PHP cURL 请求返​​回 401，但适用于 Postman

Question

If I execute the Webservice call with Postman with these parameters:

Content-Type: application/json
Cookie: xxxx
Body: json

The Webservice return successfully a JSON.

So, I generated the code with the Postman and paste it on PHP:

<?php

$curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => "url",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "POST",
  CURLOPT_POSTFIELDS => "json",
  CURLOPT_HTTPHEADER => array(
    "cache-control: no-cache",
    "content-type: application/json",
    "cookie: xxxx",
    "postman-token: 7c771f8e-5c87-1d27-64f3-bdb92bba6a19"
  ),
));

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}

And the Webservice is returning an error 401. But it's working when I execute it on Postman. What am I doing differently from Postman?

Answer 1

401 error code is usually been because some authorize issues :-

401 Unauthorized

The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.47) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity might include relevant diagnostic information. HTTP access authentication is explained in "HTTP Authentication: Basic and Digest Access Authentication"

which is mean that you are facing problems in authentication your request

often this will be fixed by simulating the web request

for example :-

assume that you have some page which login is needed to access to it ,

then you will have two requests you should do

1- post some login authentication data 2- send the cookies which returned from the first request , to the second request header

you will need to read more about cookies in cURL in php manual pages

specially CURLOPT_COOKIEJAR , CURLOPT_COOKIEJAR and CURLOPT_COOKIE options

Answer 2

I had a similar issue. In postman it was working but through curl it was giving 401 error.

Now it is working for me with below code. I have used base64_encode for username and password.

Manual Page Ref: https://www.php.net/manual/en/function.curl-setopt.php

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_TIMEOUT, 30); //timeout after 30 seconds
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($ch, CURLOPT_HTTPHEADER, [ "Authorization: Basic ".base64_encode($username.":".$password), ]);  
$result=curl_exec ($ch);
$status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);   //get status code
echo "<br/>http status code is ".$status_code;

Output:

http status code is 200

Answer 3

Remove the following line from your .htaccess:

SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0

It worked for me!