API dspace
144 views
Skip to first unread message
Χρήστος Κατσάνης (Χρήστος)
Apr 29, 2024, 5:40:35 PM4/29/24
to DSpace Technical Support
Hey i have create a php file that run on local machine with dspace
code:
<?php
// DSpace API endpoint for creating new items
define('DSpace_API_URL', 'http://your-dspace-domain.com/dspace-spring-rest/api/submission/items');
// DSpace authentication credentials
define('USERNAME', 'dspacede...@gmail.com');
define('PASSWORD', 'dspace');
// CSRF token endpoint
define('CSRF_TOKEN_URL', 'http://your-dspace-domain.com/dspace-spring-rest/csrf');
function loginAndGetCSRFToken() {
// Initialize cURL session
$ch = curl_init();
// Set the URL for the login endpoint
curl_setopt($ch, CURLOPT_URL, 'https://{dspace-server.url}/server/api/authn/login');
// Set the request method to POST
curl_setopt($ch, CURLOPT_POST, 1);
// Set the request data
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query(array(
'user' => USERNAME,
'password' => PASSWORD
)));
// Set options to receive the response
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Execute the request
$response = curl_exec($ch);
// Close the cURL session
curl_close($ch);
// Check if the request was successful
if ($response === false) {
// Handle cURL error
return "Error: cURL error: " . curl_error($ch);
} else {
// Parse the JSON response
$response_data = json_decode($response, true);
// Check if the token was retrieved successfully
if (isset($response_data['token'])) {
return $response_data['token'];
} else {
// Handle invalid response
return "Error: Invalid response: " . $response;
}
}
}
function uploadPublication($metadata, $file, $csrf_token) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, DSpace_API_URL);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, buildFormData($metadata, $file));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: multipart/form-data',
'DSPACE-XSRF-TOKEN: ' . $csrf_token,
));
curl_setopt($ch, CURLOPT_COOKIE, 'DSPACE-XSRF-COOKIE={xsrf-cookie}');
$response = curl_exec($ch);
$status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($status_code == 201) {
$response_data = json_decode($response, true);
return $response_data['handle'];
} else {
return "Error: $status_code - $response";
}
}
function buildFormData($metadata, $file) {
$formData = array();
// Add metadata fields
foreach ($metadata as $key => $value) {
if (is_array($value)) {
foreach ($value as $index => $item) {
$formData["metadata[$key][$index][value]"] = $item;
}
} else {
$formData["metadata[$key][0][value]"] = $value;
}
}
// Add file
$formData['file'] = new CURLFile($file['tmp_name'], $file['type'], $file['name']);
return $formData;
}
// Example metadata for a publication with multiple authors
$metadata = array(
"dc.title" => "Sample Publication Title",
"dc.contributor.author" => array("John Doe", "Jane Smith", "Bob Johnson"),
"dc.date.issued" => "2024-04-24",
"dc.publisher" => "Sample Publisher",
// Add more metadata fields as needed
);
// Example file upload (replace with your file details)
$file = $_FILES['file'];
// Login and retrieve CSRF token
$csrf_token = loginAndGetCSRFToken();
// Upload the publication
$result = uploadPublication($metadata, $file, $csrf_token);
echo $result;
?>
// DSpace API endpoint for creating new items
define('DSpace_API_URL', 'http://your-dspace-domain.com/dspace-spring-rest/api/submission/items');
// DSpace authentication credentials
define('USERNAME', 'dspacede...@gmail.com');
define('PASSWORD', 'dspace');
// CSRF token endpoint
define('CSRF_TOKEN_URL', 'http://your-dspace-domain.com/dspace-spring-rest/csrf');
function loginAndGetCSRFToken() {
// Initialize cURL session
$ch = curl_init();
// Set the URL for the login endpoint
curl_setopt($ch, CURLOPT_URL, 'https://{dspace-server.url}/server/api/authn/login');
// Set the request method to POST
curl_setopt($ch, CURLOPT_POST, 1);
// Set the request data
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query(array(
'user' => USERNAME,
'password' => PASSWORD
)));
// Set options to receive the response
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Execute the request
$response = curl_exec($ch);
// Close the cURL session
curl_close($ch);
// Check if the request was successful
