Hi! You could try adding the bearer_token to the POST api-call: Authorization: <bearer_token here>.
The bearer-token can be found from the headers of the login -call result. To include the headers to the result of the login-api-call (this is not the default-setting), include the following curl-parameter to the login-call: curl_setopt($ch, CURLOPT_HEADER, true); Hope this helps! BR, Antti maanantai 6. toukokuuta 2024 klo 17.50.59 UTC+3 Χρήστος Κατσάνης kirjoitti: > Hey i was added to headers the cookie but 403? > > Στις Δευ 6 Μαΐ 2024, 17:43 ο χρήστης DSpace Technical Support < > dspac...@googlegroups.com> έγραψε: > >> Hi, >> >> It's difficult to help with custom code, especially since I don't know >> PHP. But, at a glance, it looks like you are not sending a CSRF token with >> the login request. You MUST send a CSRF token on every >> POST/PUT/PATCH/DELETE requests, and login is done via a POST. See the CSRF >> token docs at >> https://github.com/DSpace/RestContract/blob/main/csrf-tokens.md >> >> As for other example libraries that work with the DSpace 7 REST API, >> here's a Python-based library that I'm aware of: >> https://pypi.org/project/dspace-rest-client/ >> >> Tim >> >> On Monday, April 29, 2024 at 4:40:35 PM UTC-5 xristos...@gmail.com wrote: >> >>> Hey i have create a php file that run on local machine with dspace >>> >>> code: >>> >>> <?php >>> >>> // DSpace API endpoint for creating new items >>> define('DSpace_API_URL', ' >>> http://your-dspace-domain.com/dspace-spring-rest/api/submission/items'); >>> >>> // DSpace authentication credentials >>> define('USERNAME', 'dspacede...@gmail.com'); >>> define('PASSWORD', 'dspace'); >>> >>> // CSRF token endpoint >>> define('CSRF_TOKEN_URL', ' >>> http://your-dspace-domain.com/dspace-spring-rest/csrf'); >>> >>> function loginAndGetCSRFToken() { >>> // Initialize cURL session >>> $ch = curl_init(); >>> >>> // Set the URL for the login endpoint >>> curl_setopt($ch, CURLOPT_URL, >>> 'https://{dspace-server.url}/server/api/authn/login'); >>> >>> // Set the request method to POST >>> curl_setopt($ch, CURLOPT_POST, 1); >>> >>> // Set the request data >>> curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query(array( >>> 'user' => USERNAME, >>> 'password' => PASSWORD >>> ))); >>> >>> // Set options to receive the response >>> curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); >>> >>> // Execute the request >>> $response = curl_exec($ch); >>> >>> // Close the cURL session >>> curl_close($ch); >>> >>> // Check if the request was successful >>> if ($response === false) { >>> // Handle cURL error >>> return "Error: cURL error: " . curl_error($ch); >>> } else { >>> // Parse the JSON response >>> $response_data = json_decode($response, true); >>> >>> // Check if the token was retrieved successfully >>> if (isset($response_data['token'])) { >>> return $response_data['token']; >>> } else { >>> // Handle invalid response >>> return "Error: Invalid response: " . $response; >>> } >>> } >>> } >>> >>> function uploadPublication($metadata, $file, $csrf_token) { >>> $ch = curl_init(); >>> >>> curl_setopt($ch, CURLOPT_URL, DSpace_API_URL); >>> curl_setopt($ch, CURLOPT_POST, 1); >>> curl_setopt($ch, CURLOPT_POSTFIELDS, buildFormData($metadata, >>> $file)); >>> curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); >>> curl_setopt($ch, CURLOPT_HTTPHEADER, array( >>> 'Content-Type: multipart/form-data', >>> 'DSPACE-XSRF-TOKEN: ' . $csrf_token, >>> )); >>> curl_setopt($ch, CURLOPT_COOKIE, 'DSPACE-XSRF-COOKIE={xsrf-cookie}'); >>> >>> $response = curl_exec($ch); >>> $status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); >>> >>> curl_close($ch); >>> >>> if ($status_code == 201) { >>> $response_data = json_decode($response, true); >>> return $response_data['handle']; >>> } else { >>> return "Error: $status_code - $response"; >>> } >>> } >>> >>> function buildFormData($metadata, $file) { >>> $formData = array(); >>> >>> // Add metadata fields >>> foreach ($metadata as $key => $value) { >>> if (is_array($value)) { >>> foreach ($value as $index => $item) { >>> $formData["metadata[$key][$index][value]"] = $item; >>> } >>> } else { >>> $formData["metadata[$key][0][value]"] = $value; >>> } >>> } >>> >>> // Add file >>> $formData['file'] = new CURLFile($file['tmp_name'], $file['type'], >>> $file['name']); >>> >>> return $formData; >>> } >>> >>> // Example metadata for a publication with multiple authors >>> $metadata = array( >>> "dc.title" => "Sample Publication Title", >>> "dc.contributor.author" => array("John Doe", "Jane Smith", "Bob >>> Johnson"), >>> "dc.date.issued" => "2024-04-24", >>> "dc.publisher" => "Sample Publisher", >>> // Add more metadata fields as needed >>> ); >>> >>> // Example file upload (replace with your file details) >>> $file = $_FILES['file']; >>> >>> // Login and retrieve CSRF token >>> $csrf_token = loginAndGetCSRFToken(); >>> >>> // Upload the publication >>> $result = uploadPublication($metadata, $file, $csrf_token); >>> echo $result; >>> >>> ?> >>> >>> With this, when i run the code i have 403 error CSFR Invalid i can't >>> understand what problem is. >>> >>> Did anyone have impliment connection with the rest? >>> >> -- >> All messages to this mailing list should adhere to the Code of Conduct: >> https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx >> --- >> You received this message because you are subscribed to a topic in the >> Google Groups "DSpace Technical Support" group. >> To unsubscribe from this topic, visit >> https://groups.google.com/d/topic/dspace-tech/RiEXg5JN5Dg/unsubscribe. >> To unsubscribe from this group and all its topics, send an email to >> dspace-tech...@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/dspace-tech/222ea180-3052-4fd6-9a60-d9ad27817ea1n%40googlegroups.com >> >> <https://groups.google.com/d/msgid/dspace-tech/222ea180-3052-4fd6-9a60-d9ad27817ea1n%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> > -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to dspace-tech+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/7c015161-a964-41b9-a830-cc0c5eda723en%40googlegroups.com.
