我正在用PHP构建一个REST web服务客户端,目前我正在使用curl向服务发出请求。
我如何使用curl进行身份验证(http基本)请求?我必须自己添加标题吗?
我正在用PHP构建一个REST web服务客户端,目前我正在使用curl向服务发出请求。
我如何使用curl进行身份验证(http基本)请求?我必须自己添加标题吗?
当前回答
CURLOPT_USERPWD基本上发送user:password字符串的base64,带有http头,如下所示:
Authorization: Basic dXNlcjpwYXNzd29yZA==
所以除了CURLOPT_USERPWD之外,你还可以使用HTTP-Request头选项,就像下面的其他头一样:
$headers = array(
'Content-Type:application/json',
'Authorization: Basic '. base64_encode("user:password") // <---
);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
其他回答
Basic方法的另一种方法是:
$curl = curl_init();
$public_key = "public_key";
$private_key = "private_key";
curl_setopt_array($curl, array(
CURLOPT_URL => "https://url.endpoint.co/login",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_HTTPHEADER => array(
"Content-Type: application/json",
"Authorization: Basic ".base64_encode($public_key.":".$private_key)
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
你只需要指定CURLOPT_HTTPAUTH和CURLOPT_USERPWD选项:
$curlHandler = curl_init();
$userName = 'postman';
$password = 'password';
curl_setopt_array($curlHandler, [
CURLOPT_URL => 'https://postman-echo.com/basic-auth',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPAUTH => CURLAUTH_BASIC,
CURLOPT_USERPWD => $userName . ':' . $password,
]);
$response = curl_exec($curlHandler);
curl_close($curlHandler);
或者指定头文件:
$curlSecondHandler = curl_init();
curl_setopt_array($curlSecondHandler, [
CURLOPT_URL => 'https://postman-echo.com/basic-auth',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => [
'Authorization: Basic ' . base64_encode($userName . ':' . $password)
],
]);
$response = curl_exec($curlSecondHandler);
curl_close($curlSecondHandler);
狂饮的例子:
use GuzzleHttp\Client;
use GuzzleHttp\RequestOptions;
$userName = 'postman';
$password = 'password';
$httpClient = new Client();
$response = $httpClient->get(
'https://postman-echo.com/basic-auth',
[
RequestOptions::AUTH => [$userName, $password]
]
);
print_r($response->getBody()->getContents());
看到https://github.com/andriichuk/php-curl-cookbook基本认证
Michael Dowling的《Guzzle》便是一个不错的选择。除了优雅的接口、异步调用和符合PSR,它还使REST调用的身份验证头非常简单:
// Create a client with a base URL
$client = new GuzzleHttp\Client(['base_url' => 'http://myservices.io']);
// Send a request to http://myservices.io/status with basic authentication
$response = $client->get('/status', ['auth' => ['username', 'password']]);
去看医生。
市面上有多种REST框架。我强烈建议你看看Slim mini Framework for PHP 以下是其他一些公司的名单。
你想要的是:
curl_setopt($ch, CURLOPT_USERPWD, $username . ":" . $password);
Zend有一个REST客户端和zend_http_client,我确信PEAR有某种包装器。 但是你自己做也很容易。
所以整个请求看起来是这样的:
$ch = curl_init($host);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/xml', $additionalHeaders));
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_USERPWD, $username . ":" . $password);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $payloadName);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($ch);
curl_close($ch);