file_get_contents('php://input') keeps returning empty

Question

I'm trying to setup gitkit in my website, but can't get past this one single line of code. No matter what I do, file_get_contents keeps returning empty.

I've already set my php.ini : always_populate_raw_post_data = On

My environment is PHP 5.3.3, Apache 2.2.6, localhost.

Here's some code.

In my index.php, I call the google API and try to login with gmail account, in other words, federated login.

(this is from the Google API Console)

<script type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
<script type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jqueryui/1.8.2/jquery-ui.min.js"></script>
<script type="text/javascript" src="//ajax.googleapis.com/ajax/libs/googleapis/0.0.4/googleapis.min.js"></script>
<script type="text/javascript" src="//ajax.googleapis.com/jsapi"></script>
<script type="text/javascript">
  google.load("identitytoolkit", "1", {packages: ["ac"], language:"en"});
</script>
<script type="text/javascript">
  $(function() {
    window.google.identitytoolkit.setConfig({
        developerKey: "HERE_GOES_MY_DEVELOPER_KEY",
        companyName: "Valentinos Pizzaria",
        callbackUrl: "http://localhost/valentinos/callback.php",
        realm: "",
        userStatusUrl: "http://localhost/valentinos/userstatus.php",
        loginUrl: "http://localhost/valentinos/login.php",
        signupUrl: "http://localhost/valentinos/register.php",
        homeUrl: "http://localhost/valentinos/index.php",
        logoutUrl: "http://localhost/valentinos/logout.php",
        idps: ["Gmail", "Yahoo"],
        tryFederatedFirst: true,
        useCachedUserStatus: false,
        useContextParam: true
    });
    $("#navbar").accountChooser();
  });
</script>

I get the IDP response, log in, and am asked for permissions. Upon returning to my callback page, in which I used the code sample provided by Google (which is below), this one line of code doesn't seem to be returning correctly.

Am I doing anything stupid at all?

Any help will be appreciated.

Here's whole callback.php so far (there's no HTML whatsoever, for now):

  session_start();

  $url = EasyRpService::getCurrentUrl();
  #$postData = @file_get_contents('php://input');
  $postData = file_get_contents('php://input');
  $result = EasyRpService::verify($url, $postData);
  // Turn on for debugging.
  // var_dump($result);

class EasyRpService {
  // Replace $YOUR_DEVELOPER_KEY
  private static $SERVER_URL = 'https://www.googleapis.com/rpc?key=HERE_GOES_MY_DEVELOPER_KEY';

  public static function getCurrentUrl() {
    $url = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 'https://' : 'http://';
    $url .= $_SERVER['SERVER_NAME'];
    if ($_SERVER['SERVER_PORT'] != '80') {
      $url .= ':'. $_SERVER['SERVER_PORT'];
    }
    $url .= $_SERVER['REQUEST_URI'];
    return $url;
  }

  private static function post($postData) {
    $ch = curl_init();
    curl_setopt_array($ch, array(
        CURLOPT_URL => EasyRpService::$SERVER_URL,
        CURLOPT_RETURNTRANSFER => 1,
        CURLOPT_HTTPHEADER => array('Content-Type: application/json'),
        CURLOPT_POSTFIELDS => json_encode($postData)));
    $response = curl_exec($ch);
    $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    curl_close($ch);
    if ($http_code == '200' && !empty($response)) {
      return json_decode($response, true);
    }
    return NULL;
  }

  public static function verify($continueUri, $response) {
    $request = array();
    $request['method'] = 'identitytoolkit.relyingparty.verifyAssertion';
    $request['apiVersion'] = 'v1';
    $request['params'] = array();
    $request['params']['requestUri'] = $continueUri;
    $request['params']['postBody'] = $response;

    $result = EasyRpService::post($request);
    if (!empty($result['result'])) {
      return $result['result'];
    }
    return NULL;
  }

} # End Class EasyRpService

Before anyone asks, I do replace HERE_GOES_MY_DEVELOPER_KEY with my Developer Key...

Once again, any help will be much appreciated. C ya.

Answer 1

Did you try using $_POST ? php://input don't work for enctype="multipart/form-data". May be you are getting response as multipart/form-data in this case $_POST[0] should work.

Answer 2

HTTP POST data is usually populated in $_POST, php://input will usually contain PUT data.