if ($response === false) {
// Handle cURL error
return "Error: cURL error: " . curl_error($ch);
} else {
// Parse the JSON response
$response_data = json_decode($response, true);
// Check if the token was retrieved successfully
if (isset($response_data['token'])) {
return $response_data['token'];
} else {
// Handle invalid response
return "Error: Invalid response: " . $response;
}
}
}
function uploadPublication($metadata, $file, $csrf_token) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, DSpace_API_URL);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, buildFormData($metadata, $file));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: multipart/form-data',
'DSPACE-XSRF-TOKEN: ' . $csrf_token,
));
curl_setopt($ch, CURLOPT_COOKIE, 'DSPACE-XSRF-COOKIE={xsrf-cookie}');
$response = curl_exec($ch);
$status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($status_code == 201) {
$response_data = json_decode($response, true);
return $response_data['handle'];
} else {
return "Error: $status_code - $response";
}
}
function buildFormData($metadata, $file) {
$formData = array();
// Add metadata fields
foreach ($metadata as $key => $value) {
if (is_array($value)) {
foreach ($value as $index => $item) {
$formData["metadata[$key][$index][value]"] = $item;
}
} else {
$formData["metadata[$key][0][value]"] = $value;
}
}
// Add file
$formData['file'] = new CURLFile($file['tmp_name'], $file['type'], $file['name']);
return $formData;
}
// Example metadata for a publication with multiple authors
$metadata = array(
"dc.title" => "Sample Publication Title",
"dc.contributor.author" => array("John Doe", "Jane Smith", "Bob Johnson"),
"dc.date.issued" => "2024-04-24",
"dc.publisher" => "Sample Publisher",
// Add more metadata fields as needed
);
// Example file upload (replace with your file details)
$file = $_FILES['file'];
// Login and retrieve CSRF token
$csrf_token = loginAndGetCSRFToken();
// Upload the publication
$result = uploadPublication($metadata, $file, $csrf_token);
echo $result;
?>
With this, when i run the code i have 403 error CSFR Invalid i can't understand what problem is.
Did anyone have impliment connection with the rest?
DSpace Technical Support
May 6, 2024, 10:42:59 AM5/6/24
to DSpace Technical Support
Hi,
It's difficult to help with custom code, especially since I don't know PHP. But, at a glance, it looks like you are not sending a CSRF token with the login request. You MUST send a CSRF token on every POST/PUT/PATCH/DELETE requests, and login is done via a POST. See the CSRF token docs at https://github.com/DSpace/RestContract/blob/main/csrf-tokens.md
It's difficult to help with custom code, especially since I don't know PHP. But, at a glance, it looks like you are not sending a CSRF token with the login request. You MUST send a CSRF token on every POST/PUT/PATCH/DELETE requests, and login is done via a POST. See the CSRF token docs at https://github.com/DSpace/RestContract/blob/main/csrf-tokens.md
As for other example libraries that work with the DSpace 7 REST API, here's a Python-based library that I'm aware of: https://pypi.org/project/dspace-rest-client/
Tim
Χρήστος Κατσάνης
May 6, 2024, 10:50:59 AM5/6/24
to DSpace Technical Support
Hey i was added to headers the cookie but 403?
--
All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx
---
You received this message because you are subscribed to a topic in the Google Groups "DSpace Technical Support" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/dspace-tech/RiEXg5JN5Dg/unsubscribe.
To unsubscribe from this group and all its topics, send an email to dspace-tech...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/222ea180-3052-4fd6-9a60-d9ad27817ea1n%40googlegroups.com.
Antti Laurila
May 15, 2024, 4:25:14 AM5/15/24
to DSpace Technical Support
Hi!
You could try adding the bearer_token to the POST api-call: Authorization: <bearer_token here>.
The
bearer-token can be found from the headers of the login -call result.
To include the headers to the result of the login-api-call (this is not
the default-setting), include the following curl-parameter to the
login-call:
curl_setopt($ch, CURLOPT_HEADER, true);
Hope this helps!
BR,
Antti
Reply all
Reply to author
Forward
0 new messages