摘要认证 PHP
Posted
技术标签:
【中文标题】摘要认证 PHP【英文标题】:Digest Authentication PHP 【发布时间】:2016-05-19 15:01:33 【问题描述】:我必须向逆变器网络服务器进行身份验证,读取一个txt文件,将信息推送到另一个服务器,关闭并在1分钟后重复该操作。这是我在连续身份验证后嗅到的信息:
GET /data/sys.txt
HTTP/1.1..
Host: 13.3.89.50..
Connection: keep-alive
Authorization: Digest username="customer",
realm="Sunways-Webserver",
nonce="23618",
uri="/data/sys.txt",
response="370c48d4879451443c156ec003739de0",
qop=auth,
nc=00000001,
cnonce="f359fa6da445f39f"..
Accept: text/html,application/xhtml+xml,application/xml;
q=0.9,image/webp,*/*;q=0.8..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHT
ML, like Gecko) Chrome/50.0.2661.102 Safari/537.36
Accept-Encoding:
我需要一个php方法来验证逆变器并做事,所以我写了这个脚本,但不起作用:
<?php
$username = 'customer';
$password = '00000000';
$method = 'GET';
$url = "http://13.3.89.50/data/sys.txt";
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch,CURLOPT_TIMEOUT, 30);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT, 30);
if($method == 'POST')
$fieldsData = http_build_query($fields);
curl_setopt($ch,CURLOPT_POSTFIELDS, $fieldsData);
curl_setopt($ch, CURLOPT_HEADER, 1);
$first_response = curl_exec($ch);
$info = curl_getinfo($ch);
preg_match('/WWW-Authenticate: Digest (.*)/', $first_response, $matches);
if(!empty($matches))
$auth_header = $matches[1];
$auth_header_array = explode(',', $auth_header);
$parsed = array();
foreach ($auth_header_array as $pair)
$vals = explode('=', $pair);
$parsed[trim($vals[0])] = trim($vals[1], '" ');
$response_realm = (isset($parsed['realm'])) ? $parsed['realm'] : "";
$response_nonce = (isset($parsed['nonce'])) ? $parsed['nonce'] : "";
$response_opaque = (isset($parsed['opaque'])) ? $parsed['opaque'] : "";
$authenticate1 = md5($username.":".$response_realm.":".$password);
$authenticate2 = md5($method.":".$url);
$authenticate_response = md5($authenticate1.":".$response_nonce.":".$authenticate2);
$request = sprintf('Authorization: Digest username="%s", realm="%s", nonce="%s", opaque="%s", uri="%s", response="%s"',
$username, $response_realm, $response_nonce, $response_opaque, $url, $authenticate_response);
$request_header = array($request);
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch,CURLOPT_TIMEOUT, 30);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT, 30);
if($method == 'POST')
$fieldsData = http_build_query($fields);
curl_setopt($ch,CURLOPT_POSTFIELDS, $fieldsData);
curl_setopt($ch, CURLOPT_HTTPHEADER, $request_header);
$result['response'] = curl_exec($ch);
$result['info'] = curl_getinfo ($ch);
$result['info']['errno'] = curl_errno($ch);
$result['info']['errmsg'] = curl_error($ch);
$fp = @fopen("http://13.3.89.50/data/sys.txt", 'r');
// Delete # & filter
$fp = explode('#', $input);
$actualPower = filter_var($fp[1],FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
$dailyPower = filter_var($fp[2],FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
$totalPower = filter_var($fp[5],FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
########## PUSH DATA TO DOMOTICZ ########## */
fopen ("http://13.3.89.3:8080/json.htm?type=command¶m=udevice&idx=20&nvalue=0&svalue=$actualPower;$dailyPower");
fopen ("http://13.3.89.3:8080/json.htm?type=command¶m=udevice&idx=21&svalue=$totalPower");
fclose($fp);
?>
错在哪里?
【问题讨论】:
【参考方案1】:这就像一个魅力:)
<?php
$login = 'customer';
$password = '00000000';
$url = 'http://13.3.89.50/data/sys.txt';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($ch, CURLOPT_USERPWD, "$login:$password");
$result = curl_exec($ch);
curl_close($ch);
$results = explode('#', $result);
$actualPower = filter_var($results[1],FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
$dailyPower = filter_var($results[2],FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
$totalPower = filter_var($results[5],FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
$actualKPower= $actualPower * 1000;
########## PUSH DATA TO DOMOTICZ ########## */
file_get_contents( "http://13.3.89.3:8080/json.htm?type=command¶m=udevice&idx=20&nvalue=0&svalue=$actualKPower;$totalPower" );
file_get_contents( "http://13.3.89.3:8080/json.htm?type=command¶m=udevice&idx=21&svalue=$totalPower" );
?>
【讨论】:
以上是关于摘要认证 PHP的主要内容,如果未能解决你的问题,请参考以下文章