如何正确使用php curl调用API?我得到了401的http状态码
我试图在php curl中使用承载令牌授权调用API,但得到了响应 我尝试过使用post man的代码,但我遇到了一个不同的错误。我已经包括了代码。旋度是第一个函数。我有一个不同的API来获取承载令牌,这很好,但是当我将承载令牌传递给我的php Curl请求时,我得到的http状态码是401如何正确使用php curl调用API?我得到了401的http状态码,php,curl,postman,Php,Curl,Postman,我试图在php curl中使用承载令牌授权调用API,但得到了响应 我尝试过使用post man的代码,但我遇到了一个不同的错误。我已经包括了代码。旋度是第一个函数。我有一个不同的API来获取承载令牌,这很好,但是当我将承载令牌传递给我的php Curl请求时,我得到的http状态码是401 function restRequestDispute($method, $endpoint, $data, $content_type, $token) { $ch = cur
function restRequestDispute($method, $endpoint, $data, $content_type, $token)
{
$ch = curl_init($endpoint);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_TIMEOUT, 300);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER,
array("Authorization: Bearer " . $token,
"Content-type: $content_type",
"Accepts: application/json"));
// 'Content-Length: 0'));
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_ENCODING, '');
$method = strtoupper($method);
switch ($method) {
case "GET":
curl_setopt($ch, CURLOPT_HTTPGET, true);
break;
case "DELETE":
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "DELETE");
break;
case "PUT":
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT");
case "POST":
//return $data;
//curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
break;
default:
throw new Exception("Error: Invalid HTTP method '$method' $endpoint");
return null;
}
$oRet = new StdClass;
$oRet->response = json_decode(curl_exec($ch));
$oRet->status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
return $oRet;
}
function createDispute()
{
try{
$local_date = $date;
$method ="POST";
$content_type="application/json";
$accessToken = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoiU2hlcmlmZi5PcGVsIiwiZXhwIjoxNTU0MzE2ODAzLCJpc3MiOiJ1cC1uZy5jb20iLCJhdWQiOiJ1cC1uZy5jb20ifQ.8LN6gcoDEpb2i8h9NA0Z_PNxRLweaHh44PN5nbfER10";
$params = array (
"issuerrrn"=> "003409137690",
"transactionamount"=> "-7100",
"localtransactiondate"=> "20181210",
"logcomment"=> "comment",
"amountdispenced"=>"0",
"currentstatus"=> "NotStarted",
"transitionaction"=> "GoodsServicesNotReceived"
);
$endpoint="https://172.**.*.***:***/api/DisputeWIthIssRrn?issuerrrn=003409137690&transactionamount=-7100&localtransactiondate=20181210&logcomment=comment&amountdispenced=0¤tstatus=NotStarted&transitionaction=GoodsServicesNotReceived";
$response = restRequestDispute($method, $endpoint, "", $content_type, $accessToken);
return $response;
} catch(Exception $e){
$returned_result = ["error" => ["status" => "Exception", "data" => $e->getMessage()]];
return $returned_result;
}
}
我对curl函数做了一些修改,移动了一些东西,添加了一些东西——一个是输出中增强的调试信息,另一个是在SSL选项中使用cainfo。希望能有帮助
function restRequestDispute($method, $endpoint, $data, $content_type, $token){
try{
/* you can freely download cacert.pem from the internet - always use when performing SSL communications in cURL */
$cacert = '/path/to/your/cacert.pem';
/* add additional debug info to this stream */
$vbh = fopen('php://temp', 'w+');
$method = strtoupper( $method );
$ch = curl_init( $endpoint );
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_TIMEOUT, 300);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_ENCODING, '');
curl_setopt($ch, CURLOPT_HTTPHEADER,
array(
"Authorization: Bearer " . $token,
"Content-type: $content_type",
"Accepts: application/json"
)
);
if( parse_url( $endpoint,PHP_URL_SCHEME )=='https' ){
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, true );
curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, 2 );
curl_setopt( $ch, CURLOPT_CAINFO, $cacert );
}
/* set the options for enhanced debugging */
curl_setopt( $ch, CURLOPT_VERBOSE, true );
curl_setopt( $ch, CURLOPT_NOPROGRESS, true );
curl_setopt( $ch, CURLOPT_STDERR, $vbh );
switch( $method ) {
case "GET":
curl_setopt($ch, CURLOPT_HTTPGET, true );
break;
case "DELETE":
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "DELETE" );
break;
case "PUT":
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT" );
break;
case "POST":
curl_setopt($ch, CURLOPT_POST, true );
curl_setopt($ch, CURLOPT_POSTFIELDS, $data );
break;
default:
throw new Exception("Error: Invalid HTTP method '$method' $endpoint");
return null;
}
$oRet = new StdClass;
$oRet->response = json_decode( curl_exec( $ch ) );
$oRet->status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$oRet->errors = curl_error( $ch );
/* add verbose information to the output for enhanced debugging */
rewind( $vbh );
$oRet->verbose = stream_get_contents( $vbh );
fclose( $vbh );
curl_close( $ch );
return $oRet;
}catch( Exception $e ){
exit( $e->getMessage() );
}
}
当函数返回时,如果您检查$oRet->verbose或$response->verbose的输出,您应该会看到更多信息,这些信息多次帮助我解决了curl请求的问题
查看如何调用上述函数,我注意到:
`restRequestDispute( $method, $endpoint, "", $content_type, $accessToken );`
难道不是这样吗
`restRequestDispute( $method, $endpoint, $params, $content_type, $accessToken );`
CURLOPT_SSL_VERIFYHOST-可接受的值不包括false-我的建议,使用2instead@RamRaider实际上,在这种情况下,false被转换为0,它是可接受的值:0不检查名称。false等于零,但这会导致mitm攻击的可能性,因此应该单独忽略。可能您正在使用POST,但您正在url中发送参数。尝试用$params替换。谢谢RamRaider。我试过了,但没有成功。我注意到,如果我调用创建争议api而不调用令牌api,那么在post one上会出现401错误,但一旦我在postman上调用令牌api,创建争议api就会工作,即使我没有指定授权类型或传递承载令牌。邮递员如何发送授权。是否有某种类型的数据正在头中传递?您使用什么端点?问题中的那个有疑问的人https://172.*******************************************/api/DisputeWithisrn?我使用的是问题中的问题我建议您只使用基本url,而不使用查询字符串,下载有效的cacert.pem,也许可以在curl请求中添加一个USERAGENT选项,然后像这样尝试——如果不知道端点url或返回的任何详细信息,就很难知道。你看过详细信息了吗?是的,我看过详细信息-