We have an API that works with Bearer authentication (https://fromero-marca-blanca.deno.dev/api/cuestionario), which should return the following:
{
"res": "OK",
"payload": {
"name": "Hello"
}
}
As you can see here: https://reqbin.com/he9hier5
This is my PHP code:
$url = "http://fromero-marca-blanca.deno.dev/api/cuestionario";
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
$headers = array(
"Authorization: Bearer d8TPqowoqP7CGAzVCy3SJykcZ83fVWl0",
"Content-Type: application/json",
);
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
$data = '{"name": "Hello"}';
curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
$resp = curl_exec($curl);
curl_close($curl);
var_dump($resp);
But when I execute this file, I get:
string(430) "Redirecting you to https://fromero-marca-blanca.deno.dev:443/api/cuestionario"
And then, I get a 403 error (forbidden).
What am I doing wrong? I even have tried to copy the code that generates https://reqbin.com/ and nothing, I keep getting a forbidden.
EDIT: I have just been told by the API programmer, that I will not be able to access the service in any way from the browser, as it does not have CORS enabled. I know what CORS is, but would this prevent me from doing what I am trying to do?
CodePudding user response:
I didn't have any trouble testing the request with Insomnia either, therefore the request itself is fine as verified by your own tests.
However, your problem is the actual response from the server - in your case this is:
<HTML><HEAD>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>Redirecting</TITLE>
<META HTTP-EQUIV="refresh" content="1; url=https://fromero-marca-blanca.deno.dev:443/api/cuestionario">
</HEAD>
<BODY onl oad="location.replace('https://fromero-marca-blanca.deno.dev:443/api/cuestionario' document.location.hash)">
Redirecting you to https://fromero-marca-blanca.deno.dev:443/api/cuestionario</BODY></HTML>
and this seems to be enough to redirect with var_dump
and echo
- therefore I'd recommend you to use the proper URL (https
) directly since it's redirected anyway to it:
$url = "https://fromero-marca-blanca.deno.dev/api/cuestionario";
This resolves your issue.
CodePudding user response:
As a workaround, try adding the lines that you didn't add.
//for debug only!
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
If you want a permanent solution you should declare in your php.ini file the location of a certificate file. Read more