What does php's CURLOPT_USERPWD do
I was wondering what CURLOPT_USERPWD is actually doing to the url, header or data of a request. Is it INSTEAD OF the Authorization: Basic <base64 of user:pass> or does it work along side this?
Is it modifying the url to this?:
username:[email protected]
I saw some code like this so I am wondering, as it seems if I request that url in a NodeJS equivalent request it is not working with just an Authorization header (I have a theory the server is broken and ignoring the Auth header and using the username:password in the url):
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$encodedAuth = base64_encode(self::$pfAdapterUser.":".self::$pfAdapterPasswd);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Authentication : Basic ".$encodedAuth));
curl_setopt($ch, CURLOPT_USERPWD, self::$pfAdapterUser.":".self::$pfAdapterPasswd);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
Thanks
Answer
Is it modifying the url to this?:
username:[email protected]
No, the url still the same. You can check with
curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
This
$encodedAuth = base64_encode(self::$pfAdapterUser.":".self::$pfAdapterPasswd);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Authorization: Basic ".$encodedAuth));
And this
curl_setopt($ch, CURLOPT_USERPWD, self::$pfAdapterUser.":".self::$pfAdapterPasswd);
are doing the same thing so there's no need to use them together (although it won't break), use one and it will work fine.