在PHP中驗證cURL請求

Question

我正在嘗試使用暴雪的API從他們的JSON服務中檢索數據（身份驗證文檔 - http://blizzard.github.io/api-wow-docs/#features/authentication）。我目前有以下功能，照顧我的cURL請求：

function get_json($url) { 
    $ch = curl_init(); 
    curl_setopt($ch, CURLOPT_HEADER, 0); 
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
    curl_setopt($ch, CURLOPT_URL, $url); 
    $data = curl_exec($ch); 
    curl_close($ch); 
    return $data; 
} 

我已經查看了身份驗證要求並獲得了公鑰和私鑰。它們提供了這一解釋過程：

UrlPath = <HTTP-Request-URI, from the port to the query string> 
    StringToSign = HTTP-Verb + "\n" + Date + "\n" + UrlPath + "\n"; 
    Signature = Base64(HMAC-SHA1(UTF-8-Encoding-Of(PrivateKey), StringToSign)); 
    Header = "Authorization: BNET" + " " + PublicKey + ":" + Signature; 

我曾嘗試研究PHP處理捲曲的認證，但它只是讓我感到困惑了。我的問題是如何在get_json函數中包含身份驗證？

Answer 1

在http://sourceforge.net/projects/wowarmoryapi/

private function getByKeys($url,$region){ 
    $pubkey = $GLOBALS['wowarmory']['keys']['public']; 
    $privkey = $GLOBALS['wowarmory']['keys']['private']; 
    $url = preg_replace('/^http/', 'https', $url); 
    $date = date('D, d M Y G:i:s T',time()); 
    $stringtosign = "GET\n".$date."\n".$url."\n"; 
    $signature = base64_encode(hash_hmac('sha1', $stringtosign, $privkey,true)); 
    $header = array("Host: ".$this->regions[$region],"Date: ". $date,"\nAuthorization: BNET ". $pubkey.":". base64_encode(hash_hmac('sha1', "GET\n".$date."\n".$url."\n", $privkey, true))."\n"); 

    $ch = curl_init($url); 
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); 
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); 
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); 
    curl_setopt($ch, CURLOPT_TIMEOUT, 10); 
    curl_setopt($ch, CURLOPT_VERBOSE, true); 

    curl_setopt($ch, CURLOPT_HTTPHEADER, $header); 
    $response = curl_exec($ch); 
    $headers = curl_getinfo($ch); 
    return $response; 
}