Re: Qlik Auth php - Qlik Community

Report Inappropriate Content · ‎2017-07-03

Hi guys.

I'm trying to login to qlik auth via php with the following script.

<?php

$targetId = 'http://redirectUrl';

$proxyRestUri = 'https://instance';

$userDirectory = 'QVNCYCLES';

$xrfToken = '0MwkYLX*********';

$url = $proxyRestUri . '/ticket?xrfkey=' . $xrfToken;

$cert_file = '.\client.pem';

$keyFile = '.\client_key.pem';

$selectedUser = 'user';

$userPassword = 'pass;

$cert_password = 'dev';

$req_fields = array(

'UserDirectory' => $userDirectory,

'UserId' => $selectedUser,

'Attributes' => array(),

'TargetId' => $targetId

);

$request = curl_init();

$options = array(

CURLOPT_URL => $url,

CURLOPT_SSLCERT => $cert_file,

CURLOPT_SSLCERTPASSWD => $cert_password,

CURLOPT_SSLKEY => $keyFile,

CURLOPT_RETURNTRANSFER => true,

CURLOPT_FOLLOWLOCATION => true,

CURLOPT_SSL_VERIFYHOST => false,

CURLOPT_SSL_VERIFYPEER => false,

CURLOPT_HTTPHEADER => array('X-qlik-xrfkey: ' . $xrfToken, 'Content-Type: application/json'),

CURLOPT_POSTFIELDS => json_encode($req_fields)

);

curl_setopt_array($request , $options);

$response = curl_exec($request);

if (!$response)

{

echo "Curl Error : " . curl_error($request);

curl_close($request);

die();

}

else

{

$ticket = json_decode($response, true);

echo json_encode(array('ticket' => $ticket["Ticket"]));

}

and even though im access the test.php as a regular get in the browser im getting the following error.

Error 403 - Forbidden. The initial authentication request must be a "GET" request in order to be redirected to the authentication module.

Im wanting to implement the above code in a php script which ill be posting to and just retrieve the ticket in a json object.

How could I do this and what am I doing wrong?

Thank you.

Anil_Babu_Samineni · ‎2017-07-03

This error looks like HTTP Request, Is this entire code you used. Because Can you check whether Post or Get methods with in the Form statement. Will you able to share code for Login form fiction code ??

Best Anil, When applicable please mark the correct/appropriate replies as "solution" (you can mark up to 3 "solutions". Please LIKE threads if the provided solution is helpful

Report Inappropriate Content · ‎2017-07-04

Thank you for your speedy reply.

The flow of the application is as follows.

First the user first opens the site and a login page is displayed with vue js.

Then we make a request to a login script which is located on another server.

Then this login script would in cooperate the code above to retrieve the qlik ticket and session which would be returned in a json object and then stored in the vue session.

As far as the php side I'm not sure. Would i have to do a curl GET request to this script from my login script?

But if that's true then why for purposes of testing can't I just access this ticket-sample.php in my browser as that is a GET and the script react in the same way?

I could share the login code but I don't really see what value it would hold at the moment as there is nothing set in stone at the moment as far as the type of request. It would be a curl request or maybe a file_get_contents.

Any suggestions?

Report Inappropriate Content · ‎2017-07-04

With the above POST request it was returning a 403 unauth response.

so from this article Connecting with PHP ‒ Qlik Sense I put together the following snippet of code and it is now returning a "not found" response.

This is the code snippet.

