How to open it on Browser?

[Abhinav1217]

Hi, I am noob in this. I am learning to write secure api-centric application and found your blog post and this repo. I Downloaded it and am trying it since yesterday. I used your nginx file. I am able to run it via php client-connect.php and getting responce. But if i try to use my browser (via nginx or via php inbuilt server) I am getting indexPage doesn't exist. on browser. How do I run it on browser.

[overbid]

You could replace your nginx config file with nginx-virtual-host-php-fpm.conf. And restart.

[Abhinav1217]

Did that. I mentioned that I am using your config file. I initially used the url l.papi . Then tried using api.example.com, adding it to the /etc/hosts file. I am getting same error with php -S server also. I am getting response via terminal using your client-connect.php . but not via browser pointing to index file in public folder.

[jeteokeeffe]

Can post both the php -S command with output and your client-connect.php command with output.

[jeteokeeffe]

You won't be able to see a successful pong request because the necessary http headers won't be sent. That's why need need to use the client app.  You can test that php is running by putting http://localhost:8000 in your browser

 On Thursday, July 9, 2015 10:58 PM, Abhinav Kulshreshtha <notifications@github.com> wrote:

Did that. I mentioned that I am using your config file. I initially used the url l.papi . Then tried using api.example.com, adding it to the /etc/hosts file. I am getting same error with php -S server also. — Reply to this email directly or view it on GitHub.

[Abhinav1217]

Output from php -S

[Abhinav@abhinav-fed22 public] $ php -S localhost:8000 ../.htrouter.php
PHP 5.6.10 Development Server started at Fri Jul 10 09:01:44 2015
Listening on http://localhost:8000
Document root is /var/www/hmac/public
Press Ctrl-C to quit.
[Fri Jul 10 09:01:54 2015] 127.0.0.1:43440 [404]: /
[Fri Jul 10 09:01:54 2015] 127.0.0.1:43441 [404]: /favicon.ico - No such file or directory
[Fri Jul 10 09:01:59 2015] 127.0.0.1:43442 [404]: /
[Fri Jul 10 09:02:00 2015] 127.0.0.1:43443 [404]: /
[Fri Jul 10 09:03:11 2015] 127.0.0.1:43446 [200]: /ping

404 s are from browser pointing to localhost:8000. last line with [200] is from console.

Output from console

[Abhinav@abhinav-fed22 hmac] $ php client-connect.php 

Request: 
POST /ping HTTP/1.1
Host: localhost:8000
Accept: */*
API_ID: 1
API_TIME: 1436499190
API_HASH: ca6fb67add4409ea244a59af2e2b85483b79c0b49cf773c037dd8c6609c13fea
Content-Length: 142
Expect: 100-continue
Content-Type: multipart/form-data; boundary=------------------------90550a8901f809c9

Response:
HTTP/1.1 200 OK
Host: localhost:8000
Connection: close
X-Powered-By: PHP/5.6.10
Content-type: text/html; charset=UTF-8

indexpong

Output on browser is indexPage doesn't exist.

[jeteokeeffe]

The client is connecting and printing out the correct information. Everything is successful.

The reason the browser is failing is because you're not providing the http headers (API_ID: 1 API_TIME: 1436499190 API_HASH: ca6fb67add4409ea244a59af2e2b85483b79c0b49cf773c037dd8c6609c13fea). This project isn't just a restful api, it has authentication through http headers to verify who the user is.

Read this about what hmac is and used for http://www.thebuzzmedia.com/designing-a-secure-rest-api-without-oauth-authentication/

[jeteokeeffe]

if you just want a restful api, comment out line 68 in https://github.com/jeteokeeffe/php-hmac-rest-api/blob/master/public/index.php. I won't check the http headers

[Abhinav1217]

I commented the line 68. Still getting indexPage not found. On both localhost:8000 and localhost:8000/ping