PHP sample code: Error code 400: "This API does not support parsing form-encoded input."

[cwb]

I'm trying to set this stuff up, using the sample PHP code here "Detailed Steps for GITkit Integration", point 3.  My code is exactly the same except for the added developer key.  When I run this, the post is being sent with HTTP header content type of application/x-www-form-urlencoded, not as "application/json", which is generating the error about the API not supporting form-encoded input.

The PHP version I'm running is 5.3.2. I've tried all kinds of different things related to how/which options are set and in what order, but without success. Has anyone else run into this problem and/or know of a solution?

Thanks.

[Jinhui Du]

The sample code uses curl to send the http request. The content type header option is set as "CURLOPT_HTTPHEADER => array('Content-Type: application/json'),". Do you have the same problem when send the http request without the GITkit stuff?

[Cameron Buescher]

Yes. I did a wget with the URL and JSON post data and got the same error code.  Output was:

------------------

--2012-04-17 15:01:29--  https://www.googleapis.com/identitytoolkit/v1/relyingparty/verifyAssertion?key=AIzaSyDbeGcYJK-g-Uui4LGK4wKopPGFTB40UfU

Resolving www.googleapis.com... 209.85.145.95

Connecting to www.googleapis.com|209.85.145.95|:443... connected.

HTTP request sent, awaiting response... 400 Bad Request

------------------

[Jinhui Du]

You may have a try.

curl  -v -d "{'method':'identitytoolkit.relyingparty.createAuthUrl','params':{'identifier':'gmail.com','continueUrl':'http://www.example.com/callback'}, 'apiVersion':'v1'}" -H "Content-Type: application/json" "https://www.googleapis.com/rpc"

[Cameron Buescher]

That worked (response code 200)... Any suggestions on how to rework the PHP, given this info?

[Cameron Buescher]

The server for my page and the command line I ran this from are on a RHEL 6 box, if it makes a difference.

[Jinhui Du]

Thanks for your patience. Looks like there is some problem with the sample code. It messed up the REST and the JSON-RPC styles. Sorry about that. We will update the doc soon. You may have a try to use the curl to get the URL and use the following code as the callback page to verify the response.

e.g. 

curl  -v -d "{'method':'identitytoolkit.relyingparty.createAuthUrl','params':{'identifier':'gmail.com','continueUrl':'http://your_domain_name/callback.php'}, 'apiVersion':'v1'}" -H "Content-Type: application/json" "https://www.googleapis.com/rpc?key=YOUR_API_KEY"

<?php

  $url = EasyRpService::getCurrentUrl();

  $postData = @file_get_contents('php://input');

  $result = EasyRpService::verify($url, $postData);

  var_dump($result);

class EasyRpService {

  // Replace $YOUR_DEVELOPER_KEY

  private static $SERVER_URL = "https://www.googleapis.com/rpc?key=YOUR_API_KEY";

  public static function getCurrentUrl() {

    $url = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 'https://' : 'http://';

    $url .= $_SERVER['SERVER_NAME'];

    if ($_SERVER['SERVER_PORT'] != '80') {

      $url .= ':'. $_SERVER['SERVER_PORT'];

    }

    $url .= $_SERVER["REQUEST_URI"];

    return $url;

  }

  private static function post($postData) {

    $ch = curl_init();

    curl_setopt_array($ch, array(

      CURLOPT_URL => EasyRpService::$SERVER_URL,

      CURLOPT_RETURNTRANSFER => 1,

      CURLOPT_HTTPHEADER => array('Content-Type: application/json'),

      CURLOPT_POSTFIELDS => json_encode($postData)));

    $response = curl_exec($ch);

    $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);

    curl_close($ch);

    if ($http_code == '200' && !empty($response)) {

      return json_decode($response, true);

    }

    return NULL;

  }

  

  public static function verify($continueUri, $response) {

    $request = array();

    $request['method'] = 'identitytoolkit.relyingparty.verifyAssertion';

    $request['apiVersion'] = 'v1';

    $request['params'] = array();

    $request['params']['requestUri'] = $continueUri;

    $request['params']['postBody'] = $response;

    

    $result = EasyRpService::post($request);

    if (!empty($result['result'])) {

        return $result['result'];

    }

    return NULL;

  }

}

?>

[Cameron Buescher]

Ok, no problem.  Thanks for looking into it.

[Jinhui Du]

FYI. The doc is updated.

[cwb]

Maybe I'm being thick, but everything looks the same, and the updated PHP still giving me trouble.  What in particular was changed?

[Jinhui Du]

The php code snippet on the page https://developers.google.com/identity-toolkit/v1/acguide was updated.

[Cameron Buescher]

Yeah, still having the same problem with the updated PHP snippet.  I guess there's a chance the PHP or server configuration is screwed up somehow... not really sure.

[Jinhui Du]

Tried again. With "YOUR_API_KEY" replaced in php file and the "your_domani" replaced in curl command line, it works on my machine. 

[Cameron Buescher]

You're right--that works for me too.  The error must be somewhere besides the PHP then.  Thanks.

[Cameron Buescher]

On second thought, I should have been clearer.  The issue is happening in the callback page, where I'm trying to verify the user.  The post of data TO the callback page works fine, even running in my browser (not just from the curl CLI).  The PHP for the callback page compiles and runs without error, I just always get an error code 400 result.  I apologize if I'm overlooking obvious solutions--I haven't had a whole lot of experience with PHP or web development.