I want to use a third party's web service. To use the web service I need to connect with HTTPS. My problem is that for the development process I have a test api with an invalid certificate. I would like to set SoapClient no to verify the server's certificate. Here is the way I tried:
$opts = array(
'ssl' => array(
'verify_peer' => false
),
'https' => array(
'curl_verify_ssl_peer' => false,
'curl_verify_ssl_host' => false
)
);
$streamContext = stream_context_create($opts);
$client = new SoapClient("https://urlToSoapWs",
array(
'login' => 'user',
'password' => 'pwd',
'authentication' => SOAP_AUTHENTICATION_BASIC,
'local_cert' => file_get_contents('C:/somelocation/1.pem'),
'passphrase' => 'passphrase',
'stream_context' => $streamContext
));
I also tried with CURL and worked! But I want to use SoapClient. You can find the code with CURL below:
// create a new cURL resource
$ch = curl_init("https://urlToSoapWs");
// setting the request type to POST:
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: text/xml"));
// setting the authorization method to BASIC:
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
// supplying your credentials:
curl_setopt($ch, CURLOPT_USERPWD, "user:pwd");
$body = "<SOAP-ENV:Envelope>somexmlhere</SOAP-ENV:Envelope>";
// filling the request body with your SOAP message:
curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
// configuring cURL not to verify the server certificate:
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSLCERT, "pathToTheCertificatePemFile");
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, "pwd");
//curl_setopt($ch, CURLOPT_SSLCERTTYPE, "PEM");
curl_setopt($ch, CURLOPT_SSLKEY, "pathTotheKeyFile");
curl_setopt($ch, CURLOPT_SSLKEYPASSWD, "pwd");
// telling cURL to return the HTTP response body as operation result
// value when calling curl_exec:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// calling cURL and saving the SOAP response message in a variable which
// contains a string like "<SOAP-ENV:Envelope ...>...</SOAP-ENV:Envelope>":
$result = curl_exec($ch);
// closing cURL:
curl_close($ch);
If you have found the bug in the code that I provided using the SoapClient please post it.
Thanks.
Maybe not the invalid Certificate is a Problem, more the SSLv2/3 Handshake; can you try manually specifing a Cipher like this:
$stream_opts = array(
// 'ssl'=>array('ciphers'=>"3DES" // also working
// further ciphers on http://www.openssl.org/docs/apps/ciphers.html
'ssl'=>array('ciphers'=>"SHA1"
)
);
$myStreamContext = stream_context_create($stream_opts);
$soapOptions['stream_context'] = $stream_opts;
$soapClient = new SoapAuthClient("https://...", $soapOptions);
Good luck!
It looks like you have hit this authentication plus SSL bug in SoapClient. You can either recompile php with the patch included in that link, or wait until they integrate it in the official build.
Related
I am trying to convert a command line API to PHP cURL
Here's command line php curl
curl --data-urlencode "type=5" --data-urlencode "url=https://example.com/test.torrent" --data-urlencode "comment=API test" --data-urlencode "website=https://example.com/" --data-urlencode "apikey=123456-asdfasdfasdfasdfasdfasdf" --data-urlencode "send=true" https://www.source-site.com/get.php
This is what I am trying with PHP
<?php
ini_set('display_errors',1);
$arr=array(
'type' => 'category5',
'url' => 'https://example.com/test.torrent',
'website' => 'https://example.com',
'apikey' => '696c1a998ac8f13154-088605f-9b0',
'send' => 'true'
);
$data_string = http_build_query($arr);
$ch = curl_init('https://www.source-site.com/get.php'); // this url where my file will be uploaded
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_exec($ch);
echo curl_error($ch);
?>
Now the problem is, it does not upload the file nor display any errors the page is blank, what's wrong with my PHP codes?
I have updated my codes now I get the following error
error setting certificate verify locations: CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none
I replicated your code and had my own script that echo'd the $_POST array. I curlopt_custom_request to CURLOPT_POST set to true and added CURLOPT_FOLLOWLOCATION. I notice that your url has https as well which if your test site doesn't have a cert will cause this to fail you can try setting CURLOPT_SSL_VERIFYPEER to false for testing, but I didn't have much luck with that. So if that doesn't work maybe try http://yoursite.com.
