webapppassword icon indicating copy to clipboard operation
webapppassword copied to clipboard

Published 20 hours ago verified publisher icon digital-blueprint

500 on request

Open timowevel1 opened this issue 1 year ago • 3 comments

Hello,

I think its rather an error with the way I use it, but I cannot figure it out.

With postman I tried to test with

GET https://domain/index.php/apps/webapppassword/api/v1/shares?path=/Assessments/Max%20Mustermann/11.09.2024/8ed25dc5-d4f6-4a3f-9e51-05024ccb38e3.mp4

Authorization with Basic

Nextcloud 28.0.5

Header OCS-APIRequest to true

image

As return in the body it returns me the HTML code of nextcloud `

Nextcloud

Nextcloud

Internal Server Error

The server was unable to complete your request.

If this happens again, please send the technical details below to the server administrator.

More details can be found in the server log.

                <h3>Technical details</h3>
                <ul>
                    <li>Remote Address: 91.0.47.62</li>
                    <li>Request ID: XpJQ1rBdGwrb9ek1etW4</li>
                </ul>

            </div>
        </main>
    </div>
</div>
<footer class="guest-box ">
    <p class="info">
        <a href="https://nextcloud.com" target="_blank" rel="noreferrer noopener" class="entity-name">Nextcloud</a>
        – a safe home for all your data
    </p>
</footer>
`

When I embed that into my application it returns me a cors error

Access to fetch at 'https://domain/index.php/apps/webapppassword/api/v1/shares?path=/Assessments/Max%20Mustermann/11.09.2024/8ed25dc5-d4f6-4a3f-9e51-05024ccb38e3.mp4' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Code:

`const fetchVideoShareLink = async (path) => { // Extract the part starting from "/Assessments" const cleanPath = path.substring(path.indexOf("/Assessments")); console.log(cleanPath)

const response = await fetch(`https://xxx/index.php/apps/webapppassword/api/v1/shares?path=${cleanPath}`, {
    method: 'GET',
    headers: {
        'Authorization': `Basic ${btoa('username:password')}`, // Replace 'username' and 'password' with actual credentials
        'OCS-APIRequest': 'true',
    },
});

console.log(response)

if (response.ok) {
    const data = await response.json();
    if (data.ocs && data.ocs.data && data.ocs.data.length > 0) {
        return data.ocs.data[0].url; // Return the share URL
    } else {
        throw new Error('No share link found.');
    }
} else {
    throw new Error('Error fetching share link.');
}

};`

Any idea what I am doing wrong?

timowevel1 avatar Sep 13 '24 15:09 timowevel1

Okay, I updated from 0.5 to 0.10. Now it says <?xml version="1.0"?> <ocs> <meta> <status>failure</status> <statuscode>404</statuscode> <message>Could not create share</message> <totalitems></totalitems> <itemsperpage></itemsperpage> </meta> <data/> </ocs>

If I use webapppassword. https://xxxx/index.php/apps/webapppassword/api/v1/shares?path=/Assessments/Max%20Mustermann/11.09.2024/8ed25dc5-d4f6-4a3f-9e51-05024ccb38e3.mp4

If I use the legacy API, it returns the right response.

https://xxx/ocs/v2.php/apps/files_sharing/api/v1/shares?path=/Assessments/Max%20Mustermann/11.09.2024/8ed25dc5-d4f6-4a3f-9e51-05024ccb38e3.mp4

<?xml version="1.0"?> <ocs> <meta> <status>ok</status> <statuscode>200</statuscode> <message>OK</message> </meta> <data> <element> <id>2</id> <share_type>3</share_type> <uid_owner>admin</uid_owner> <displayname_owner>admin</displayname_owner> <permissions>17</permissions> <can_edit>1</can_edit> <can_delete>1</can_delete> <stime>1726238422</stime> <parent/> <expiration/> <token>BCRiffnPHtzXEfp</token> <uid_file_owner>admin</uid_file_owner> <note></note> <label></label> <displayname_file_owner>admin</displayname_file_owner> <path>/Assessments/Max Mustermann/11.09.2024/8ed25dc5-d4f6-4a3f-9e51-05024ccb38e3.mp4</path> <item_type>file</item_type> <item_permissions>27</item_permissions> <mimetype>video/mp4</mimetype> <has_preview></has_preview> <storage_id>home::admin</storage_id> <storage>1</storage> <item_source>177</item_source> <file_source>177</file_source> <file_parent>176</file_parent> <file_target>/8ed25dc5-d4f6-4a3f-9e51-05024ccb38e3.mp4</file_target> <item_size>218475</item_size> <item_mtime>1726238377</item_mtime> <share_with/> <share_with_displayname>(Shared link)</share_with_displayname> <password/> <send_password_by_talk></send_password_by_talk> <url>https://xxxx/s/BCRiffnPHtzXEfp</url> <mail_send>0</mail_send> <hide_download>0</hide_download> <attributes/> </element> </data> </ocs>

The cors error still persists, but I am testing in postman

timowevel1 avatar Sep 13 '24 16:09 timowevel1

@DanRiess, @aleixq?

pbek avatar Sep 13 '24 16:09 pbek

Hey, sorry for the late reply. Webapppasswords share api wrapper works with POST requests only. Try the following:

const result = await fetch(`${this.server}/index.php/apps/webapppassword/api/v1/shares`, {
	method: 'POST',
	headers: {
		Authorization: `Bearer ${this.token}`,
		// Authorization: `Basic ${btoa('user:password')}`,
		'Content-Type': 'application/json',
		'OCS-APIRequest': 'true',
	},
	body: JSON.stringify({
		path: pathToYourFile,
		shareType: 3, // check out nextcloud docs for a list of supported share types. The most common one is 3.
		password: shareFilePassword,
		expireDate: expireDate ? expireDate.toISOString() : null,
	}),
})

DanRiess avatar Sep 17 '24 05:09 DanRiess