I have been trying to call the parkingfee/calculate API using cURL PHP and I am able to get the 200 status code which means it reaches the server. But somehow the JSON data is not showing up even though I get the 200 status code. I have concluded it's an authentication issue but I couldn't really figure out where I went wrong.
I have contacted the tech support from hikvision but they would not help in that term and kept on suggesting for me to use CSHCSDKDemo application that comes with the HCP download. It seems they couldn't understand my request. The image I attached is the error I have been getting and it shows the status code 200 as well. Any help would be appreciated, thank you.
At first, I kept getting errors like HTTP failed request: 400 status code but when I changed the headers parameters, I finally got the 200 status code which means successfully called the API but the JSON data that comes with it does not show up. And also, in the documentation, it mentioned that I need to calculate the signature using So I am not sure where I went wrong.
The documentation link for this API is:
https://pinfo.hikvision.com/hkwsen/unzip/20240201150721_74009_doc/
The API URL format is: https://[serverAddress]:[serverPort]/artemis/api/vehicle/v1/parkingfee/calculate
Below is the instructions on how to calculate the signature: Signature Calculation
Below is the complete code:
<?php
$apiUrl = 'https://127.0.0.1:443/artemis/api/vehicle/v1/parkingfee/calculate'; // Replace with actual endpoint
$urlEndpoint = '/api/vehicle/v1/parkingfee/calculate';
$httpMethod = 'POST';
$accept = 'application/json';
$acceptEncoding = 'gzip, deflate, sdch';
$acceptLanguage = 'en-US,en;q=0.8';
$connection = 'keep-alive';
$contentType = 'application/json;charset=UTF-8';
$x_requested_with = 'XMLHttpRequest';
$server = '-';
$host = '127.0.0.1';
$transferEncoding = 'chunked';
$x_application_context = '';
$plateLicense = '';
$userAgent = 'Chrome/61.0.3163.100';
$apiKey = '';
$apiSecret = '';
/******************************************************* CONTENT-MD5 ************************************************************************** */
$requestBody = '';
if(isset($_POST['submitform'])){
$apiKey = $_POST['apikey'];
$apiSecret = $_POST['apisecret'];
$apiUrl = $_POST['apiurl'];
$requestBody = $_POST['jsonbody'];
}
// $requestBody = array(
// 'userId' => 'admin',
// //'plateLicense' => 'UKM9999');
// 'plateLicense' => $plateLicense);
$jsonRequestBody = json_encode($requestBody, JSON_UNESCAPED_UNICODE);
$contentMD5 = base64_encode(md5($jsonRequestBody, true));
$contentLength = strlen($requestBody);
/******************************************************* RESPONSE BODY ************************************************************************** */
//response body format
$responseBody = array(
'code' => 0,
'msg' => 'Success',
'data' => array(
'plateLicense' => 'UKM9999',
'cardNum' => '',
'parkingInTime' => '2024-06-13T14:22:01+08:00',
'parkingDuration' => 437809,
'feeRuleType' => 0,
'feeRuleIndexCode' => '1',
'feeRuleName' => 'test rule',
'fee' => '00.00'));
//encode the above in json format
$jsonResponseBody = json_encode($responseBody, JSON_UNESCAPED_UNICODE);
$jsonDecoded = json_decode($jsonResponseBody, true);
/******************************************************* UUID/X-CA-NONCE *********************************************************************** */
function generateUUID() {
$data = openssl_random_pseudo_bytes(16);
assert(strlen($data) === 16);
$data[6] = chr(ord($data[6]) & 0x0f | 0x40); // Set version to 0100
$data[8] = chr(ord($data[8]) & 0x3f | 0x80); // Set bits 6-7 to 10
return vsprintf('%s%s-%s-%s-%s-%s%s%s', str_split(bin2hex($data), 4));
}
$x_ca_nonce = generateUUID();
/******************************************************* TIMESTAMP ************************************************************************** */
$dateString = strtotime("Y-M-D h:i:sa");
$dateTime = new DateTime($dateString);
$timestampInSeconds = $dateTime->getTimestamp();
$timestampInMilliseconds = $timestampInSeconds * 1000;
$timestampInMilliseconds2 = round(microtime(true) * 1000);
// Initialize cURL session
$ch = curl_init();
/******************************************************* SIGNATURE CALCULATION ***************************************************************** */
$stringToSign = "{$httpMethod}\n". "{$contentMD5}\n". "{$contentType}\n". "{$apiKey}\n". "{$x_ca_nonce}\n". "{$timestampInMilliseconds}\n". "{$urlEndpoint}";
// Generate Signature
$signature = hash_hmac('sha256', $stringToSign, $apiSecret, true);
// Encode Signature (base64)
$base64encodedSignature = base64_encode($signature);
/******************************************************* CURL SETOPT ************************************************************************** */
// Set cURL options
curl_setopt($ch, CURLOPT_URL, $apiUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_HTTP_VERSION, 'CURL_HTTP_VERSION_1_1');
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_POST, 1); //set request method to post
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Authorization: Basic YWRtaW46V2VtYWwzMjEh', // Adjust according to API's authentication requirements
'Accept: '. $accept.'*/*',
'Accept-Encoding: '. $acceptEncoding,
