PHP Curl HMAC-SHA1 - php

Need help on this ....
I need to get json data from API call from a URL.
It said the called need..
Content-Type : application/x-www-form-urlencoded
HTTP HEADERS : key ---> APIKEY
HTTP HEADERS : sig ---> HMAC-SHA1 signature of POST Data with SECRET KEY
POST PARAMETER: timestamp ----> Current Unix Timestamp
Do I do this correctly? But how to implement point 3 above???
$key = 'APIKEY';
$secret = 'APISECRET';
$signature = '';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://www.domain.com/getticker");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HEADER, FALSE);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, "timestamp=".time());
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded","key: ".$key,"sig: ".$signature));
$response = curl_exec($ch);
curl_close($ch);
echo $response;
Been scratching my head over this. please help me this newbie on PHP.


Finally I got it....
see the $signature part.
$key = 'APIKEY';
$secret = 'APISECRET';
$timestamp = time();
$signature = hash_hmac('sha1', "timestamp=".$timestamp, $secret);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://www.domain.com/getticker");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HEADER, FALSE);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, "timestamp=".time());
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded","key: ".$key,"sig: ".$signature));
$response = curl_exec($ch);
curl_close($ch);
echo $response;

Related

Stripe Search API 400 Bad Request

I am trying to execute cURL in PHP to do a Stripe Subscription Search. But I am getting 400 Bad Request.
Here is my PHP script:
$ch = curl_init();
$created = 'created<' . strtotime('tomorrow');
$next_page=isset($_REQUEST['next_page'])==true?'page='.$_REQUEST['next_page']:'';
$limit = 20;
$curl_url = "https://api.stripe.com/v1/subscriptions/search?".$next_page."&expand[]=total_count&limit=".$limit."&query=status:'active' AND metadata['order_id']:'6735'".'AND '.$created;
//"https://api.stripe.com/v1/subscriptions/search?&expand[]=total_count&limit=20&query=status:'active' AND metadata['order_id']:'6735'AND created<1672272000"
curl_setopt($ch, CURLOPT_URL, $curl_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
$headr = array();
$headr[] = 'Stripe-Version: 2022-11-15';
curl_setopt($ch, CURLOPT_HTTPHEADER, $headr);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, 'XXXX-secret_key_test-XXX');
$response = curl_exec($ch);
curl_close($ch);

I have solved the problem by encoding the query parameter values like
$curl_url = "https://api.stripe.com/v1/subscriptions/search?".$next_page."&expand[]=total_count&limit=".$limit
."&query=".urlencode($status.' AND '.$created)`

How can I get part of a JSON response that is returned from a curl POST using PHP

I am posting to an API to get an authorization token. The problem is this token is only activated for 24 hours so I am creating a cronjob that gets a new token every 24 hours.
This is my post using CURL:
<?PHP
// GET auth token
$url = 'https://website.nl';
$data = array("client_id" => "myclientid","client_secret" => "mysecret");
$postdata = json_encode($data);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
$result = curl_exec($ch);
curl_close($ch);
echo '<pre>';
print_r ($result);
echo '</pre>';
?>
This returns:
{
"payload": "{\"access_token\":\"my_auth_token\",\"expires_in\":86400,\"token_type\":\"Bearer\"}"
}
How can I get access_token as the only output? I've tried echoing payload but I am not sure how to do it.
echo $result[0]->payload;
echo $result->payload;
Both don't work.

You have forgotten to json_decode
$url = 'https://jsonplaceholder.typicode.com/todos/1';
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json', 'Accept: application/json'));
$result = curl_exec($ch);
curl_close($ch);
var_dump(json_decode($result));
Please take a look at playground

looks like you're getting a JSON response from the curl request.
With the dummy parameters in the code I could't test it, but I guess the solution would be something like this:
<?PHP
// GET auth token
$url = 'https://website.nl';
$data = array("client_id" => "myclientid","client_secret" => "mysecret");
$postdata = json_encode($data);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
$response = curl_exec($ch);
curl_close($ch);
$result = json_decode(stripslashes($response));
echo $result->payload->access_token;
?>
Let me know if it works.

