How to authenticate to DevOps API using php

0
votes

I'm trying to access the Azure DevOps REST API via php/curl and a personal access token, but am having trouble with the authentication process.

The documentation states, that the pat has to be converted to base64 and then added to the HTTP Header, however I have been unable to correctly do that. This is what I've tried:

function GetBuilds($url, $token) {  
  $ci = curl_init();

  curl_setopt($ci, CURLOPT_URL, $url);
  curl_setopt($ci, CURLOPT_RETURNTRANSFER, true);
  curl_setopt($ci, CURLOPT_TIMEOUT, 30);
  curl_setopt($ci, CURLOPT_CONNECTTIMEOUT, 30);
  curl_setopt($ci, CURLOPT_SSL_VERIFYHOST, false);
  curl_setopt($ci, CURLOPT_SSL_VERIFYPEER, false);
  curl_setopt($ci, CURLOPT_HTTPHEADER, array(
    "content-type: text/html",
    "content-length: 0",
    "Authorization: Basic ".base64_encode($token)   // Several variants have been tried.
    )
  );

  $buffer = curl_exec($ci); 
  curl_close($ci);

  return $buffer;
};

$url is the Link to the DevOps API which works when called with a browser (after logging in), however when the page with this function is called, it returns the string "Object moved to here." with "here" beeing a link to the microsoft online login page.

2
phprestazure-devops
I don't know but you might try CURLOPT_FOLLOWLOCATIONAbraCadaver
The PAT generally requires a leading : before being B64 encoded. Not sure if you're doing that.Daniel Mann

2 Answers

1
votes

Pretty sure you need to convert this to base64:

[email protected]:token

not just the token. [email protected] - is the user who issued the token

2
votes

Daniel Mann's comment was the solution (thank you!), although I'm not allowed to directly mark it as such. Changing the "Authorization"-line to this:

"Authorization: Basic ".base64_encode(":".$token)

does successfully authorize the request.