I'm trying to make a POST request using CURL. Using Postman and on my local machine using IIS there is no error but on XAMPP server and Linux server with CA certificate I get:
{"error":"OAUth Error","status":401,"message":"Client authentication failed"}
The code look like this:
<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://api.timewave.se/v3/oauth/token',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS => array('client_id' => '1','client_secret' => 'abc........abc','grant_type' => 'client_credentials'),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
Why do I get 'Client authentication failed' on XAMPP server and Linux server?
CodePudding user response:
The good news is curl made a request and the server responded.
The most likely suspect is a problem with the HTTPS CA Certificate.
Your curl post data looks good.
Their example curl:
curl --location --request POST 'https://api.timewave.nu/v3/oauth/token' \
--form 'client_id="5"' \
--form 'client_secret="0zbrotKJAGaLGKhuGC0LJLVdkR7Z4lKuqWIxoMqI"' \
--form 'grant_type="client_credentials"'
You have the --location option covered with:
CURLOPT_FOLLOWLOCATION => true,
And using an array for the post data, guaranties the content type will be "form" data.
The only thing (other than SSL) I could see that may get this response is a typo in the post data.
But there are a few other things that should be fixed.
POST is not a valid parameter for CURLOPT_CUSTOMREQUEST
Although it may still work.
The PHP manual lists the valid parameters, and POST is not one of them.
You should use: CURLOPT_POST=>true,
This brings up another issue. Because the auth credentials must be kept secure you very likely cannot use CURLOPT_SSL_VERIFYPEER=>false,.
You will likely need the curl_set_optURLOPT_CAINFO option, or a certificate directory can be specified with the CURLOPT_CAPATH
You should look at your Request Header.
You may see somethng wrong.
Add CURLINFO_HEADER_OUT=>true
Then after the curl_exec($curl);
echo '<pre>' . curl_getinfo($curl,CURLINFO_HEADER_OUT);
Or look at all the details of the request and response including the request header.
$info = var_export(curl_getinfo($curl),true);
echo "<pre>$info";
The response header should look like this:
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 10 Dec 2019 06:37:03 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
pragma: no-cache
Cache-Control: no-store, private
CodePudding user response:
Thanx for all response I found the issue in error.log
[Mon Jun 20 11:32:38.031690 2022] [ssl:warn] [pid 12036:tid 388] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
Edited file on local server ..\apache\conf\extra\httpd-ssl.conf
ServerName www.example.com:443
to
ServerName localhost
For some reason it works on live Linux server without any modification