'laravel GuzzleHttp post with csrf
I'm trying to post request to first server using GuzzleHttp on second server http://imei.sy/imei Which have csrf_field() the errors: 500 Internal error` response so How to post with csrf_filed
I make same server (locally)
when I stopped csrf on first server post success
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use function GuzzleHttp\Promise\each;
use GuzzleHttp\Client as GuzzleClient;
class Guz extends Controller
{
//
//public $url = "http://127.0.0.1:8001/add";
public $url = "http://imei.sy/imei";
// Make Get request , re
public function getGuzzleRequest()
{
$client = new \GuzzleHttp\Client();
$request = $client->get($this->url);
$response = $request->getBody();
// dd( (string) $response);
return $this->get_string_between( (string) $response,"token\" content=\"","\">");
}
public function postGuzzleRequest()
{
$client = new \GuzzleHttp\Client();
$body = [
'imei' => '99999',
//'price' => 333,
'_token'=> $this->getGuzzleRequest()
];
$r = $client->request('POST', $this->url, [
'form_params' => $body
]);
$response = $r->getBody()->getContents();
dd($response);
}
private function get_string_between($string, $start, $end){ // Get
if($start != ''){
$string = ' ' . $string;
$ini = strpos($string, $start);
if ($ini == 0) return '';
$ini += strlen($start);
}
else{
$ini = 0;
}
if ($end == '') {
return substr($string, $ini);
}
else{
$len = strpos($string, $end, $ini) - $ini;
return substr($string, $ini, $len);
}
}
}
Route::get('/guzg',"Guz@getGuzzleRequest");
Route::get('/guzp',"Guz@postGuzzleRequest");
the errors: 419 unknown status` response
Solution 1:[1]
According to the api reference, you pass the headers as params to the request:
$r = $client->request('POST', 'http://127.0.0.1:8001/add', [
'headers' => ['X-CSRF-Token'=> csrf_token()]
'form_params' => $params
]);
Solution 2:[2]
I think that use the csrf token is not the correct way to make the auth to the second server, maybe the second server can use an API with oauth2 or jwt as auth.
Solution 3:[3]
You need get csrf_token from response and use this token in next auth request
$client = new Client([
'base_uri' => 'https://example.com/',
'cookie' => true,
'verify' => false,
'allow_redirects' => true
]);
$cookieJar = new \GuzzleHttp\Cookie\CookieJar();
$response = $client->get('/sign_in', [
'cookie' => true,
'cookies' => $cookieJar,
]);
//get token
preg_match('/<input type="hidden" name="_token" value="(.*)"/Uis',$response->getBody()->getContents(), $login_csrf);;
$response = $client->post( '/sign_in', [
'form_params' => [
'login' => 'login',
'password' => 'password',
'_token' => $login_csrf['1'],
],
'headers' => [
'Accept' => 'text/html,application/xhtml+xm…ml;q=0.9,image/webp,*/*;q=0.8',
'Accept-Encoding' => 'gzip, deflate, br',
'Content-Type' => 'application/x-www-form-urlencoded',
'User-Agent' => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0',
],
'cookies' => $cookieJar,
'debug' => false,
'on_stats'=>function (TransferStats $stats){
echo $stats->getEffectiveUri()."\n";
},
]);
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Eriks Klotins |
| Solution 2 | Joseff |
| Solution 3 | Bavial |