how to resolve ( [error] => invalid_client [error_description] => client authentication failed ) for ebay

public function authorizationToken(){
$link = "https://api.ebay.com/identity/v1/oauth2/token";
$codeAuth = base64_encode($this->clientID.':'.$this->certID);
$ch = curl_init($link);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded','Authorization: Basic '.$codeAuth));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "grant_type=authorization_code&code=".urlencode($this->authCode)."&redirect_uri=".$this->ruName."&scope=".urlencode('https://api.ebay.com/oauth/api_scope'));
$response = curl_exec($ch);
$json = json_decode($response, true);$info = curl_getinfo($ch);
curl_close($ch);print_r($json);}

It looks like you are getting refresh_token confused with authorization_token, because you are mixing incompatible parameters between the two different requests.
If you are trying to get the initial "AccessToken" (AKA UserAccessToken, access_token, AuthToken, ...), then you should not include the scope parameter in your request body. So your request body should look like this:
grant_type=authorization_code&redirect_uri=<redirect_uri>&code=<authorization_code>
Where <authorization_code> is the value that is returned from here.
For an overview of the difference, I'd recommend this answer over the official docs on the topic.

Try this code
public function authorizationToken(){
$link = "https://api.ebay.com/identity/v1/oauth2/token";
$codeAuth = base64_encode($this->clientID.':'.$this->certID);
$ch = curl_init($link);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded','Authorization: Basic '.$codeAuth));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "grant_type=client_credentials&scope=".urlencode('https://api.ebay.com/oauth/api_scope'));
$response = curl_exec($ch);
$json = json_decode($response, true);
$info = curl_getinfo($ch);
curl_close($ch);
print_r($json);
}

Parameter not passing in curl using Php

I am trying to fetch data from webservice(nodejs) using curl in php but i am getting result "lang is required"
i tried with following code but not working for me where i am wrong ?
Here is my code
$post = ['lang'=> "593f973dea53161779dd5660",'password'=> "amit123d"];
$ch = curl_init();
$url="http://xxxxxx:8000/api/employer/login";
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post));
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$response = curl_exec($ch);
$result = json_decode($response);
echo "<pre>";print_R($result);

Usually to send post variables i use : the http_build_query function.
$url = "http://xxxxxx:8000/api/employer/login";
$post = ['lang'=> "593f973dea53161779dd5660",'password'=> "amit123d"];
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch,CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post));
$response = curl_exec($ch);
$result = json_decode($response);
echo "<pre>";print_R($result);
It works better.

first check the request whether send post field or not.
$post = ['lang'=> "593f973dea53161779dd5660",'password'=> "amit123d"];
$ch = curl_init();
$url="https://httpbin.org/post";
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post));
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$response = curl_exec($ch);
$result = json_decode($response);
echo "<pre>";print_R($result);
the site: https://httpbin.org/ will response the post field if the post data exists.
I think the problem may occurs the nodejs side. Does it check the post field rightly ?
from my experience your code is right.

POST JSON with PHP cURL

I have the following php code
curl_setopt($ch, CURLOPT_URL, $URL);
curl_setopt($ch, CURLOPT_USERAGENT, $this->_agent);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_AUTOREFERER, true);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $this->_headers);
curl_setopt($ch, CURLOPT_ENCODING , "gzip");
curl_setopt($ch, CURLOPT_VERBOSE, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 120);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_COOKIEFILE, $this->_cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $this->_cookie_file_path);
curl_setopt($ch, CURLOPT_POSTFIELDS, '{"folderId":"1","parameters":{"amount":3,"ascending":false,"offset":0,"sort":"date"}}');
curl_setopt($ch, CURLOPT_POST, 1);
But I don't understand why is not working . The API that I'm posting the JSON to says that the parameters were not received . Is there anything wrong in my code ? I think the whole trick is on the JSON parameters... I'm not sure how to send them as I couldn't see any "nave->value" pair with the http analyzer as it usually appears in simple forms ... just that JSON code without any "name".