<?php
ini_set('display_errors',1);
$arr=array(
'type' => 'category5',
'url' => 'https://example.com/test.torrent',
'website' => 'https://example.com',
'apikey' => '696c1a998ac8f13154-088605f-9b0',
'send' => 'true'
);
$data_string = http_build_query($arr);
echo $data_string;
$ch = curl_init('YOUR URL HERE'); // this url where my file will be uploaded
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded"));
$final = curl_exec($ch);
var_dump($final);
?>
I'm working on InfusionSoft API (documentation here) and making request by using CURL (no API SDK) but getting the following error.
Failed to parse XML-RPC request: Premature end of file.
any help would be appreciated. Below is the CURL code that I'm using.
$url_token = 'http://api.infusionsoft.com/crm/xmlrpc/v1/?access_token='.$access_token;
$curlPost = array(
'access_token' => $access_token,
'privateKey' => $api_key,
'contactId' => 6171,
'selectedFields' => array('email')
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url_token);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($curlPost));
$res = curl_exec($ch);
echo $res;
I'm trying to send out an outbound call with the callfire REST API and am having some difficulty doing so. Here's my code (adapted from https://developers.callfire.com/docs.html#createVoiceBroadcast):
<?php
$username = '...';
$password = '...';
$data = array(
'name' => 'Automation Test',
'fromNumber' => '...',
'recipients' => array(
array('phoneNumber' => '...')
),
'answeringMachineConfig' => 'AM_AND_ALIVE',
'liveSoundText' => 'hello, world!',
'machineSoundText' => 'hello, world!'
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,'https://api.callfire.com/v2/campaigns/voice-broadcasts');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_USERPWD, $username . ':' . $password);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data));
$result = json_decode(curl_exec($ch));
print_r($result);
The problem is in the response. It's as follows:
stdClass Object
(
[httpStatusCode] => 415
[internalCode] => 0
[message] => Exception in API
)
The 415 status code is for "Unsupported Media Type" per https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#4xx_Client_Error but since I'm not uploading any media that error doesn't really make a lot of sense.
Maybe my value for answeringMachineConfig is invalid. idk what AM_AND_LIVE is supposed to mean but it's in the example so I'm using it. If there's only a small number of possible values the documentation should say so..
You need to set content type to 'application/json'.
Old I know, but just ran across it. Perhaps:
'answeringMachineConfig' => 'AM_AND_ALIVE',
should be:
'answeringMachineConfig' => 'AM_AND_LIVE',
You wrote ALIVE instead of LIVE
I need to send an XML as soap request using CURL. I have created xml using
$xml = "<?xml .............." blah blah
That looks like
<?xml version='1.0' encoding='utf-8'?><soap:Envelope xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xmlns:xsd='http://www.w3.org/2001/XMLSchema' xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'><soap:Body><extLoginData xmlns='http://www.JOI.com/schemas/ViaSub.WMS/'><ThreePLKey>4dfdf34</ThreePLKey><Login>abv</Login><Password>abc</Password><FacilityID>1ee</FacilityID><CustomerID>xfs</CustomerID></extLoginData><orders xmlns='http://www.JOI.com/schemas/ViaSub.WMS/'><Order><TransInfo><ReferenceNum>Test</ReferenceNum><PONum>12345</PONum></TransInfo><ShipTo><Name></Name><CompanyName>Peter's Test</CompanyName><Address><Address1>7301 Lennox Ave Unit E3</Address1><Address2></Address2><City>Los Angeles</City><State>CA</State><Zip>90010</Zip><Country>US</Country></Address><PhoneNumber1>858-449-8022</PhoneNumber1><EmailAddress1>lshaules#mercatismedia.com</EmailAddress1><CustomerName>Elizabeth Shaules</CustomerName></ShipTo><ShippingInstructions><Carrier>USPS</Carrier><Mode>First Class Mail</Mode><BillingCode>Prepaid</BillingCode></ShippingInstructions><OrderLineItems><OrderLineItem><SKU>947</SKU><Qualifier>XXX</Qualifier><Qty>1</Qty></OrderLineItem></OrderLineItems></Order></orders></soap:Body></soap:Envelope>
And I am using following code to send CURL request
$url = 'http://someurl.com/Contracts.asmx';
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_TIMEOUT, 120);
curl_setopt($curl, CURLOPT_ENCODING, 'gzip');
curl_setopt($curl, CURLOPT_HTTPHEADER, array(
'SOAPAction:"http://www.example.com/ViaSub.WMS/CreateOrders"',
'Content-Type: text/xml; charset=utf-8',
));
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $orderXml);
$result = curl_exec($curl);
But I am getting
soap:ServerServer was unable to process request. ---> Sequence contains no elements
I have searched but haven't found any thing related to it. Can you please let me know what I am doing wrong and how I do it?
