I want to do basic access authentication using Guzzle and I am very new to programming. I have no clue what to do. I tried to do this using curl but my environment requires using guzzle.
Asked
Active
Viewed 1.3e+01k times
82
-
15You should really try and paste whatever code you've tried to enhance your chances of getting a meaningful answer. Just stating your need and cluelessness will just get you downvoted :( – ffflabs Jun 22 '15 at 00:42
-
3Guzzle version is missing. – chx May 23 '18 at 00:32
8 Answers
127
If you're using Guzzle 5.0 or newer, the docs say that basic auth is specified using the auth parameter:
$client = new GuzzleHttp\Client();
$response = $client->get('http://www.server.com/endpoint', [
'auth' => [
'username',
'password'
]
]);
Please note that the syntax is different if you're using Guzzle 3.0 or earlier. The constructor is different, and you also need to explicitly use the send method on a request to get a response:
$client = new Guzzle\Http\Client();
$request = $client->get('http://www.server.com/endpoint');
$request->setAuth('username', 'password');
$response = $request->send();
A brief addendum
In response to @Matthwew-Knill, yes, you can set a default authorization and implicitly have Guzzle send it in each further request. @Nick's answer is on point. The client constructor takes every parameter you could think of and then some.
Another approach, if you want to get creative, would be to instantiate the client passing it default headers to send on every further request. Simple auth is, after all, an Authorization header. It's computed as:
$client = new Client([
'headers'=>[
'Authorization'=> Basic base64_encode(<username>:<password>)
]
]);
Last but not least please note that filling a simple auth dialog happens only once (upon the virst visit of a given session). This is usually achieved by setting a cookie on the visitor's browser. That cookie in turn contains enough info for the server to identify its matching active session.
Usually, Guzzle requests are stateless, but you can configure Guzzle with a middleware chain to either modify request or responses, for debug purposes and, for this use case, to remember cookies, thus becoming partially stateful.
Please check the detailed procedure in Guzzle Docs. The important thing is that, by instantiating the client with a cookiejar middleware, therefore having the client include it from then on, the first request will remember the server's set-cookie header, and will send it as every further cookie header, making the server recognize the client as a logged in user. Of course, you could also inspect the first response's headers yourself and send its value from then on.
There might be other ways, but I can't think of another right now.
ffflabs
- 17,166
- 5
- 51
- 77
-
Is there a way this can be set as default for all requests? Something like: `$guzzleClient = new Client(['base_uri' => "https://example.com", 'auth' => ['user', 'pass']])` – Matthew Knill Aug 31 '22 at 00:51
37
In additional to @amenadiel answer. Sometimes handy specify auth parameters in constructor:
$client = new Client([
'auth' => ['username', 'password'],
]);
Then every request will use this default auth parameters.
Nick
- 9,735
- 7
- 59
- 89
-
3And for old ```"guzzlehttp/guzzle": "5.2.0"``` you should pass ```['defaults' => [ 'auth' => ['username', 'password'] ]]``` – Dmitry Davydov Dec 20 '16 at 10:57
-
2
24
This dint work when I used Guzzlev6 and used the advice from @amenadiel. When you use curl, your syntax would look something like
curl -u someone@gmail.com:password http://service.com
behind the scenes it actually takes the "someone@gmail.com:password" bit, base64 encodes it and sends the request with an "Authorization" Header with the encoded value. For this example, that will be:
Authorization: Basic c29tZW9uZUBnbWFpbC5jb206cGFzc3dvcmQ=
Advice from @amenadiel appended an "auth: username,password" header and hence, my authentication kept failing. To achieve this successfully, just craft the header when you are instantiating a Guzzle Client request, i.e
$client = new GuzzleHttp\Client();
$credentials = base64_encode('someone@gmail.com:password');
$response = $client->get('http://www.server.com/endpoint', [
'Authorization' => ['Basic '.$credentials]
]);
That would append the header as curl would, and whatever service you are trying to connect to will stop yelling at you,
Cheers.
bourgeois247
- 251
- 2
- 6
23
According to the Guzzle 6 documentation, you can do a request with basic authorization as simple as this:
$client = new Client();
$response = $client->request(
'POST', /*instead of POST, you can use GET, PUT, DELETE, etc*/
$url,
[
'auth' => ['username', 'password'] /*if you don't need to use a password, just leave it null*/
]
);
echo $response->getBody();
NOTE: You don't need to use base64_encode() at all because it already does it before the request.
I've tested and it works :)
See more at: Guzzle 6 Documentation
Eric Gruby
- 389
- 3
- 11
-
-
How will it compare the username and password stored in DB? I have the same requirement to implement with GET method. Appreciate anyone's help. – bhattraideb May 30 '18 at 15:49
-
@bhattraideb "How will it compare the username and password stored in DB?" > please open a new question for that. "I have the same requirement to implement with GET method." > It's on my answer... Just change POST go GET. – Eric Gruby May 30 '18 at 20:18
-
@EricGruby, I have already opened a question. can you please check this: https://stackoverflow.com/questions/50591063/guzzlehttp-laravel-login-api-using-get-request – bhattraideb May 31 '18 at 05:30
13
$response = $client->request( 'GET', 'your_url', [
'auth' => [
'your_username',
'your_password'
],
'headers' => [
'if you want to pass something in the headers'
]
]
);
Baach
- 889
- 10
- 10
12
You can also configure the auth params when instantiating the client instead of adding it to each request:
$this->client = new \GuzzleHttp\Client([
'base_uri' => $this->endpoint,
'headers' => [
'Authorization' => ['Basic '.base64_encode($this->username.':'.$this->password)],
],
]);
Here are the various doc links for Guzzle 6:
kjones
- 1,339
- 1
- 13
- 28
-
1should be a space after Basic like: `['Basic '.base64_encode($this->username.':'.$this->password)],` – Raskul Jan 24 '23 at 09:05
9
According to what @bourgeois247 said about base64 encoding, the following worked perfectly for me on Guzzle 6:
$client = new Client();
$credentials = base64_encode('username:password');
$response = $client->post('url',
[
'headers' => [
'Authorization' => 'Basic ' . $credentials,
],
]);
Agu Dondo
- 12,638
- 7
- 57
- 68
-
1This is just a duplicate of @bourgeois247 's answer, should just be a comment on that answer instead – kjones Sep 17 '20 at 19:12
5
If you use it with symfony, you can also define it in your configuration file (config/packages/eight_points_guzzle.yaml for symfony4 or flex or config.yml for the other version)
In your configuration file :
eight_points_guzzle:
clients:
your_service:
# Write here the host where to do requests
base_url: "yourURL"
options:
timeout: 30
auth:
- yourLogin # login
- yourPassword # password
plugin: ~
Then, in your service, controller, etc....
$client = $this->getContainer()->get('eight_points_guzzle.client.your_service');
$response = $client->get('yourRoute');
See : https://packagist.org/packages/eightpoints/guzzle-bundle
HRoux
- 445
- 10
- 15