Home > Net >  cURL request - unauthorized
cURL request - unauthorized

Time:11-03

I'm trying to send a cURL request to https://api.powerbike.pl/ to log in and get an XML but all I'm getting is

HTTP/1.1 100 Continue

HTTP/1.1 401 Unauthorized

This is what I've tried

$username = 'username';
$password = 'password';
$usernamePassword = 'Basic '.$username.':'.$password;
$basic = base64_encode($usernamePassword);
$loginUrl = 'https://api.powerbike.pl/';

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, $loginUrl);

curl_setopt($ch, CURLOPT_POST, 1);

curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    "content-type: application/xml; charset=UTF-8",
    "Authorization: $basic"
));

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

curl_exec($ch);

curl_setopt($ch, CURLOPT_URL, 'https://api.powerbike.pl/xml/product/categories');
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
curl_setopt($ch, CURLOPT_HEADER, true);

$content = curl_exec($ch);

curl_close($ch);

Can someone please tell me what I'm doing wrong?

CodePudding user response:

Remove this:

$username = 'username';
$password = 'password';
$usernamePassword = 'Basic '.$username.':'.$password;
$basic = base64_encode($usernamePassword);
$loginUrl = 'https://api.powerbike.pl/';

Try these options:
curl will do the base64 encoding and add the content-type:basic header

curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD,"$username:$password");

Remove this header:

"Authorization: $basic"

This might work "content-type: application/xml; charset=UTF-8"
You can also try "content-type: application/json; charset=UTF-8"
The content type does not specify anything about what you receive only what you are sending.

That is telling the server that your request is in an XML format. Its not.
And the $basic is incorrect. You could use "$username:$password".

Do not use this, as it required a GET

curl_setopt($ch, CURLOPT_POST, 1);

Do not use this:

curl_setopt($ch, CURLOPT_HEADER, true);

That will return the response header in your $content. You do not want that.

I tried this and the request header looked correct.

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://api.powerbike.pl/xml/product/categories');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");

echo $response;
echo "\n\n\nheader out: \n" . curl_getinfo($ch,CURLINFO_HEADER_OUT);

The request header looked like this:

GET /xml/product/categories HTTP/1.1
Host: api.powerbike.pl
Authorization: Basic cGF0cmljazphc3dkO2twZmdqaQ==
Accept: */*
Content-Type: application/xml

For your final version this should work fine:

$header = [];
$header[] = 'Content-Type: application/xml';

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://api.powerbike.pl/xml/product/categories');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");

$response = curl_exec($ch);
echo $response;
  • Related