$proxyRestUri = 'https://server:4242/dev-test/qmc';

$userDirectory = 'DIR';

$xrfToken = '0MwkYLXpxHrbkKGu';

$url = $proxyRestUri . '/ticket?xrfkey=' . $xrfToken;

$cert_file = '.\client.pem';

$keyFile = '.\client_key.pem';

$selectedUser = 'USER';

$cert_password = 'dev';

//Endpoint to call (with xrfkey parameter added)

$endpoint = "/app?xrfkey={$xrfToken}";

// not sure wether to use app or ticket // I've seen both of these in places

$endpoint = "/ticket?xrfkey={$xrfToken}";

//Set up the required headers

$headers = array( 'Accept: application/json', 'Content-Type: application/json', "x-qlik-xrfkey: {$xrfToken}", "X-Qlik-User: UserDirectory=QVNCYCLES;UserId={$selectedUser}" );

//Create Connection using Curl

$ch = curl_init($QRSurl . $endpoint);

curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

curl_setopt($ch, CURLOPT_SSLCERT, $cert_file);

curl_setopt($ch, CURLOPT_SSLKEY, $keyFile);

curl_setopt($ch, CURLOPT_SSLCERTPASSWD, $cert_password);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);

//Execute and print response

$data = curl_exec($ch);

echo $data;

-------------------------------------------------------------------------

response "Not found"

Its worth mentioning that in my old code i commented out the "CURLOPT_POSTFIELDS" part of the header and it took me to a login screen instead. Then I tried my user and password etc and seems my credentials are incorrect (contacted my client). But my only question is, the response "Not Found" is this due to not finding the url? as I added the port onto the url. Or is this just because its not finding the user with the provided credentials?

The second case would be better as I am making progress.

Thank you

Anil_Babu_Samineni · ‎2017-07-04

For your question, the answer would some thing like below. Let's consider as you have code like below in HTML. I have highlighted in red color. Check whether the same with you or not. And then the action i gave for you is action_page.php

I assume you have PHP code with in the file and you are calling here

<!DOCTYPE html>
<html>

<style>
form {    border: 3px solid #f1f1f1;}
input[type=text], input[type=password] {    width: 100%;    padding: 12px 20px;    margin: 8px 0;    display: inline-block;    border: 1px solid #ccc;    box-sizing: border-box;}
button {    background-color: #4CAF50;    color: white;    padding: 14px 20px;    margin: 8px 0;    border: none;    cursor: pointer;
    width: 100%;}
button:hover {    opacity: 0.8;}
.cancelbtn {    width: auto;    padding: 10px 18px;    background-color: #f44336;}
.imgcontainer {    text-align: center;    margin: 24px 0 12px 0;}
img.avatar {    width: 40%;    border-radius: 50%;}
.container {    padding: 16px;}
span.psw {    float: right;    padding-top: 16px;}
@media screen and (max-width: 300px) {    span.psw {      display: block;      float: none;    }
    .cancelbtn {      width: 100%;    }}
</style>

<body>
<h2>Login Form</h2>
<form action="/action_page.php", METHOD = "GET">
  <div class="imgcontainer">
    <img src="User.png" alt="UserName" class="avatar">
  </div>
  <div class="container">
    <label><b>Username</b></label>
    <input type="text" placeholder="Enter Username" name="uname" required>
    <label><b>Password</b></label>
    <input type="password" placeholder="Enter Password" name="psw" required>    
    <button type="submit">Login</button>
    <input type="checkbox" checked="checked"> Remember me
  </div>
  <div class="container" style="background-color:#f1f1f1">
    <button type="button" class="cancelbtn">Cancel</button>
    <span class="psw">Forgot <a href="#">password?</a></span>
  </div>
</form>
</body>
</html>

Best Anil, When applicable please mark the correct/appropriate replies as "solution" (you can mark up to 3 "solutions". Please LIKE threads if the provided solution is helpful

Report Inappropriate Content · ‎2017-07-04

Thank you but I'm not connecting directly to the qlik login. I'm connecting to a php script as we have a custom login and the post this information to authenticate with qlik and then retrieve a ticket.

Anil_Babu_Samineni · ‎2017-07-04

That i aware, Because recently we developed SSO for Qlik where from Java / PHP implementation. The reason is we are generating web ticket ID and then we call up same into the ID for Qlik users.

This may helps you

Best Anil, When applicable please mark the correct/appropriate replies as "solution" (you can mark up to 3 "solutions". Please LIKE threads if the provided solution is helpful