duansai1314 2012-04-26 19:04
浏览 1061
已采纳

将CURL_OPTPOST设置为true时,CURL http身份验证失败

I'm trying to build a payment form that integrates with Firstdata's api. I need to post an XML string to their server. They also require a client side certificate and http authentication. My CURL set up currently looks like this:

function firstdata_send($config_param, $data) {
  $config_default = array(
    'test' => FALSE,
  );
  // settings in $config_param will overwrite settings in $config_default
  $config = (object)array_merge($config_default, $config_param);

  if($config->test) {
    $url = 'https://ws.merchanttest.firstdataglobalgateway.com/fdggwsapi/services/order.wsdl';
  }
  else {
    $url = 'https://ws.firstdataglobalgateway.com/fdggwsapi/services/order.wsdl';
  }

  $ch = curl_init($url);
  curl_setopt($ch, CURLOPT_POST, TRUE);
  curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
  curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
  curl_setopt($ch, CURLOPT_USERPWD, "{$config->username}:{$config->password}");
  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
  curl_setopt($ch, CURLOPT_SSLCERT, $config->pemfile);
  curl_setopt($ch, CURLOPT_SSLKEY, $config->keyfile);
  curl_setopt($ch, CURLOPT_SSLKEYPASSWD, $config->keypass);
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
  curl_setopt($ch, CURLOPT_HEADER, TRUE);
  curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
  $result = curl_exec($ch);
  $result .= curl_error($ch);
  return $result;
}

Their server responds with HTTP/1.1 401 Unauthorized. But if I comment out the post options:

  //curl_setopt($ch, CURLOPT_POST, TRUE);
  //curl_setopt($ch, CURLOPT_POSTFIELDS, $data);

I get HTTP/1.1 200 OK. Unless I'm completely misunderstanding whats going on it seems like using post somehow interferes with the auth headers. I don't know what I'm missing.

Solved:

Turns out the ssl certificates the test account had generated were bad. I had to call their tech support and they had to regenerate the certs 3 times before the system would accept them. Sorry for wasting your time. I should have called them first. If anybody is interested the tech support number I called was (888) 477-3611. I think NomikOS was closest to being correct so I'll mark his as the answer and up vote the rest of you. Thanks again.

  • 写回答

3条回答 默认 最新

  • douping3860 2012-04-26 19:15
    关注

    Check you access credentials (username, password)

    401 Unauthorized

    The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.47) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity might include relevant diagnostic information. HTTP access authentication is explained in "HTTP Authentication: Basic and Digest Access Authentication" [43].

    source: http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2

    ==

    OBS: I recommend you this code to check for errors

    // check for errors before close
$result = curl_exec($ch);
if ($result === false)
{
    echo curl_error($ch);
}
curl_close($ch);
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥20 求数据集和代码#有偿答复
  • ¥15 关于下拉菜单选项关联的问题
  • ¥15 如何修改pca中的feature函数
  • ¥20 java-OJ-健康体检
  • ¥15 rs485的上拉下拉,不会对a-b<-200mv有影响吗,就是接受时,对判断逻辑0有影响吗
  • ¥15 使用phpstudy在云服务器上搭建个人网站
  • ¥15 应该如何判断含间隙的曲柄摇杆机构,轴与轴承是否发生了碰撞?
  • ¥15 vue3+express部署到nginx
  • ¥20 搭建pt1000三线制高精度测温电路
  • ¥15 使用Jdk8自带的算法,和Jdk11自带的加密结果会一样吗,不一样的话有什么解决方案,Jdk不能升级的情况