Skip to Content
author's profile photo endersson garcia
0
endersson garcia
Jul 21, 2022 at 04:54 PM

403 error when sending json from php

93 Views

How to make a request using HTTP basic authentication with PHP curl?

I am sending a json from php to a Sap web service but it tells me a 403 forbidden error when I see the response, I tried sending the json with postman and it works

find that you have to make a get request first to get a token, and with that a post request is made to send that data

here my functions

with the first one I get a token that is the one that allows to send the data to sap and the second function sent the data is called $payload. but when printing the response, the code 403 forbidden appears

<code> $token = getCSRFToken($username,$password,$url);
$upload = uploadData($payload,$token['x-csrf-token'][0],$token['set-cookie'][1],$username,$password,$url);
function uploadData($json,$token,$cookie,$username,$password,$url) {
    
    $ch = curl_init($url);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array (
    'x-csrf-token: ' . $token,
    'Cookie: ' . $cookie,
    'Content-Type: application/json',
    'Content-Length: ' . strlen($json),
    'Accept: application/json'
    ));
    curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $json);
    curl_setopt($ch, CURLOPT_VERBOSE, 1);
    curl_setopt($ch, CURLOPT_HEADER, 1);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);

    $result = curl_exec($ch);
    echo $result;
    
    return curl_getinfo($ch);

}

function getCSRFToken($username,$password,$url) {

  $ch = curl_init($url);
  $request_headers = array();
  $request_headers[] = 'X-CSRF-Token: Fetch';
  $request_headers[] = 'Content-Type: application/json';
  $request_headers[] = 'Accept: application/json';
  curl_setopt($ch, CURLOPT_HTTPHEADER, $request_headers);
  curl_setopt($ch, CURLOPT_POST, 0);
  curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  curl_setopt($ch, CURLOPT_VERBOSE, 1);
  curl_setopt($ch, CURLOPT_HEADER, 1);
  curl_setopt($ch, CURLOPT_NOBODY, true);
  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
  curl_setopt($ch, CURLOPT_HEADERFUNCTION, function($curl, $header) use (&$headers)
  {
    $len  = strlen($header);
    $header = explode(':', $header, 2);
    if (count($header) < 2) { // ignore invalid headers
    return $len;
  }

  $name = strtolower(trim($header[0]));
  if (is_array($headers) && !array_key_exists($name, $headers)) {
    $headers[$name] = [trim($header[1])];
  } else {
    $headers[$name][] = trim($header[1]);
  }
  return $len;

  });

  $tmpfname = '/tmp/cookie.dat';
  curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  curl_setopt($ch, CURLOPT_COOKIEJAR, $tmpfname);
  $resp = curl_exec($ch);
  return $headers;

}