PHP CURL GET/POST Digest authentication not working

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
saijagatha
Forum Newbie
Posts: 1
Joined: Sat Oct 17, 2015 12:21 pm

PHP CURL GET/POST Digest authentication not working

Post by saijagatha »

Code: Select all

<?php
$username = 'abc';
$password = 'abcd';

$method = 'POST';
// $method = 'POST';

//  FOR POST METHOD. API REQUIRE THIS FORMAT
// $fields = array('APIRquestData' => '{"name":"value","name1":["v4","v5"]}');

$url = "http://test.etravelsmart.com/etsAPI/api/blockTicket";

$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch,CURLOPT_TIMEOUT, 30);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT, 30);
if($method == 'POST')
{
  $fieldsData = http_build_query($post_data);
  curl_setopt($ch,CURLOPT_POSTFIELDS, $fieldsData);
}

curl_setopt($ch, CURLOPT_HEADER, 1);
$first_response = curl_exec($ch);
$info = curl_getinfo($ch);


preg_match('/WWW-Authenticate: Digest (.*)/', $first_response, $matches);

if(!empty($matches))
{
  $auth_header = $matches[1];
  $auth_header_array = explode(',', $auth_header);
  $parsed = array();

  foreach ($auth_header_array as $pair)
  {
    $vals = explode('=', $pair);
    $parsed[trim($vals[0])] = trim($vals[1], '" ');
  }

  $response_realm     = (isset($parsed['realm'])) ? $parsed['realm'] : "";
  $response_nonce     = (isset($parsed['nonce'])) ? $parsed['nonce'] : "";
  $response_opaque    = (isset($parsed['opaque'])) ? $parsed['opaque'] : "";

  $authenticate1 = md5($username.":".$response_realm.":".$password);
  $authenticate2 = md5($method.":".$url);

  $authenticate_response = md5($authenticate1.":".$response_nonce.":".$authenticate2);

  $request = sprintf('Authorization: Digest username="%s", realm="%s", nonce="%s", opaque="%s", uri="%s", response="%s"',
  $username, $response_realm, $response_nonce, $response_opaque, $url, $authenticate_response);

  $request_header = array($request);
  $request_header[] = 'Content-Type:application/json';
  get_headers($url). 
  $ch = curl_init();
  curl_setopt($ch,CURLOPT_URL, $url);
  curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
  curl_setopt($ch,CURLOPT_SSL_VERIFYHOST, false);
  curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
  curl_setopt($ch,CURLOPT_FOLLOWLOCATION, false);
  curl_setopt($ch,CURLOPT_TIMEOUT, 30);
  curl_setopt($ch,CURLOPT_CONNECTTIMEOUT, 30);

  if($method == 'POST')
  {
    $fieldsData = http_build_query($post_data);
    curl_setopt($ch,CURLOPT_POSTFIELDS, $fieldsData);
  }
  curl_setopt($ch, CURLOPT_HTTPHEADER, $request_header);

  $result['response']         = curl_exec($ch);
  $result['info']             = curl_getinfo ($ch);
  $result['info']['errno']    = curl_errno($ch);
  $result['info']['errmsg']   = curl_error($ch); 
  }
// it gives response like below

Array
(
    [response] =>  
HTTP Status 404 - 

type Status report

message 

description The requested resource () is not available.
JBoss Web/7.0.13.Final

    [info] => Array
        (
            [url] => http://test.etravelsmart.com/etsAPI/api/blockTicket
            [content_type] => text/html;charset=ISO-8859-1
            [http_code] => 404
            [header_size] => 411
            [request_size] => 441
            [filetime] => -1
            [ssl_verify_result] => 0
            [redirect_count] => 0
            [total_time] => 0.203
            [namelookup_time] => 0
            [connect_time] => 0.062
            [pretransfer_time] => 0.062
            [size_upload] => 1792
            [size_download] => 956
            [speed_download] => 4709
            [speed_upload] => 8827
            [download_content_length] => 956
            [upload_content_length] => 1792
            [starttransfer_time] => 0.125
            [redirect_time] => 0
            [redirect_url] => 
            [primary_ip] => 103.5.16.98
            [certinfo] => Array
                (
                )

            [primary_port] => 80
            [local_ip] => 183.82.89.191
            [local_port] => 62858
            [errno] => 0
            [errmsg] => 
        )

)
?>
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: PHP CURL GET/POST Digest authentication not working

Post by Christopher »

You need to add the CURLOPT_HTTPAUTH options for digest authentication. See the manual.
(#10850)
Post Reply