problem solved, issue closed
вторник, 4 марта 2025 г. в 12:35:11 UTC+3, Alex B:
> Dear colleagues, I try to add item to a collection by rest api but I get
> the following error:
>
> Note: Unnecessary use of -X or --request, POST is already inferred.
> * Trying 10.220.16.19...
> * TCP_NODELAY set
> * Connected to 10.220.16.19 (10.220.16.19) port 8080 (#0)
> > POST
> /server/api/core/items?owningCollection=7ef17dc4-9504-449b-9417-88a10af447e9
> HTTP/1.1
> > Host: 10.220.16.19:8080
> > User-Agent: curl/7.61.1
> > Content-Type: application/json
> > Accept: application/json
> > Authorization: Bearer
> eyJhbGciOiJIUzI1NiJ9.eyJlaWQiOiJmOWMzMTA1YS1mOTEzLTQxYWItYjUzMy1jNDM2MTIyOGU2MTgiLCJzZyI6W10sImF1dGhlbnRpY2F0aW9uTWV0aG9kIjoicGFzc3dvcmQiLCJleHAiOjE3NDEwNzk2Nzh9.qHJp_DlzTGUNFQQhnw7TdmRO74lkQ0oOiE-7dLGv5Oo
> > X-CSRF-TOKEN: 22ca855a-46a2-4f2f-9795-1e2a8ac30bcf
> > Content-Length: 260
> >
> * upload completely sent off: 260 out of 260 bytes
> < HTTP/1.1 403
> < Vary: Origin
> < Vary: Access-Control-Request-Method
> < Vary: Access-Control-Request-Headers
> * Added cookie DSPACE-XSRF-COOKIE="dfa26213-89c7-4856-a8dc-5d406959f562"
> for domain 10.220.16.19, path /server, expire 0
> < Set-Cookie: DSPACE-XSRF-COOKIE=dfa26213-89c7-4856-a8dc-5d406959f562;
> Path=/server; HttpOnly; SameSite=Lax
> < DSPACE-XSRF-TOKEN: dfa26213-89c7-4856-a8dc-5d406959f562
> < X-Content-Type-Options: nosniff
> < X-XSS-Protection: 1; mode=block
> < Cache-Control: no-cache, no-store, max-age=0, must-revalidate
> < Pragma: no-cache
> < Expires: 0
> < X-Frame-Options: DENY
> < Content-Type: application/json;charset=UTF-8
> < Transfer-Encoding: chunked
> < Date: Tue, 04 Mar 2025 08:50:52 GMT
> <
> * Connection #0 to host 10.220.16.19 left intact
> {"timestamp":"2025-03-04T08:50:52.775+00:00","status":403,"error":"Forbidden","message":"Access
>
> is denied. Invalid CSRF token.","path":"/server/api/core/
>
> ------------------------------------------------------------------------------------------------
> Authorization and receipt of Bearer is successful.
> My request:
>
> curl -v -X POST "
> http://10.220.16.19:8080/server/api/core/items?owningCollection=7ef17dc4-9504-449b-9417-88a10af447e9";
>
> \
> -b "$COOKIE_FILE" \
> -H "Content-Type: application/json" \
> -H "Accept: application/json" \
> -H "Authorization: Bearer
> eyJhbGciOiJIUzI1NiJ9.eyJlaWQiOiJmOWMzMTA1YS1mOTEzLTQxYWItYjUzMy1jNDM2MTIyOGU2MTgiLCJzZyI6W10sImF1dGhlbnRpY2F0aW9uTWV0aG9kIjoicGFzc3dvcmQiLCJleHAiOjE3NDEwNzk2Nzh9.qHJp_DlzTGUNFQQhnw7TdmRO74lkQ0oOiE-7dLGv5Oo"
>
> \
> -H "X-CSRF-TOKEN: 22ca855a-46a2-4f2f-9795-1e2a8ac30bcf" \
> -d @- <<EOF
> {
> "metadata": {
> "dc.title": [
> {
> "value": "Test Item Title",
> "language": "en"
> }
> ],
> "dc.contributor.author": [
> {
> "value": "John Doe",
> "language": "en"
> }
> ]
> },
> "inArchive": true,
> "discoverable": true
> }
> EOF
>
> -----------------------------------------------------------------------------
> another request:
>
> curl -v -X POST --data "user=xx%40xx.com&password=xxx" "
> https://xxx/server/api/authn/login"; -H "X-XSRF-TOKEN: {csrf-token}"
> --cookie "DSPACE-XSRF-COOKIE={csrf-token}"
>
> curl -v -X POST '
> https://url/server/api/core/items?owningCollection=acf7c773-f2bb-47e4-8c55-e6e8fd086dec'
>
> -H 'X-XSRF-TOKEN: {csrf-token}' --cookie 'DSPACE-XSRF-COOKIE={csrf-token}'
> -H 'Authorization: Bearer
