我正在实施角色登录系统(来自 Mozilla)。在我的开发机器上,我无法使用 cURL 连接到身份验证服务器。至少看起来是这样。
完全相同的脚本确实从 CLI 运行。
更新:我收到此错误,来自 *curl_error()*:
A PKCS #11 module returned CKR_DEVICE_ERROR,
indicating that a problem has occurred with the token or slot.
cURL PHP 模块已安装并且支持 https
这是一个测试脚本:
<?php
/**
* Testing curl and persona
*
* Currently a connection is made when running from the CLI,
* but not when accessed via web
* Various options have been tried, but make no difference
*/
echo "<pre>\n";
$data = new StdClass();
$data->assertion = "foo";
$data->audience = "http://localhost";
// Do curl
$url = 'https://verifier.login.persona.org/verify';
$ch = curl_init();
curl_setopt_array($ch, array(
CURLOPT_URL => $url,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => json_encode($data),
CURLOPT_HEADER => false,
CURLOPT_RETURNTRANSFER => true,
/*
CURLOPT_SSL_VERIFYPEER => true,
CURLOPT_SSL_VERIFYHOST => 2,
CURLOPT_FOLLOWLOCATION => false,
CURLINFO_HEADER_OUT => true,
CURLOPT_CAINFO => '/etc/ssl/certs/ca-bundle.crt',
*/
CURLOPT_HTTPHEADER => array('Content-Type: application/json')
));
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
echo "EXEC now\n\n";
$response = curl_exec($ch);
$info = curl_getinfo($ch);
foreach ($info as $ki => $ii) {
if ( is_array($ii) ) {
$ii = "(array)";
}
echo $ki . " => " . $ii . "\n";
}
curl_close($ch);
// Check response
if ( empty($response) ) {
header("HTTP/1.0 401 Authentication is possible but has failed");
echo 'Response is empty - assertion failed: ';
echo '{"reason" : "Assertion failed, verifying server returned empty content"}';
exit;
}
//$response = json_decode($response);
echo 'Response decoded: ' . $response . "\n\n";
从 CLI 运行时的输出:
url => https://verifier.login.persona.org/verify
content_type => application/json; charset=utf-8
http_code => 200
header_size => 191
request_size => 175
etc
从服务器运行时的输出
url => https://verifier.login.persona.org/verify
content_type =>
http_code => 0
header_size => 0
request_size => 0
etc
我正在运行 Fedora Linux