0

I have a php file on an second server that creates JWT Tokens using the Firebase Token Generator (https://github.com/firebase/php-jwt).

When I make a post using .ajax in my app, it keeps giving me a 500 error. I think that use \Firebase\JWT\JWT; in the php file may be causing this issue, but i am not sure why. Would appreciate any assistance with pointing me in the right direction.

Here is the PHP

    <?php header('Access-Control-Allow-Origin: *'); ?>

<?PHP


  if (isset($_SERVER['HTTP_ORIGIN'])) {
        header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
        header('Access-Control-Allow-Credentials: true');
        header('Access-Control-Max-Age: 86400');    // cache for 1 day
    }

    // Access-Control headers are received during OPTIONS requests
    if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {

        if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
            header("Access-Control-Allow-Methods: GET, POST, OPTIONS");         

        if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
            header("Access-Control-Allow-Headers:        {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");

        exit(0);
    }

// include('./config.php');
require_once '../vendor/firebase/php-jwt/src/BeforeValidException.php';
require_once '../vendor/firebase/php-jwt/src/ExpiredException.php';
require_once '../vendor/firebase/php-jwt/src/SignatureInvalidException.php';
require_once '../vendor/firebase/php-jwt/src/JWT.php';

$issuedAt = time();
$expire = $issuedAt + 86400;   //add 24 hours 
$personalID = $_POST['personalID'];
$email = $_POST['email'];

        $key = "stringkeyexample";
        $token = array(
           "iss" => "example.com",
           "aud" => "example.org",
           "iat" => $issuedAt,
           "nbf" => $issuedAt,
           "exp" => $expire,
           "pid" => $personalID
        );

if ($puid){
    use \Firebase\JWT\JWT;

    $jwt = JWT::encode($token, $key);

    print_r($jwt);   
}

here is the .ajax:

      $.ajax({
          type: "POST"
          , dataType: "html"
          , url: "https://external-server.com/jwt.php"
          , data: {personalID: personalID, email: email} 
          , beforeSend: function(){
            console.log("before");
          } 
          , complete: function(){ 
            console.log("done");
          }  
          , success: function(html){ 
                    console.log(html);
          }
      });
Frank van Puffelen
  • 565,676
  • 79
  • 828
  • 807
gk103
  • 377
  • 5
  • 15
  • Did the PHP or apache error log contain anything interesting? – HPierce Jan 21 '17 at 16:39
  • @HPierce I am getting a 500 error as well as the following when i POST. Weird because I have access control code on the php file... – gk103 Jan 21 '17 at 17:15
  • `XMLHttpRequest cannot load https://external-server.com/jwt.php. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://127.0.0.1:4000' is therefore not allowed access. The response had HTTP status code 500.` – gk103 Jan 21 '17 at 17:16
  • 1
    You're misunderstanding. A 500 error means that PHP encountered an error and had to shutdown before it was supposed to. `No 'Access-Control-Allow-Origin' header is present on the requested resource.` makes sense, because PHP wasn't able to provide that header because it crashed. The PHP error log (or sometimes apache/other webserver) will contain information about what error your script had. – HPierce Jan 21 '17 at 17:40
  • See also: [How do I get PHP errors to display?](http://stackoverflow.com/questions/1053424/how-do-i-get-php-errors-to-display). Though using this will require you to conjure up some non-ajax method of issuing a POST request to PHP (Form submission, cURL, some 3rd party api testing tools). – HPierce Jan 21 '17 at 17:42
  • @HPierce excellent thank you for the clarification-- I was able to error log the php file, turns out I had `use \Firebase\JWT\JWT; ` in the wrong place, moved it up near the top under `require once` and now works without crash! – gk103 Jan 21 '17 at 18:24

0 Answers0