> eyJhbGciOiJIUzI1NiJ9.eyJlaWQiOiI1ODg4MzU2NC00ZmFmLTQxY2QtYmY1Ny1iNTJiOWY2M2FhYjIiLCJzZyI6W10sImF1dGhlbnRpY2F0aW9uTWV0aG9kIjoicGFzc3dvcmQiLCJleHAiOjE3NDEwNzU4NTJ9.DMbDPALjb5c8sC20D3rB5fXTC7wr33bCX3DwKB0wDps'
>
> -H 'Content-Type:text/uri-list' --data 'item.json'
> {
> "name": "Practices of research data curation in institutional
> repositories: A qualitative view from repository staff",
> "metadata": {
> "dc.contributor.author": [
> {
> "value": "Stvilia, Besiki",
> "language": "en",
> "authority": null,
> "confidence": -1
> }
> ],
> "dc.title": [
> {
> "value": "Practices of research data curation in institutional
> repositories: A qualitative view from repository staff",
> "language": "en",
> "authority": null,
> "confidence": -1
> }
> ],
> "dc.type": [
> {
> "value": "Journal Article",
> "language": "en",
> "authority": null,
> "confidence": -1
> }
> ]
> },
> "inArchive": true,
> "discoverable": true,
> "withdrawn": false,
> "type": "item"
> }
>
> curl -i -X POST '
> https://url/server/api/core/items?owningCollection=acf7c773-f2bb-47e4-8c55-e6e8fd086dec'
>
> -H 'X-XSRF-TOKEN: {csrf-token}' --cookie 'DSPACE-XSRF-COOKIE={csrf-token}'
> -H 'Authorization: Bearer
> eyJhbGciOiJIUzI1NiJ9.eyJlaWQiOiI1ODg4MzU2NC00ZmFmLTQxY2QtYmY1Ny1iNTJiOWY2M2FhYjIiLCJzZyI6W10sImF1dGhlbnRpY2F0aW9uTWV0aG9kIjoicGFzc3dvcmQiLCJleHAiOjE3NDEwNzU4NTJ9.DMbDPALjb5c8sC20D3rB5fXTC7wr33bCX3DwKB0wDps'
>
> -H 'Content-Type:text/uri-list' --data 'item.json'
> HTTP/1.1 400
> Date: Tue, 04 Mar 2025 07:49:38 GMT
> Server: Apache/2.4.37 (Oracle Linux Server) OpenSSL/1.1.1k
> Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
> Content-Language: en,ru
> X-Content-Type-Options: nosniff
> X-XSS-Protection: 1; mode=block
> Cache-Control: no-cache, no-store, max-age=0, must-revalidate
> Pragma: no-cache
> Expires: 0
> Strict-Transport-Security: max-age=31536000 ; includeSubDomains
> X-Frame-Options: DENY
> Content-Type: application/json;charset=UTF-8
> Access-Control-Allow-Origin: https://url --
> Access-Control-Allow-Methods: GET, POST, OPTIONS, PATCH, DELETE
> Access-Control-Allow-Headers: Content-Type, Authorization, x-referrer,
> x-correlation-id, x-xsrf-token
> Access-Control-Allow-Credentials: true
> Connection: close
> Transfer-Encoding: chunked
>
> {"timestamp":"2025-03-04T07:49:38.658+00:00","status":400,"error":"Bad
> Request","message":"An exception has
> occurred","path":"/server/api/core/items"}
> ------------------------------------------------------------------
> used documentation:
> https://github.com/DSpace/RestContract/blob/main/items.md
> and
> curl -i -X POST
> https://demo.dspace.org/server/api/core/items?owningCollection=1c11f3f1-ba1f-4f36-908a-3f1ea9a557eb
>
> \
> -H "Content-Type:text/uri-list" \
> --data "
> https://demo.dspace.org/server/api/integration/externalsources/orcid/entryValues/0000-0002-4271-0436
> "
>
> Help me please. How to add item to collection by rest api?
>
> Best regards,
> Alex
> DSpace 7.6, REST API 7.6
>
>
>
>
--
All messages to this mailing list should adhere to the Code of Conduct:
https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx
---
You received this message because you are subscribed to the Google Groups
"DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to dspace-tech+unsubscr...@googlegroups.com.
To view this discussion visit
https://groups.google.com/d/msgid/dspace-tech/156b61ee-70cd-459e-9138-b8635ad2aa71n%40googlegroups.com.
