I have a webhook to receive updates that I am trying to configure. I need to get the bearer token from the header, but I am not able to retrieve it. Can someone shed some light on this issue? I am stumped!
receiving url is https://example.com/receive
$data = file_get_contents("php://input",true);
$events= json_decode($data, true);
If you're looking for an OAuth bearer token these are usually transferred in the request HTTP Authorization header. In PHP these can be a little tricky to read since different web servers have different approaches to reading the Authorization header.
There's a good example of how to read a bearer token in this answer. Copied here for convenience:
<?PHP
/**
* Get hearder Authorization
* */
function getAuthorizationHeader() {
$headers = null;
if (isset($_SERVER['Authorization'])) {
$headers = trim($_SERVER["Authorization"]);
} else if (isset($_SERVER['HTTP_AUTHORIZATION'])) { //Nginx or fast CGI
$headers = trim($_SERVER["HTTP_AUTHORIZATION"]);
} elseif (function_exists('apache_request_headers')) {
$requestHeaders = apache_request_headers();
// Server-side fix for bug in old Android versions (a nice side-effect of this fix means we don't care about capitalization for Authorization)
$requestHeaders = array_combine(array_map('ucwords', array_keys($requestHeaders)), array_values($requestHeaders));
if (isset($requestHeaders['Authorization'])) {
$headers = trim($requestHeaders['Authorization']);
}
}
return $headers;
}
/**
* get access token from header
* */
function getBearerToken() {
$headers = getAuthorizationHeader();
// HEADER: Get the access token from the header
if (!empty($headers)) {
if (preg_match('/Bearer\s(\S+)/', $headers, $matches)) {
return $matches[1];
}
}
return null;
}
?>
