HP ALM REST API login using PHP CURL

Question

I'm new to REST and I'm trying to develop a web app that will connect with JIRA from one sid (already covered) and with HP's ALM from the other side.

what I'm attempting to accomplish right now is basic authentication to ALM with PHP but can't seem to progress.
here is my code:

$handle=curl_init('http://192.168.1.7:8081');
$headers = array(
    'Accept: application/xml',
    'Content-Type: application/xml',
    'Authorization: Basic YWRtaW46MTIzNA==',
);

$username='admin';
$password='1234';

$url = 'http://192.168.1.7:8081/qcbin/authentication-point/login.jsp';


curl_setopt_array(
$handle,
array(
CURLOPT_URL=>'http://192.168.1.7:8081/qcbin/rest/domains/default/projects/Ticomsoft/defects?login-form-required=y',
//CURLOPT_COOKIEFILE=>$ckfile,
CURLOPT_POST=>true,
//CURLOPT_HTTPGET =>true,
CURLOPT_COOKIEJAR=>$ckfile,
CURLOPT_VERBOSE=>1,
//CURLOPT_POSTFIELDS=>,
//CURLOPT_GETFIELDS=>'j_username=admin&j_password=1234&redirect-url=http://192.168.1.7:8081/myUiResource.jsps',
CURLOPT_SSL_VERIFYHOST=> 0,
CURLOPT_SSL_VERIFYPEER=> 0,
CURLOPT_RETURNTRANSFER=>true,
CURLOPT_FOLLOWLOCATION=>true,
CURLOPT_HEADER=>false,
CURLOPT_HTTPHEADER=> $headers,
CURLOPT_AUTOREFERER=>true
//CURLOPT_COOKIE=>
//CURLOPT_USERPWD=>"admin:yahala"
//CURLOPT_CUSTOMREQUEST=>"POST"
)

);
$result=curl_exec($handle);
$ch_error = curl_error($handle);
$response = curl_getinfo($handle);

print_r($response);
if ($ch_error) {
    echo "cURL Error: $ch_error";
} else {
    //var_dump(json_decode($result, true));
    echo $result;   
}

curl_close($handle);

?>

as you can see there is a lot of garbage as my trial and error progressed.

Answer 1

Here we go. I followed the QC Rest API documentation to study the order that QC expects requests to be made. I've tested it against ALM11. I'm new to cURL as well, but this should get you in and working......

<?php

//create a new cURL resource
$qc = curl_init();
//create a cookie file
$ckfile = tempnam ("/tmp", "CURLCOOKIE");

//set URL and other appropriate options
curl_setopt($qc, CURLOPT_URL, "http://qualityCenter:8080/qcbin/rest/is-authenticated");
curl_setopt($qc, CURLOPT_HEADER, 0);
curl_setopt($qc, CURLOPT_HTTPGET, 1);
curl_setopt($qc, CURLOPT_RETURNTRANSFER, 1);

//grab the URL and pass it to the browser
$result = curl_exec($qc);
$response = curl_getinfo($qc);

//401 Not authenticated (as expected)
//We need to pass the Authorization: Basic headers to authenticate url with the 
//Correct credentials.
//Store the returned cookfile into $ckfile
//Then use the cookie when we need it......
if($response[http_code] == '401')
{

        $url = "http://qualityCenter:8080/qcbin/authentication-point/authenticate";
        $credentials = "qc_username:qc_password";
        $headers = array("GET /HTTP/1.1","Authorization: Basic ". base64_encode($credentials));

    curl_setopt($qc, CURLOPT_URL, $url);
    curl_setopt($qc, CURLOPT_HTTPGET,1); //Not sure we need these again as set above?
    curl_setopt($qc, CURLOPT_HTTPHEADER, $headers);
    //Set the cookie
        curl_setopt($qc, CURLOPT_COOKIEJAR, $ckfile);
        curl_setopt($qc, CURLOPT_RETURNTRANSFER, true);

        $result = curl_exec($qc);
        $response = curl_getinfo($qc);

       //The response will be 200   
       if($response[http_code] == '200')
       {
        //Use the cookie for subsequent calls...
        curl_setopt($qc, CURLOPT_COOKIEFILE, $ckfile);
        curl_setopt($qc, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($qc, CURLOPT_URL, "http://qualityCenter:8080/qcbin/rest/domains/Your_Domain/projects/Your_Project/defects");

    //In this example we are retrieving the xml so...
        $xml = simplexml_load_string(curl_exec($qc));
        print_r($xml);

    //Call Logout
        logout($qc,"http://qualityCenter:8080/qcbin/authentication-point/logout");

       }
       else
       {
        echo "Authentication failed";
       }

    }
else
{
        echo "Not sure what happened?!";
}

//Close cURL resource, and free up system resources
curl_close($qc);

function logout($qc, $url)
{
    curl_setopt($qc, CURLOPT_URL, $url);
        curl_setopt($qc, CURLOPT_HEADER, 0);
        curl_setopt($qc, CURLOPT_HTTPGET,1);
        curl_setopt($qc, CURLOPT_RETURNTRANSFER, 1);

    //grab the URL and pass it to the browser
    $result = curl_exec($qc);
}

?>

Let me know if it worked!

Thanks,

Rich

Answer 2

one of the important things to keep in mind is after authenticating you must do the following POST /qcbin/rest/site-session with cookies LWSSO

this will return QCSession and XSRF-TOKEN which are needed to perform any operations