1

我正在实施角色登录系统(来自 Mozilla)。在我的开发机器上,我无法使用 cURL 连接到身份验证服务器。至少看起来是这样。

完全相同的脚本确实从 CLI 运行。

更新:我收到此错误,来自 *curl_error()*:

A PKCS #11 module returned CKR_DEVICE_ERROR,
indicating that a problem has occurred with the token or slot.

cURL PHP 模块已安装并且支持 https

这是一个测试脚本:

也在 GitHub 上

<?php
/**
 * Testing curl and persona
 *
 * Currently a connection is made when running from the CLI,
 * but not when accessed via web
 * Various options have been tried, but make no difference
 */

echo "<pre>\n";

$data = new StdClass();
$data->assertion = "foo";
$data->audience = "http://localhost";

// Do curl
$url = 'https://verifier.login.persona.org/verify';
$ch = curl_init();
curl_setopt_array($ch, array(
    CURLOPT_URL            => $url,
    CURLOPT_POST           => true,
    CURLOPT_POSTFIELDS     => json_encode($data),
    CURLOPT_HEADER         => false,
    CURLOPT_RETURNTRANSFER => true,
    /*
    CURLOPT_SSL_VERIFYPEER => true,
    CURLOPT_SSL_VERIFYHOST => 2,
    CURLOPT_FOLLOWLOCATION => false,
    CURLINFO_HEADER_OUT    => true,
    CURLOPT_CAINFO         => '/etc/ssl/certs/ca-bundle.crt',
    */
    CURLOPT_HTTPHEADER => array('Content-Type: application/json')
));
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
echo "EXEC now\n\n";
$response = curl_exec($ch);
$info = curl_getinfo($ch);
foreach ($info as $ki => $ii) {
    if ( is_array($ii) ) {
        $ii = "(array)";
    }
    echo $ki . " => " . $ii . "\n";
}
curl_close($ch);

// Check response
if ( empty($response) ) {
    header("HTTP/1.0 401 Authentication is possible but has failed");
    echo 'Response is empty - assertion failed: ';
    echo '{"reason" : "Assertion failed, verifying server returned empty content"}';
    exit;
}

//$response = json_decode($response);
echo 'Response decoded: ' . $response . "\n\n";

从 CLI 运行时的输出:

url => https://verifier.login.persona.org/verify
content_type => application/json; charset=utf-8
http_code => 200
header_size => 191
request_size => 175
etc

从服务器运行时的输出

url => https://verifier.login.persona.org/verify
content_type => 
http_code => 0
header_size => 0
request_size => 0
etc

我正在运行 Fedora Linux

4

1 回答 1

1

根据https://bugzilla.redhat.com/show_bug.cgi?id=870856在最近的 yum 更新中引入了错误,更新应该可以解决问题。

于 2012-11-05T15:34:52.313 回答