【问题标题】:Accessing orocrm REST API by using WSSE from a remote server使用 WSSE 从远程服务器访问 orocrm REST API
【发布时间】:2015-02-19 03:11:58
【问题描述】:

我实现了一个 WSSE 客户端来访问我的 orocrm 实现 REST API。如果我在同一台服务器上运行它,它就可以工作,所以我可以说它是正确的。如果我从同一 LAN 上的另一台服务器运行它,它就不起作用(所以我确定只涉及本地 httpd 服务器)。这是代码,它在本地工作。是否有一些 httpd 指令可以设置以正确管理 WSSE 标头?

    <?php

    $username = 'admin';
    $apiUserKey = '32e4c7a5f3a4c1f59b85be43f2e33dcd5afacbac';
    $userSalt = ''; // Will be removed in version 1.0 of OroCRM
    $url = 'http://my-server-LAN-IP/crm-application/web/app_dev.php/api/rest/latest/users';


    $oroWsse = new OroWsseAuthentification($username, $apiUserKey, $userSalt);

    $ch = curl_init();

    $headers = $oroWsse->getHeaders();

    print_r($headers);

    $array = array(
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_HTTPHEADER => $headers,
        CURLOPT_HEADER => 0,
        CURLOPT_FAILONERROR => true,
        CURLOPT_URL => $url
    );

    curl_setopt_array($ch, $array);

    $result = curl_exec($ch);

    if ( $result === false) {
        echo curl_error($ch);
    } else {
        echo ($result) . "\n";
    }

    curl_close($ch);


    class OroWsseAuthentification
    {
        protected $_username;
        protected $_apiKey;
        protected $_userSalt;

        /**
         * @param $username
         * @param $apiUserKey
         * @param string $userSalt
         */
        public function __construct ($username, $apiUserKey, $userSalt = '')
        {
            $this->_username = $username;
            $this->_apiKey = $apiUserKey;
            $this->_userSalt = $userSalt; // deprecated in OroCRM v1.0
        }

        /**
         * @param $raw
         * @param $salt
         * @return string
         */
        private function _encodePassword($raw, $salt)
        {
            $salted = $this->_mergePasswordAndSalt($raw, $salt);
            $digest = hash('sha1', $salted, true);

            return base64_encode($digest);
        }

        /**
         * @param $password
         * @param $salt
         * @return string
         * @throws InvalidArgumentException
         */
        private function _mergePasswordAndSalt($password, $salt)
        {
            if (empty($salt)) {
                return $password;
            }

            if (false !== strrpos($salt, '{') || false !== strrpos($salt, '}')) {
                throw new \InvalidArgumentException('Cannot use { or } in salt.');
            }

            return $password.'{'.$salt.'}';
        }

        /**
         * @return array
         */
        public function getHeaders ()
        {
            // this is my server hostname
            $prefix = 'my-server-hostname';
            $created = date('c');
            $nonce  = base64_encode(substr(md5(uniqid($prefix . '_', true)), 0, 16));

            $passwordDigest = $this->_encodePassword(base64_decode($nonce) . $created . $this->_apiKey, $this->_userSalt);

            $wsseProfile = sprintf(
                'X-WSSE: UsernameToken Username="%s", PasswordDigest="%s", Nonce="%s", Created="%s"',
                $this->_username,
                $passwordDigest,
                $nonce,
                $created
            );

            return array(
                'Authorization: WSSE profile="UsernameToken"',
                $wsseProfile
            );
        }
    }       

【问题讨论】:

    标签: apache rest wsse orocrm


    【解决方案1】:

    您确定两台服务器上的日期时间相同吗? 您是否为每个请求使用新的 WSSE 标头(根据 WSSE 规范的要求)?

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 2015-02-25
      • 2020-12-05
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      相关资源
      最近更新 更多