentials
$xmlrpc= new xmlrpc_client("http://$account.$username:$password#new.adestra.com/api/xmlrpc");
$xmlrpc->setDebug(0);
$xmlrpc->request_charset_encoding="UTF-8";
$msg = new xmlrpcmsg(
"contact.search",
array(
//Set user id
new xmlrpcval($adestraCoreTable, "int"),
new xmlrpcval(
array(
"email"=> new xmlrpcval("test#test.com", "string"),
),"struct"
)
)
);
$response = $xmlrpc->send($msg);//Send request, and get the response
if($response->faultCode()){//API call not succeed. This can happen when there is no connection
$errorMessage=htmlspecialchars($response->faultString());
$errorCode=htmlspecialchars($response->faultCode());
}
$returnValue = php_xmlrpc_decode($response->value());//Parse API return
if(empty($returnValue)){//If return value is empty, user not find in Adestra, we should log that
$errorMessage="Searching user by mail did not succeed! Problably there is no this user in Adestra DB";
continue;///SCRIPT MUST continue for other users
}
$adestraUSERID=$returnValue[0]["id"];//Use this ID for what ever you want
i am currently stacked with twilio client call where i have to call a user from browser. Lets see the scenario.
start snippet:
include 'twilio/Services/Twilio/Capability.php';
include 'twilio/Services/Twilio.php';
$accountSid = 'ACxxxxxxxxxxxxxxx';
$authToken = 'xxxxxxxxxxxxxxxxx';
$token = new Services_Twilio_Capability($accountSid, $authToken);
$token->allowClientOutgoing('APXXXXXXXXXXX');
$client = new Services_Twilio($accountSid, $authToken);
$call = $client->account->calls->create("twilio Number", "client number", "https://www.mysite.com/twilio/callback", array());
And my call back goes like this:
function callback(){
$xml = "<Response><Say>Placing your call now.</Say><Dial callerId='twilio verified number' timeout='40' record='true'></Dial></Response>";
header("content-type: text/xml");
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" . $xml;
exit();
}
I dont know what exactly the $from, $to parameters with in the calls->create() function takes. If we are initially initiating the call to $to then, it should work.
My requirement is to call a client to client number from my browser. Yes, i see the referencees here but stacked again.
Twilio evangelist here.
Looks like your current code is using the REST library to initiate the call. This send a message to Twilio to initiate a phone call from Twilio to some phone. All of that happens on the server, not in the browser.
In your case it sounds like you want to actually make a phone call right from the browser. To do that you need to use Twilio Client, which is a JavaScript framework that lets you create an audio connection from a browser to Twilio, and the connection is made using WebRTC (or Flash if needed). Its the job of the Twilio Client SDK to figure out how to create and manage the actual audio connection between your browser and Twilio.
http://www.twilio.com/client
https://www.twilio.com/docs/tutorials/walkthrough/browser-calls/php/laravel
This is different than initiating a call using the REST API. When you initiate an outbound call using the REST API, the API does not actually manage the audio connection. Your using the API simply to tell Twilio to initiate a phone call between Twilio and a phone (or to send a text message), or to ask Twilio for information (like getting list of send SMS messages). The management of the actual audio connection is handled by Twilios internal systems.
The first part of your PHP code is correct you need to create a Twilio Capability token. That token is used by our JavaScript library. This tutorial shows the JavaScript code that you can use to make a call from your browser to Twilio:
https://www.twilio.com/docs/tutorials/walkthrough/browser-calls/php/laravel
Once the browser connects to Twilio, Twilio will make a request to the URL you've set on your TwiML App (the string starting with "AP" that you specified when you created the capability token). You can return whatever TwiML you like from this URL, including using the <Dial> very to tell Twilio to bridge the Twilio Client connection into a <Conference>.
Hope that helps.
Devin
This will be helpful. If you look through the code, there is some api (i think callFromBrowser()) which does the trick.