'Accept-Language: '. $acceptLanguage,
'Connection: '. $connection,
'Content-Length: '. $contentLength,
'Content-MD5: '. $contentMD5,
'Content-Type: '. $contentType,
'Host: '. $host,
'Server: '. $server,
'transferEncoding: '. $transferEncoding, //cant make it like others, will display 400 error again, like Transfer-Encoding
'X-CA-Key: ' . $apiKey,
'X-CA-Signature: ' . $base64encodedSignature,
'X-CA-Signature-Headers: X-CA-Key, X-CA-Timestamp',
'X-CA-Timestamp: ' . $timestampInMilliseconds,
'X-CA-Nonce: ' . $x_ca_nonce,
'userId: admin',
'X-Requested-With: '. $x_requested_with
]);
curl_setopt($ch, CURLOPT_POSTFIELDS, $requestBody);
// Execute the request
$response = curl_exec($ch);
// Close the cURL session
curl_close($ch);
?>
<!-- Form Request API -->
<!DOCTYPE html>
<head>
<title>Test HikVision API</title>
<style>
body {
color:rgb(220, 241, 208);
background-color: rgb(44, 42, 62);
}
.container {
display: flex;
justify-content: center;
align-items: center;
/*height: 100vh;*/
margin-top: 100px;
margin-bottom: 80px;
}
.container2 {
display: flex;
justify-content: center;
align-items: center;
}
.container3 {
display: flex;
justify-content: center;
/* align-items: center; */
/*height: 100vh;*/
margin-top: 50px;
margin-bottom: 80px;
}
.textlarge {
height: 200px;
width: 200px;
}
</style>
</head>
<body>
<div class="container">
<h1>Hikvision Open API Test </h1>
<div class="container2">
<form name="submitrequest" action="" method="post">
<label for="APPKey">APP Key: </label><br>
<input required type="text" name="apikey" placeholder="APP key"><br><br>
<label for="APPSecret">APP Secret: </label><br>
<input required type="text" name="apisecret" placeholder="APP secret"><br><br>
<label for="APIurl">API: </label><br>
<input required type="text" name="apiurl" placeholder="URL"><br><br>
<label for="Body">Body: </label><br>
<input type="text" class="textlarge" name="jsonbody"placeholder="Request Body"><br><br>
<input type="submit" value="Submit" name="submitform">
</form>
</div>
</div>
<div class="container3">
<h1>Results</h1>
</div>
<div class="container3">
<?php
// Check for errors
if(isset($_POST['submitform'])){
if ($response === false) {
echo 'cURL error: ' . curl_error($ch);
} else {
// Decode the JSON response
$responseData = json_decode($response, false, 512, JSON_UNESCAPED_UNICODE);
// $responseData = json_decode($response, true);
// echo $responseData;
// encoded response
echo "Encoded response body: " . $response . "<br><br><br>";
echo "Decoded response body: ";
if($responseData === NULL) echo "No decoded JSON response. <br><br><br>";
else echo $responseData . "<br><br><br>";
$resultStatus = curl_getinfo($ch, CURLINFO_HTTP_CODE);
if ($resultStatus == 200) {
// everything went better than expected
echo "Status Code: ".$resultStatus."<br><br><br>";
print_r($responseData);
} else {
// the request did not complete as expected. common errors are 4xx
// (not found, bad request, etc.) and 5xx (usually concerning
// errors/exceptions in the remote script execution)
die('Request failed: HTTP status code: ' . $resultStatus);
}
// Process the response data
if ($responseData === null && json_last_error() !== JSON_ERROR_NONE) {
// echo 'cURL Error: ' . curl_error($ch);
echo "Error decoding JSON response: " . json_last_error_msg();
} elseif ($responseData === null) {
echo "The response body is empty!";
} else {
// Everything went as expected
echo "HTTP status code: $resultStatus\n";
print_r($responseData);
}
// print_r($_POST);
//example if want json to print pretty
// echo json_encode($this->errors, JSON_PRETTY_PRINT);
}
}
?>
</div>
</body>
</html>
I am expecting it to give a JSON response like this:
{
"code": "0",
"msg": "Success",
"data": {
"plateLicense": "UKM9999",
"cardNum": "",
"parkingInTime": "2024-06-13T14:22:01+08:00",
"parkingDuration": 2223046,
"feeRuleType": 0,
"feeRuleIndexCode": "1",
"feeRuleName": "test rule",
"fee": "260.00"
}
}
I am not sure if the error comes from the signature calculation or the header. But the error I'm getting shows:
Status Code: 200 Error decoding JSON response: Control character error, possibly incorrectly encoded
UPDATE: I have attached an image to this post and edited the curl request and added the complete code. Error of the API call
I already found the solutions to my problem. First, I removed unnecessary headers and only kept Connection, Accept, Content-Type, App Key and the signature as the headers in the CURLOPT_HTTPHEADER. Then, I fixed my signature calculation. I also pass the queried plateLicense in the text box as arrays then encode it to JSON instead of passing the whole JSON body (which could work too but for the sake of testing, I prefer to pass it as array). The codes below are what I had changed in the PHP file:
//Header
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Connection: '. $connection,
'Accept: '. $accept,
'Content-Type: '. $contentType,
'X-Ca-Key: '. $apiKey,
'X-Ca-Signature: '. $signature
]);
curl_setopt($ch, CURLOPT_POSTFIELDS, $jsonRequestBody);
//Signature calculation
function generateHmacSha256Signature($jsonRequestBody, $apiSecret) {
return hash_hmac('sha256', $jsonRequestBody, $apiSecret, true);
}
Hope this answer could help anyone facing the same problem!