homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

http auth with CURL then redirect to mp3?
Serving a protected file to an internet radio.

5+ Year Member

Msg#: 4183949 posted 9:58 pm on Aug 8, 2010 (gmt 0)

I've got a hardware internet radio player which needs to play a stream which is behind an http auth (standard 401 request).

Unfortunately, the device can't cope with http auth, you can't build the username and password into the link (eg: username:password@http etc - and besides, the server won't accept that) and it plays streams by calling an xml playlist first, which is also behind the barrier. Fortunately, the http auth request is not ssl, which might make things easier.

What the device CAN do, however, is variables within the url. ie: [my.com...]

Rather than pointing directly to the password protected audio server, I thought about bouncing the request off my webhosting Apache/php server and using some kind of redirect (.htaccess with php?) to check the variable against a lookup table of username and password, then somehow think that it was the radio which was authorised.

The problem is, the radio is one IP address, my server is another address (and I don't have root access so no httpd.conf tweaks), and the media server (which I have no control over) is another address.

No problem with the podcast xml - this works great:

$url = "http://www.example.com/something.xml";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERPWD, "user:pass");
$xmlResponse = curl_exec($ch);

But of course, this is reading in and serving out again. Not what I want to be doing with large mp3 files - and would probably break their T&C too! So, what about a redirect?

header("Content-Type: audio/mpeg");
$url = "http://www.example.com/something.mp3";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_USERPWD, "user:pass");
header('Location: ' . $url);

but this just takes me to the authorisation page. Sigh.

Anyone got any ideas?



5+ Year Member

Msg#: 4183949 posted 4:19 pm on Aug 9, 2010 (gmt 0)

This is a tricky one, and I'm not sure there's an easy answer. It sounds like you're essentially needing to create a proxy for the audio server, but only for the login part--without actually passing the audio data through. The best idea I can come up with is to force the device to make a HTTP request to a string, completely ignoring what the string may be. Then, your device could make the appropriate request to your web server, which would build the URL necessary to let the device access the radio stream and echo it back to the device. Once the device received it, it could make the request directly to the server.

However, this would require that the device be able to support arbitrary HTTP request strings. Based on your description, I'm not sure if this is possible.

It might also be possible to send a request to the audio server from your server with the IP address spoofed to be the radio device's IP address. However, the legality and advisability of such spoofing might be debated.


5+ Year Member

Msg#: 4183949 posted 8:45 am on Aug 11, 2010 (gmt 0)

WesleyC - thanks, you're right about the request strings, and I have a horrid feeling the suggestion in your last para would be the only way to go. As that would entail running my own server, it's a financial as well as a legal problem too!

OK, well at least it confirms I wasn't missing a trick there. Thanks again.

Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved