1. 首页
  2. 问答
  3. fopen no授权标题与PHP 7

fopen no授权标题与PHP 7

2016-08-22 95 views
0

我有一些代码,它会请求从Jive的API中获取数据。我在MAMP上运行这个代码,它允许我运行PHP 5.6.10或PHP 7.0.0。用PHP5,我得到了一个成功的回应。在PHP 7中,我获得了401 Unauthorized。fopen no授权标题与PHP 7

相关的功能是在这里:

protected function sendRequest($method, $url, $auth = null) { 
    global $CFG; 
    $options = func_num_args() === 4 ? func_get_arg(3) : array(); 

    $http = array(
     'max_redirects' => 0, 
     'request_fulluri' => 1, 
     'ignore_errors' => true, 
     'method' => $method, 
     'header' => array() 
    ); 

    if (!is_null($auth)) { 
     array_push($http['header'], 'Authorization: ' . $auth); 
    } 

    if (($method === 'PUT' || $method === 'POST') && isset($options['content'])) { 
     $http['content'] = $options['content']; 
     array_push($http['header'], 'Content-length: ' . strlen($options['content'])); 
     array_push($http['header'], 'Content-Type: application/json'); 
    } 

    var_dump($http);echo('<hr/>'); 

    $context = stream_context_create(array('http' => $http)); 

    var_dump(stream_context_get_options($context));echo('<hr/>'); 
    $fp = fopen($url, 'rb', false, $context); 
    if (! $fp) { 
     throw new \Exception('Request failed: $php_errormsg'); 
    } 
    $metadata = stream_get_meta_data($fp); 
    $content = stream_get_contents($fp); 
    $responseCode = (int)explode(' ', $metadata['wrapper_data'][0])[1]; 

    fclose($fp); 

    return array (
     'metadata' => $metadata, 
     'content' => $content, 
     'status' => $responseCode 
    ); 
}

的电话的var_dump产生既PHP的版本相同的结果。我得到的回应是:

{ 
    "metadata": { 
     "wrapper_data": [ 
      "HTTP/1.0 401 Unauthorized", 
      "Server: Apache", 
      "X-Jive-Request-Id: 6c433c20-688a-11e6-b332-005056a4250c", 
      "X-Jive-Flow-Id: 6c433c21-688a-11e6-b332-005056a4250c", 
      "X-Frame-Options: SAMEORIGIN", 
      "Expires: Mon, 22 Aug 2016 17:04:01 GMT", 
      "Cache-Control: no-store, no-cache, must-revalidate, private, max-age=0", 
      "X-JSL: D=1754 t=1471885441249342", 
      "Content-Type: text/plain", 
      "Date: Mon, 22 Aug 2016 17:04:01 GMT", 
      "Connection: close", 
      "Set-Cookie: jive.login.ts=1471885441250; Path=/; Secure; HttpOnly;HttpOnly", 
      "Set-Cookie: X-JCAPI-Token=pTVEn2P4; Path=/; Secure; HttpOnly", 
      "Set-Cookie: BIGipServerpool_sandbox.jiveon.com=25472522.20480.0000; path=/" 
     ], 
     "wrapper_type": "http", 
     "stream_type": "tcp_socket/ssl", 
     "mode": "rb", 
     "unread_bytes": 0, 
     "seekable": false, 
     "uri": "https://sandbox.jiveon.com/api/core/v3/activities?after=2016-08-22T17:01:14%2b0000&count=500", 
     "crypto": { 
      "protocol": "TLSv1", 
      "cipher_name": "ECDHE-RSA-AES256-SHA", 
      "cipher_bits": 256, 
      "cipher_version": "TLSv1/SSLv3" 
     }, 
     "timed_out": false, 
     "blocked": true, 
     "eof": false 
    }, 
    "content": "", 
    "status": 401, 
    "success": false 
}

通过使用https://requestb.in我可以看到PHP7版本不包括Authorization头

什么是PHP 5.6.10和PHP 7之间改变导致此?我如何解决它?

编辑:删除一些红色鲱鱼文本并添加请求Bin结果。

来源

2016-08-22 Andrew Downes

+0

对于初学者,我在PHP5请求中看到''WWW-Authenticate:Basic realm = \“Jive SBS \”“'而不是PHP7。我从来没有使用这个API,所以也许你应该与他们联系。有可能PHP7发送不同的头文件,他们的API认为这是一种黑客攻击尝试? – MonkeyZeus

+0

谢谢。这给了我一个想法。我会尝试在我控制的端点处针对请求,并看看有什么不同。 –

+0

NP,另一个需要考虑的事情是使用CURL而不是fopen(),因为它看起来好像只是与JSON API交互,而fopen()只是处理URL时的CURL封装。我怀疑使用fopen()会有什么好处,但我不是那么专业的好运气! – MonkeyZeus

回答

0

以下工作:

protected function sendRequest($method, $url, $auth = null) { 
    global $CFG; 
    $options = func_num_args() === 4 ? func_get_arg(3) : array(); 

    $http = array(
     'max_redirects' => 0, 
     'request_fulluri' => 1, 
     'ignore_errors' => true, 
     'method' => $method 
    ); 

    $headers = array(); 

    if (!is_null($auth)) { 
     array_push($headers, 'Authorization: ' . $auth); 
    } 

    if (($method === 'PUT' || $method === 'POST') && isset($options['content'])) { 
     $http['content'] = $options['content']; 
     array_push($headers, 'Content-length: ' . strlen($options['content'])); 
     array_push($headers, 'Content-Type: application/json'); 
    } 

    $http['header'] = $headers; 

    $context = stream_context_create(array('http' => $http)); 

    var_dump(stream_context_get_options($context));echo('<hr/>'); 
    $fp = fopen($url, 'rb', false, $context); 
    if (! $fp) { 
     throw new \Exception('Request failed: $php_errormsg'); 
    } 
    $metadata = stream_get_meta_data($fp); 
    $content = stream_get_contents($fp); 
    $responseCode = (int)explode(' ', $metadata['wrapper_data'][0])[1]; 

    fclose($fp); 

    return array (
     'metadata' => $metadata, 
     'content' => $content, 
     'status' => $responseCode 
    ); 
    }

我现在存储的所有头在一个数组变量和设定标题属性了这一点。

我不是100%确定为什么,但我认为它与变量引用有关。在代码的一次迭代中,$ http authorization属性被var_dump标记为&符号,fopen忽略了它。另一个删除该&符号的迭代。

来源

2016-08-22 18:39:31

+0

参见https://github.com/RusticiSoftware/TinCanPHP/pull/72#issuecomment-241751758 –

相关问题

 相关问题