1

i am trying to use electrum rpc , it is giving me authentication error. i have tried user pass via Basic Authentication on Linux bash and via php but non of them works.

My php code was working fine before plectrum vulnerability upgrade. also i have tried curl on bash , but i get same error

Error code explanation: 401 - No permission -- see authorization schemes.

I have tried

curl --data-binary '{"id":"curltext","method":"listaddresses","params":{"funded":true}}' http://test:abc@127.0.0.1:7777

and

curl --data-binary '{"id":"curltext","method":"listaddresses","params":{"funded":true}}' http://127.0.0.1:7777

and

curl -utest http://127.0.0.1:7777

but electrum server never accepts any authentication.

I have also tried by disabling the rpc authentication , but still I get the same error

Kostas Drak
  • 3,222
  • 6
  • 28
  • 60
userx86
  • 19
  • 3

2 Answers2

-1

You have to use basic authentication using the appropriate curl parameter.

Quoting the relevant part of the manual:

6.1 Basic Authentication

HTTP Authentication is the ability to tell the server your username and password so that it can verify that you're allowed to do the request you're doing. The Basic authentication used in HTTP (which is the type curl uses by default) is plain text based, which means it sends username and password only slightly obfuscated, but still fully readable by anyone that sniffs on the network between you and the remote server.

To tell curl to use a user and password for authentication:

curl --user name:password http://www.example.com

So, in a terminal, your command should start somewhat like this:

curl --user RPCusername:RPCpassword http://127.0.0.1:7777 …

And (as a bonus) in PHP, it would look like this:

<?php
$RPCusername = 'test';
$RPCpassword = 'abc';
$somefundedBTCaddress = '1FeexV6bAHb8ybZjqQMjJrcCrHGW9sb6uF';

$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, $RPCusername.':'.$RPCpassword);
curl_setopt($ch, CURLOPT_URL, 'http://127.0.0.1:7777'); 
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
curl_setopt($ch, CURLOPT_POSTFIELDS, '{"id":"curltext","method":"getaddressbalance","params":{"address":"'.$somefundedBTCaddress.'"}}'); 
curl_setopt($ch, CURLOPT_POST, 1);

$headers = array(); 
$headers[] = "Content-Type: application/x-www-form-urlencoded"; 
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$result = curl_exec($ch); 
if (curl_errno($ch)) 
{ 
    echo 'Error:'.curl_error($ch).PHP_EOL; 
} 
else 
{
    $result =json_decode($result,true);
    echo($result['result']['confirmed'].PHP_EOL);
    echo($result['result']['unconfirmed'].PHP_EOL);
}
curl_close ($ch);
exit();
Community
  • 1
  • 1
e-sushi
  • 13,786
  • 10
  • 38
  • 57
-1

You can also use an other schema of passing user and password to curl, for example:

curl --data-binary '{"params": {"amount": 0.0021651117760957575, "expiration": 1212}, "method": "addrequest", "id": "c6cf406e-0c4b-4eb7-b3d2-1712a4d3a553"}' http://user:LMt2FDyG-c543kc23H-NA==@10.78.1.1:7049
jerome
  • 19
  • 3