What is correct interpretation of curl payment method prepared on [stripe][1]
curl https://api.stripe.com/v1/payment_methods \
-u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \
-d type=card \
-d "card[number]"=4242424242424242 \
-d "card[exp_month]"=10 \
-d "card[exp_year]"=2022 \
-d "card[cvc]"=314
my code is:
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://api.stripe.com/v1/payment_methods',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS => 'type=card&card[number]=4242424242424242&card[exp_month]=10&card[exp_year]=2022&card[cvc]=314',
CURLOPT_HTTPHEADER => array(
'Authorization: Basic c2tfdGVzdF80ZUMzOUhxTHlqV0Rhcmp0VDF6ZHA3ZGM6',
'Content-Type: application/x-www-form-urlencoded'
),
));
$response = curl_exec($curl);
curl_close($curl);
But I dont know how to use: -u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \
in curl_setopt_array
CodePudding user response:
on cURL or bash "-u" designed user or password (u of user) on cURL php it is :
CURLOPT_USERPWD
curl_setopt($ch, CURLOPT_USERPWD, "sk_test_4eC39HqLyjWDarjtT1zdp7dc");
For more info with stripe curl CURLOPT_USERPWD, check the link : Stripe API - PHP Curl request behind a proxy
CodePudding user response:
Taken from https://curl.se/docs/manpage.html#-u:
-u, --user <user:password>
Specify the user name and password to use for server authentication. Overrides -n, --netrc and --netrc-optional.If you simply specify the user name, curl will prompt for a password.
The user name and passwords are split up on the first colon, which makes it impossible to use a colon in the user name with this option. The password can, still.
On systems where it works, curl will hide the given option argument from process listings. This is not enough to protect credentials from possibly getting seen by other users on the same system as they will still be visible for a brief moment before cleared. Such sensitive data should be retrieved from a file instead or similar and never used in clear text in a command line.
When using Kerberos V5 with a Windows based server you should include the Windows domain name in the user name, in order for the server to successfully obtain a Kerberos Ticket. If you don't then the initial authentication handshake may fail.
When using NTLM, the user name can be specified simply as the user name, without the domain, if there is a single domain and forest in your setup for example.
To specify the domain name use either Down-Level Logon Name or UPN (User Principal Name) formats. For example, EXAMPLE\user and [email protected] respectively.
If you use a Windows SSPI-enabled curl binary and perform Kerberos V5, Negotiate, NTLM or Digest authentication then you can tell curl to select the user name and password from your environment by specifying a single colon with this option: "-u :".
If this option is used several times, the last one will be used.
Example:
curl -u user:secret https://example.com
In short, it is for basic HTTP authentication.