cPanel / WHM单点登录API

Really struggling with this one. I am trying to write a PHP script that authenticates a cPanel account and logs the user in.

If there is anyone that could take a look through the code below and let me know where I am going wrong I would be very grateful...

if(isset($_GET['account'])) {

        $cpanel_user = $_GET['account'];

        $query = "https://whm.brixly.uk:2087/json-api/create_user_session?api.version=1&user=$cpanel_user&service=cpaneld";

        $curl = curl_init();                                     // Create Curl Object.
        curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);       // Allow self-signed certificates...
        curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);       // and certificates that don't match the hostname.
        curl_setopt($curl, CURLOPT_HEADER, false);               // Do not include header in output
        curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);        // Return contents of transfer on curl_exec.
        $header[0] = "Authorization: Basic " . base64_encode($reseller_username.":".$reseller_password) . "
";
        curl_setopt($curl, CURLOPT_HTTPHEADER, $header);         // Set the username and password.
        curl_setopt($curl, CURLOPT_URL, $query);                 // Execute the query.
        $result = curl_exec($curl);
        if ($result == false) {
            error_log("curl_exec threw error \"" . curl_error($curl) . "\" for $query");
                                                            // log error if curl exec fails
        }
        $decoded_response = json_decode( $result, true );

        $session_url = $decoded_response['data']['url'];
        $cookie_jar = 'cookie.txt';

        curl_setopt($curl, CURLOPT_HTTPHEADER, null);             // Unset the authentication header.
        curl_setopt($curl, CURLOPT_COOKIESESSION, true);          // Initiate a new cookie session.
        curl_setopt($curl, CURLOPT_COOKIEJAR, $cookie_jar);       // Set the cookie jar.
        curl_setopt($curl, CURLOPT_COOKIEFILE, $cookie_jar);      // Set the cookie file.
        curl_setopt($curl, CURLOPT_URL, $session_url);            // Set the query url to the session login url.

        $result = curl_exec($curl);                               // Execute the session login call.
        if ($result == false) {
            error_log("curl_exec threw error \"" . curl_error($curl) . "\" for $query");
                                                            // Log an error if curl_exec fails.
        }
        $session_url = preg_replace( '{/login(?:/)??.*}', '', $session_url );  // make $session_url = https://10.0.0.1/$session_key
        $query = "$session_url/execute/Ftp/list_ftp";

        curl_setopt($curl, CURLOPT_URL, $query);  // Change the query url to use the UAPI call.
        $result = curl_exec($curl);               // Execute the UAPI call.
        if ($result == false) {
            error_log("curl_exec threw error \"" . curl_error($curl) . "\" for $query");    // log error if curl exec fails
        }
        curl_close($curl);
        header("Location: $query");
        print $result;

    }

Rather than the above code logging in, it simply redirects to the cPanel login page.

All of the variables I am passing are correct as a URL is coming back. As far as I am aware, that URL needs to be then posted to in order to set the cookie thus to authenticate the session.

Many thanks,

Dennis