You can try as follows.
Basically if we have a array of data then it should be json encoded using php json_encode. And you should also add content-type in header which can be defined in curl as curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
$data = array("country"=>"US","states"=>array("MHASASAS"=>"MH","XYZABABA"=>"XYZ"));
$postdata = json_encode($data);
$ch = curl_init($URL);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
$result = curl_exec($ch);
curl_close($ch);

you can use this and replace with
curl_setopt($ch, CURLOPT_POSTFIELDS, '{"folderId":"1","parameters":{"amount":3,"ascending":false,"offset":0,"sort":"date"}}');
use this
$Parameters = array(
'MerchantCode' => $MerchantCode,
'PriceValue' => $amount,
'ReturnUrl' => $callback,
'InvoiceNumber' => $resnum,
);
curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($Parameters));

If:you use post method,you should know that:
CURLOPT_POST TRUE to do a regular HTTP POST. This POST is the normal application/x-www-form-urlencoded kind, most commonly used by HTML forms.
#see http://php.net/manual/en/function.curl-setopt.php
So:you can do like this:
$ar_form = array('name'=>'PHPJungle','age'=>66,'gender'=>'male');
$poststr = http_build_query($ar_form ); # important
$options[CURLOPT_HTTPGET] = false;
$options[CURLOPT_POST] = true;
$options[CURLOPT_POSTFIELDS] = $poststr ; //default type:application/x-www-from-urlencoded
curl_setopt_array ( $ch, $options );
# #todo your other codes
This is my class I have used for a long time.The class is based on PHP cURL.
It supports GET/POST,HTTP/HTTPS.
#see https://github.com/phpjungle/iHttp/

You can post a json data with curl like so:
Using Command Prompt:
curl -X POST -H "Content-Type: application/json" -d '{"folderId":"1","parameters":{"amount":3,"ascending":false,"offset":0,"sort":"date"}}' $url
Using PHP:
$data = array("folderId"=>"1","parameters"=>array("amount"=>3,"ascending"=>false,"offset"=>0,"sort"=>"date"));
$postdata = json_encode($data);
OR
$postdata = '{"folderId":"1","parameters":{"amount":3,"ascending":false,"offset":0,"sort":"date"}}';
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
$result = curl_exec($ch);
curl_close($ch);
print_r($result);

You haven't set the content type, so the post data is being sent as form data. Try setting the content type to application/json.
If that doesn't work, try wrapping the json string with an array.

$link = "http://test.domain/myquery";
$json = '{"folderId":"1","parameters":{"amount":3,"ascending":false,"offset":0,"sort":"date"}}';
$postdata = json_decode($json);
echo openurl($link, $postdata);
This works as json decode converts a json string into array.
function openurl($url, $postvars = "") {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postvars);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, '3');
$content = trim(curl_exec($ch));
curl_close($ch);
return $content;
}

if your API endpoint using body for send request using json data may be you can use Guzzle the doc is here doc.
use GuzzleHttp\Client;
$client = new Client();
$request = $this->client->post($url,array(
'content-type' => 'application/json'
),array());
$request->setBody($json_data);
$response = $request->send();
return $response;
hope this work.

You can do it make by steps:
$data = array(
'folderId'=>"1","parameters"=>array(
"amount"=>"3","ascending"=>false,"offset"=>0,"sort"=>"date"
)
);
$data_string = http_build_query($data);
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_POST, count($data));
curl_setopt($ch,CURLOPT_POSTFIELDS, $data_string);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec($ch);
curl_close($ch);
$result = json_decode($result,true);
I don't know if you need the header. I think that by default it is already application/x-www-form-urlencode
If it doesn't work, try changing the $data values in array. Think it helps. :)

I'm not sure, that this is the solution but this works for me when posting json, change the json from
'{"folderId":"1","parameters":{"amount":3,"ascending":false,"offset":0,"sort":"date"}}'
to
"{'folderId':'1','parameters':{'amount':3,'ascending':false,'offset':0,'sort':'date'}}"
The only change i made was the double quotes are now on the outside, that works for me but I'm obviously posting to a different server
Only other help I could offer is to download a network debugging tool such as Fiddler or Charles proxy and monitor the requests sent/received, it could be a case that something else is wrong in your code.
Hope i helped :)

first of all
please check the curl http status code
$http_code= curl_get_info($exec_res,CURL_HTTP_CODE);
then modify this request header set with post header API server add a recorder to log those request info.

Categories