How can I call a SAS Stored Process from CURL within PHP?

Question

I want to build a web application that calls a SAS stored process and prints the results. I want the authentication to be handled behind the scenes.

The web application is built in PHP and I'll be using CURL to make the request.

Is this possible? What CURL options are necessary?

Answer 1

First ensure your stored process web server is configured correctly by following the instructions located here.

Create a .php file containing the below code.

<?php

  $parameters = array('_program'  => '/Products/SAS Intelligence Platform/Samples/Sample: Hello World',  // PATH TO STORED PROCESS
                      '_username' => 'mysasusername',
                      '_password' => '{SAS002}EFC0A34D034F489E2E0E03E840D324D6D30964A3', // ENCODED PASSWORD FROM PROC PWENCODE
                      'myParam1'  => 'abc',
                      'myParam2'  => 123
                     );

  //
  // CREATE A NEW CURL INSTANCE AND CONFIGURE IT
  //  
  $ch = curl_init(); 
  curl_setopt($ch, CURLOPT_URL, "http://sas.myserver.com/SASStoredProcess/do?");
  curl_setopt($ch, CURLOPT_PORT, 7980);  // PORT USED TO MAKE STORED PROCESS REQUESTS
  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // DISABLE SSL CERTIFICATE CHECKING - OPTIONAL DEPENDING ON SERVER CERTIFICATE
  curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); // DISABLE SSL CERTIFICATE CHECKING - OPTIONAL DEPENDING ON SERVER CERTIFICATE

  curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); // STORED PROCESS LOGIN INVOLVES MULTIPLE PAGE REQUESTS
  curl_setopt($ch, CURLOPT_COOKIEFILE, ""); // STORED PROCESS LOGIN REQUIRES COOKIES 
  curl_setopt($ch, CURLOPT_COOKIEJAR, ""); // STORED PROCESS LOGIN REQUIRES COOKIES
  curl_setopt($ch, CURLOPT_HEADER, true);  // DONT SUPPRESS HTTP HEADER INFO 

  curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); // SUPPRESS DIRECTLY PRINTING RESULTS WHEN CURL_EXEC IS RUN.
  curl_setopt($ch, CURLOPT_CONNECTTIMEOUT ,90); // TIMEOUT LIMIT WHILE TRYING TO CONNECT
  curl_setopt($ch, CURLOPT_TIMEOUT, 90); // TIMEOUT WHILE WAITING FOR RESPONSE
  curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($parameters)); // SET THIS OPTION LAST.  MUST USE HTTP_BUILD_QUERY CALL ELSE YOU WILL BE PRESENTED WITH LOGIN PAGE

  //
  // EXECUTE IS AND SAVE THE RESULTS THEN CLOSE THE CURL OBJECT
  //    
  $response = curl_exec($ch) ; 

  // 
  // PARSE OUT THE HTTP HEADER VS THE BODY
  //
  $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
  $header = substr($response, 0, $header_size);
  $body = substr($response, $header_size);  

  print $body;

  curl_close($ch);   

?>

Configure the following:

• _username
• _password
• _program (for this example I've used a sample that comes with SAS)
• CURLOPT_URL
• CURLOPT_PORT
• depending on your site architecture you may require additional CURL options but the above should suffice for most cases

Once you have configured it, enter the URL of the .php file into your browser's address bar. You should see the output:

Hello World!

The PHP code listed used the minimum # of options required to work. It assumes that at some point you may also want to parse the header data to determine the CONTENT-TYPE of the result.

Also, when implementing the above code, be sure that any user credentials are stored securely. It is never a good idea to hardcode user credentials into source code (even if the SAS password has been run through PWENCODE).

Answer 2

The proper way to do this (with security in mind) would be to use their ticket API- you can do CURL requests with PHP with a handshake first to eventually get the results of an STP endpoint.

Step1a) POST request .../SASLogon/v1/tickets with a form encoded payload of username and password.

Step1b) Look at response header "Location" (split by "/"[-1]) to get your auth token.

Step2a) Make a POST request to the same first url with the auth token appended at the end- and pass in the body (form encoded) the service url (service=xxx) (which ideally is the .../SASStoredProcess/do) endpoint.

Step2b) parse the response body for your ticket token.

Step3a) Run a request to the service (the .../do?token=[TicketToken]) with a POST payload (form encoded) of _program = STP endpoint

Step3b) Results will be the result of your request.

This probably requires some specific SAS installation config things setup- but is the general ticket handshake (generally- typing from memory, not with example in front of me). SAS is very specific depending on the version and what the install you have is.

You can achieve this with CURL, but in my personal opinion I like using higher level request libraries.

The other answers given are both valid- but auth-behind the scenes I assume you want a proper level of security- passing the username and password in each request is a security risk. Using the ticket system and handshake would be a "better" form solution in my mind.

Answer 3

For a generic (non-php, command-line) answer, here is a one-liner.

curl -v -L -c cookiefile -b cookiefile \ 
    -d "_program=$STP&_username=$USERNAME&_password=$PASSWORD" \
    https://yourdomain.com/SASStoredProcess/do

As discussed here, things to note include:

1) A cookiefile is used so that the session token can be written (-c) and subsequently read (-b) by the SASLogon redirect.

2) The _username and _password parameters are used to authenticate (see docs)

3) -v for verbose logging, -L to tell curl to follow the redirect (SASLogon) location