This looks like a schema validation error. You don't provide a link to the definition, but a quick search showed me this documentation page. If this is the one you need take a look at the WSDL: https://secure-wms.com/webserviceexternal/contracts.asmx?WSDL
Look for instance the element PalletCount within Order. You see it has minOccurs="1", meaning it's mandatory. But in the xml string you copy there's no such element. That's indeed a sequence with missing elements. (There may be some other schema inconsistencies, have a close look).
Also, consider using the SoapClient PHP class
$WSDL = 'https://secure-wms.com/webserviceexternal/contracts.asmx?WSDL';
$options = [
'trace' => true,
'cache' => WSDL_CACHE_NONE,
'exceptions' => true
];
$client = new SoapClient($WSDL, $options);
$payload = [
'extLoginData' => [
'ThreePLKey' => '4dfdf34',
'Login' => 'abv',
'Password' => 'abc',
'FacilityID' => '1ee',
'CustomerID' => 'xfs'
],
'orders' => [
'Order' => [
// etc...
]
]
]);
$response = $client->CreateOrders($payload);
This way the client handles the schema validation, headers setting (you can set additional headers, though), the namespacing, and the array to xml conversion.
Use this
$xml = "<?xml ..............</soap:Envelope>";
$headers = array(
"Content-type: text/xml;charset=\"utf-8\"",
"Accept: text/xml",
"Cache-Control: no-cache",
"Pragma: no-cache",
"SOAPAction: http://www.example.com/ViaSub.WMS/CreateOrders",
"Content-length: ".strlen($xml),
); //SOAPAction: your op URL
$url = 'http://someurl.com/Contracts.asmx';
// PHP cURL for https connection with auth
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml); // the SOAP request
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
// converting
$response = curl_exec($ch);
curl_close($ch);
var_dump($response);
I'm trying to get the content of a stream over HTTPS, but I have to go over an HTTP proxy.
I'd like not to use cURL but rather use fopen with a context argument.
The thing is, I can't make it work over HTTPS (HTTP is working fine though).
This DOES NOT work :
$stream = stream_context_create(Array("http" => Array("method" => "GET",
"timeout" => 20,
"proxy" => "tcp://my-proxy:3128",
'request_fulluri' => True
)));
echo file_get_contents('https://my-stream', false, $context);
This DOES work (cURL) :
$url = 'https://my-stream';
$proxy = 'my-proxy:3128';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_PROXY, $proxy);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
$curl_scraped_page = curl_exec($ch);
curl_close($ch);
echo $curl_scraped_page;
Does somebody know what is wrong with the first piece of code ? if it works with cURL there has to be a way to make it work with a context.
I tried to change the context options to a bunch of different values woth no luck.
Any help would be greatly appreciated !
Thanks.
You did not specifiy the exact error message, try adding ignore_errors => true. But if you are getting a 400 Bad Request from Apache, the problem you are probably hitting, is a Server Name Indication & host header mismatch. There is also a PHP bug related to this: https://bugs.php.net/bug.php?id=63519
Try the following fix until this bug is resolved:
$stream = stream_context_create(array(
'http' => array(
'timeout' => 20,
'proxy' => 'tcp://my-proxy:3128',
'request_fulluri' => true
),
'ssl' => array(
'SNI_enabled' => false // Disable SNI for https over http proxies
)
));
echo file_get_contents('https://my-stream', false, $context);