托管身份验证的工作原理如何?

时间:2015-05-13 06:16:11

标签: php codeigniter curl escrow

我尝试使用escrow REST完整API调用身份验证API。 但是,我没有从身份验证API获得任何有效的响应。

我使用Codeigniter CURL方法发布带有https://stgsecureapi.escrow.com/api/Transaction的变量 但它仍然不适合我。

我收到以下回复:身份验证被拒绝

如果有人想要解决这个问题,请帮助我。

我正在使用的代码:

    //The JSON data.
    $url = 'https://stgsecureapi.escrow.com/api/Transaction';

    $jsonData = array(
        'username' => '*****@gmail.com',
        'password' => '****',
    'pid' => '***'
    );

    //Encode the array into JSON.
    $jsonDataEncoded = json_encode($jsonData);
    print_r($jsonDataEncoded);
    // Start session (also wipes existing/previous sessions)
    $this->curl->create($url);

    // Option           
    $this->curl->option(CURLOPT_HTTPHEADER, array('Content-type: application/json; Charset=UTF-8'));

    // Post - If you do not use post, it will just run a GET request            
    $this->curl->post($jsonDataEncoded);

    // Execute - returns responce 
    $this->data['curlreturn'] = $this->curl->execute();
    //exit;
    $this->load->view('pay/pay', $this->data);

2 个答案:

答案 0 :(得分:1)

我得到了Escrow的答案,其中包含XML ...

同时检查用于通过CURL调用API的函数

$requeste = '<Transaction xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.datacontract.org/2004/07/DTO">
<Title>XML GM Broker Transaction (REST Service)</Title>
<Description>XML GM Broker Transaction (REST Service)</Description>
<TransactionType>1</TransactionType>
<Partner>PartnerId>1234</PartnerId></Partner><Buyer>
<Email>aniji@gmail.com</Email><Initiator>false</Initiator>
<CompanyChk>false</CompanyChk><AutoAgree>true</AutoAgree>
<AgreementChecked>true<AgreementChecked></Buyer>
<Seller><Email>shaibi@gmail.com</Email><Initiator>false</Initiator>
<CompanyChk>false</CompanyChk><AutoAgree>true<AutoAgree>
<AgreementChecked>true</AgreementChecked></Seller><Broker>
<Email>rahul@gmail.com</Email><Initiator>true</Initiator>
<CompanyChk>true<CompanyChk><AutoAgree>true</AutoAgree>
<AgreementChecked>true</AgreementChecked></Broker>
<LineItems> 
<LineItem>      
 <ItemName>syam Milestone 1<ItemName>       
 <Description>Description of Milestone 1</Description>      
 <Quantity>1</Quantity>     
 <Price>1670</Price>        
 <Accept>true</Accept>  
 <SellComm>100<SellComm>        
 <BuyComm>50</BuyComm>  
</LineItem> 
<LineItem>      
 <ItemName>syam MIlestone 2</ItemName>      
 <Description>Description of MIlestone 2<Description>
 <Quantity>1</Quantity>     
 <Price>1450</Price>        
 <Accept>true</Accept>
 <SellComm>100</SellComm>       
 <BuyComm>50</BuyComm>
<LineItem>
</LineItems>
<EscrowPayment>0</EscrowPayment><ShipmentFee>0</ShipmentFee>
<ShipmentPayment>0</ShipmentPayment>
<InspectionLength>6</InspectionLength><Currency>USD<Currency>
<Fulfillment>1</Fulfillment><Disclosure>1</Disclosure>
<BrokerCommissionPayee>Buyer</BrokerCommissionPayee>
<BrkCommissionBuyerPortion>18.1<BrkCommissionBuyerPortion>
<BrkCommissionSellerPortion>19.1</BrkCommissionSellerPortion>
<CommissionType>1<CommissionType>
<SettlementAuthorizationToken>9ACA7889-8A9A-4288-8E28-C325ACD953DB<SettlementAuthorizationToken><InitiationDate>2015-05-15<InitiationDate<TransactionLocked>true</TransactionLocked<PartnerTransID>4286<PartnerTransID><TermsLocked>true<TermsLocked>
<AllowReject>true</AllowReject> </Transaction>';

print curl_dwonload('https://stgsecureapi.escrow.com/apiTransaction',$xmldataFull);//Function for CURL
function curl_dwonload($Url,$request)
{
 if (!function_exists('curl_init')){
    die('Sorry cURL is not installed!');
}       
    try {
        $url = $Url;
        $ch = curl_init();                                                        
    curl_setopt($ch, CURLOPT_URL, $url);    
    curl_setopt($ch, CURLOPT_POST, true);    
    curl_setopt($ch, CURLOPT_USERPWD, "brokeremail@gmail.com:broker_password");// Must enter username and password
    curl_setopt($ch, CURLOPT_POSTFIELDS,$request);                
    curl_setopt($ch, CURLOPT_HEADER, 1);                       
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 
      $header = array();
      $header[]="Content-Type: application/xml";
      $header[] = "POST /transaction HTTP/1.1";                                                                     
      $header[]= "Accept:application/xml";                                   
      $header[] = "Host: api.escrow.com";
      //$header[] = "Authorization: Basic T3BhbmFrOlRlc3QxMjM0";
      $header[] = "Content-Length: ".strlen($request);
      $header[] = "Connection: close";
      curl_setopt ($ch, CURLOPT_HTTPHEADER, $header);     
      //echo $ch;                                            
      $data = curl_exec($ch);       
      return $data;
    }
catch (Exception $e) {
      echo $e->getMessage();
      $responseBody = '';
      return "error";
    }

}

具有身份验证ID(会话ID)的成功消息:

HTTP / 1.1 100继续HTTP / 1.1 201 Created Cache-Control:no-cache Pragma:no-cache Content-Length:271 Content-Type:application / xml; charset = utf-8过期:-1服务器:Microsoft-IIS / 8.0 X-AspNet-版本:4.0.30319 X-Powered-By:ASP.NET日期:星期六,16五月2015 13:14:09 GMT连接:关闭成功646494

此会话ID 646494 用于从托管中获取交易详情。

答案 1 :(得分:0)

是的,他们应该真正为其他api doc添加身份验证详细信息。我使用python请求进行授权:

    response = requests.post(url, data=simplejson.dumps(payload), headers=headers,auth=(username,password))
    print "Response: "+str(response)
    print "Response: "+str(response.headers)
    print "Response: "+str(response.content)
相关问题
最新问题