0

I've been in the process of searching for the code all day, and now I've decided to write it here.

First Login:

<epp xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="urn:ietf:params:xml:ns:epp-1.0">
<command>
<login>
<clID>ClientX</clID>
<pw>epp123</pw>
<options>
<version>1.0</version>
<lang>en</lang>
</options>
<svcs>
<objURI>urn:ietf:params:xml:ns:domain-1.0</objURI>
<objURI>urn:ietf:params:xml:ns:contact-1.0</objURI>
<svcExtension>
<extURI>http://test/epp/xml/schema/contact-ext-1.0</extURI>
</svcExtension>
</svcs>
</login>
<clTRID>ABC-12345</clTRID>
</command>
</epp>

Then: Some XML

And then Logout:

<epp xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="urn:ietf:params:xml:ns:epp-1.0">
<command>
<logout />
<clTRID>ABC-12345</clTRID>
</command>
</epp>

How can I send this data and then receive data from the server? Can anyone send me example?

Thank you

George B.
  • 172
  • 2
  • 2
  • 14

2 Answers2

2

How can I send this data and then receive data from the server?

Read RFC 5734 "Extensible Provisioning Protocol (EPP) Transport over TCP" multiple times, and very carefully.

Of course to really understand it you will need to read all RFCs regarding EPP, that is RFC 5730 to 5733 and then if you are serious about being a registrar you will need to read the one on RGP and the one on secDNS-1.1 for the 2 major extensions used almost everywhere. Then of course registry specific extensions (I believe you are trying to connect to EURid or DNSBelgium).

In short:

  • open a TLS socket to the registry EPP server, typically on port 700
  • do your cryptography correctly: validate the server certificate!
  • start to read, as the server speaks first, with the <greeting>
  • extract objURI and extURI from there to build your <login> correctly (check registry documentation for which extensions are mandatory)
  • send your <login> frame
  • check the return code, and then do all other command/responses.

Make sure to understand from RFC 5734 that each EPP frame has to be prefixed by 4 octets encoding the length of the frame: on input (from registry) this let you know how much data you are getting, on output you have to generate it properly, otherwise the registry won't read your response.

If you are beginning in the registrar world, building from scratch a proper EPP client may not be the most desirable job, and I wouldn't necessarily recommend you to do that. There are a lot of small details to get right, specifically if you plan to connect to different registries.

If you search on EPP tag here you can easily find other questions, and answers that should help you:

You can also find that PHP libraries exist to do EPP so this might save you some time (and make you loose some in understanding the library and fitting it in your own ecosystem). See centralnic PHP EPP library - login frame for a lead for example.

PS: I participated in EPP specifications, and wrote multiple EPP clients and servers over the last 20 years or so.

Community
  • 1
  • 1
Patrick Mevzek
  • 10,995
  • 16
  • 38
  • 54
1

First, you need to check how the server API is expecting to receive this data. So far we know it's expecting XML but how is the XML to be delivered? Questions you should ask:

  • What is the type of the API I'm trying to interact with?
  • Is it a XML-RPC? SOAP? Maybe REST API?
  • Is it a custom API?
  • What are the API endpoints?
  • Does this API have a manual?

The underlying transport mechanism of most web APIs is through HTTP requests. For that you could use PHP native libraries like cURL or PHP libraries like Guzzle. Guzzle is a good one if you are dealing with a REST API.

But you can also find more specific libraries like the SOAP client if you are dealing with a SOAP API

UPDATE:

I just realized EPP is the protocol. Let me know if this link helps, it uses cURL:

https://doc.openprovider.eu/Example_Script_EPP_PHP

lbrandao
  • 4,144
  • 4
  • 35
  • 43
  • EPP is defined in RFC 5730 and later. It is XML over TLS, typically. RFC 5730 to 5734 gives answers to all the questions you ask in your answer :-) Or see my longer reply. – Patrick Mevzek Jun 30 '20 at 03:35
  • And no, EPP does not "uses cURL". This is invalid. EPP is XML over TLS. Any TLS client can theoretically do EPP then at least on the transport level. curl is primarily a tool/library to do HTTP call but can be used for other protocols, including bare TLS. But do not confuse the tool and the protocol or its specification. – Patrick Mevzek Jun 30 '20 at 03:36
  • @PatrickMevzek that's what I meant, the example I pasted uses cURL library to communicate with the server. – lbrandao Jun 30 '20 at 14:04