36

I need to build a proxy for a Flash Player project I'm working on. I simply need to make a HTTP GET request with HTTP-Basic authentication to another URL, and serve the response from PHP as if the PHP file was the original source. How can I do this?

Improve this question
3
  • Do you require an all-PHP solution or are you allowed to make an external call to curl? Commented Oct 11, 2011 at 21:29
  • I could possibly use curl if it's pretty readily available. I'd like my script to "just work" as much as possible on as many machines as possible. Commented Oct 11, 2011 at 21:46
  • curl is nothing if not readily available, although you'll of course need to recompile the source for each target platform OS. The main advantages I see with using curl are: 1) support for complicated stuff (like HTTP proxies with auth, and client certs) "out of the box", and 2) diagnostics (to help you figure out why certain HTTP transactions are failing). Commented Oct 12, 2011 at 0:28

4 Answers 4

Reset to default
119

Marc B did a great job of answering this question. I recently took his approach and wanted to share the resulting code.

<?PHP

$username = "some-username";
$password = "some-password";
$remote_url = 'http://www.somedomain.com/path/to/file';

// Create a stream
$opts = array(
  'http'=>array(
    'method'=>"GET",
    'header' => "Authorization: Basic " . base64_encode("$username:$password")                 
  )
);

$context = stream_context_create($opts);

// Open the file using the HTTP headers set above
$file = file_get_contents($remote_url, false, $context);

print($file);

?>

I hope that this is helpful to people!

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Nope, he did a poor job answering the question. You did a good one. (The vote counts agree with me!)
15

Using file_get_contents() with a stream to specify the HTTP credentials, or use curl and the CURLOPT_USERPWD option.

Improve this answer

5 Comments

+1 - also note that if you don't have stream support (PHP4) or the cURL extension is not available, you can use http://user:[email protected]/file URL syntax with file_get_contents() and it will provide HTTP basic auth functionality.
@DaveRandom even better, that's awesome.
Can you give an example in PHP on how to do this, I'm a bit stuck, I've tried a couple different ways unsuccessfully.
Can you be more specific about what you've tried? The manpage for file_get_contents() has some examples without HTTP basic authentication - are those working for you? If so, and adding the auth prefix is failing for some reason, then you may get a hint from print_r(error_get_last()).
@DaveRandom solution with placing the credentials in the URL works well unless there is a redirect happening from http to https. In that case PHP 'looses' the credentials for the request to the https URL. But if they are in the context, they are still used.
4

I took @clone45's code and turned it into a series of functions somewhat like Python's requests interface (enough for my purposes) using only no external code. Maybe it can help someone else.

It handles:

  • basic auth
  • headers
  • GET Params

Usage:

$url = 'http://sweet-api.com/api';
$params = array('skip' => 0, 'top' => 5000);
$header = array('Content-Type' => 'application/json');
$header = addBasicAuth($header, getenv('USER'), getenv('PASS'));
$response = request("GET", $url, $header, $params);
print($response);

Definitions

function addBasicAuth($header, $username, $password) {
    $header['Authorization'] = 'Basic '.base64_encode("$username:$password");
    return $header;
}

// method should be "GET", "PUT", etc..
function request($method, $url, $header, $params) {
    $opts = array(
        'http' => array(
            'method' => $method,
        ),
    );

    // serialize the header if needed
    if (!empty($header)) {
        $header_str = '';
        foreach ($header as $key => $value) {
            $header_str .= "$key: $value\r\n";
        }
        $header_str .= "\r\n";
        $opts['http']['header'] = $header_str;
    }

    // serialize the params if there are any
    if (!empty($params)) {
        $params_array = array();
        foreach ($params as $key => $value) {
            $params_array[] = "$key=$value";
        }
        $url .= '?'.implode('&', $params_array);
    }

    $context = stream_context_create($opts);
    $data = file_get_contents($url, false, $context);
    return $data;
}
Improve this answer

2 Comments

Great, thank you. What if the response comes with links? How can I call the request function with the links url, when a link on the response page is clicked?
@Sadik if the response comes links you need parse them from the string you get. For example, if it's JSON, you culd use the json_decode function.
-14

You really want to use php for that ?

a simple javascript script does it:

function login(username, password, url) {

  var http = getHTTPObject();

  http.open("get", url, false, username, password);
  http.send("");
  //alert ("HTTP status : "+http.status);

  if (http.status == 200) {
    //alert ("New window will be open");
    window.open(url, "My access", "width=200,height=200", "width=300,height=400,scrollbars=yes");
    //win.document.location = url;
  } else {
    alert("No access to the secured web site");
  }

}

function getHTTPObject() { 

  var xmlhttp = false;
  if (typeof XMLHttpRequest != 'undefined') {
    try {
      xmlhttp = new XMLHttpRequest();
    } catch (e) {
      xmlhttp = false;
    }
  } else {
    /*@cc_on
    @if (@_jscript_version >= 5)
    try {
      xmlhttp = new ActiveXObject("Msxml2.XMLHTTP");
    } catch (e) {
      try {
        xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
      } catch (E) {
        xmlhttp = false;
      }
    }
    @end @*/
  }
  return xmlhttp;
}
Improve this answer

1 Comment

Working on something that is meant to be shared across sites, so no external JavaScript will work, unfortunately, need a hosted all-PHP solution.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.