Skip to content
Advertisement

Guzzle fails to authenticate with shopware5

I am trying to port the following working HTTP_Request2 code which query shopware5 API to Guzzle 7

$request = new HTTP_Request2();
$request->setBody('{"limit": 500000}');
$request->setUrl($URL.'/customers');

$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setHeader('Accept-Encoding','gzip, deflate, br');
$request->setAuth($username, $apiKey, HTTP_Request2::AUTH_DIGEST);
$response = $request->send();

I have tried the following, but it fails with the message “Invalid or missing auth”

$RESTClient = new Client();
        $request = new Guzzle_request(
            'GET',
            $URL  .'/customers',
            [
                'body' => '{"limit": 500000}',
                'decode_content' => 'gzip, deflate, br',
                'auth' => [$username, $apiKey, 'digest']
            ]);
 $response = $RESTClient->send($request);

Advertisement

Answer

You need to change your code

use GuzzleHttpPsr7Request;

$client = new GuzzleHttpClient();
$headers = ['Accept-Encoding' => 'gzip, deflate, br'];
$body = '{"limit": 500000}';
$request = new Request('GET', $URL . '/customers', $headers, $body);
$response = $client->send($request, [
                                  'verify' => false,
                                  'auth' => [$username, $apiKey, 'digest']  
                              ]);

As Digest has md5, so verify as false does not make it insecure, but I have not found it anywhere written why but have seen that digest only works with verify as false.

You can also keep on using decode_content no problem there though it is by default true so if I pass the header then I guess there is no problem.

User contributions licensed under: CC BY-SA
7 People found this is helpful
Advertisement