html - Postman akamai edge-grid code doesn't work in php

I am trying to make an GET-Request to my akamai server. With Postman, evertyhing works. But when I copy the code from the code generator and paste it into my php code, I can't Authenticate anymore.

Postman gives me following code:

    <?php

$curl = curl_init();

curl_setopt_array($curl, array(
CURLOPT_URL => 'https://akab************************',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: EG1-HMAC-SHA256 client_token=***************;access_token=;timestamp=20201209T15:07:33+0000;nonce=4616dcc7-5cd8-49b5-9c24-ac1b9bf9f2f5;signature=OVXlnNav8GUM/UyNO6KFcYS1/kQ='
),
));

$response = curl_exec($curl);

curl_close($curl);
echo $response;

my php code looks like this:

<?php
  include 'akamai-open-edgegrid-client-1.0.0.phar';
  require_once 'src/Authentication.php';
require_once 'src/Authentication/Timestamp.php';
require_once 'src/Authentication/Nonce.php';
require_once 'src/Authentication/Exception.php';
require_once 'src/Authentication/Exception/ConfigException.php';
require_once 'src/Authentication/Exception/SignerException.php';
require_once 'src/Authentication/Exception/SignerException/InvalidSignDataException.php';
    
    
    $curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => '******',
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => '',
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 0,
  CURLOPT_FOLLOWLOCATION => true,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => 'GET',
  CURLOPT_HTTPHEADER => array(
    'Authorization: EG1-HMAC-SHA256 client_token=*****;access_token=************;timestamp=20201209T15:07:33+0000;nonce=18759478-be33-4fe2-b417-557912445d93;signature=wW6/5RHKzXVQrS3uQ9bE3c83hl6jhQGjpQa2Ldi2qLI='
  ),
));

$response = curl_exec($curl);
echo $response = curl_exec($curl);
curl_close($curl);
?>
<html>
    <head>  
    </head> 
    <body>
        <div id="response">
        <?= $response ?></div>
    </body>

</html>

My response in my website says:

{ "type": "https://problems.luna.akamaiapis.net/-/pep-authn/request-error", "title": "Bad request", "status": 400, "detail": "Invalid timestamp", "instance": "https://akab****************", "method": "GET", "serverIp": "104.84.107.234", "clientIp": "95.90.201.65", "requestId": "5792bf0d", "requestTime": "2020-12-09T14:53:30Z" }

It seems like I have an error in my timestamp value. I tried to generate it dynamically, but I got the same error there too.

Solution:

The timestamp should be dynamic and close enough to actual time for the request to be allowed. If you change the timestamp, you also need to recalculate signature.

Algorithm for EdgeGrid authentication is complex, you better rely on related library to generate this header. Please read https://developer.akamai.com/blog/2017/02/03/akamai-open-edgegrid-php-now-beta

Php libraries for EdgeGrid.

• https://github.com/akamai/AkamaiOPEN-edgegrid-php
• https://github.com/akamai/AkamaiOPEN-edgegrid-php-client