1

我正在尝试使用 Bonita Web API。我我的代码如下。如您所见,我在调用任何其他 API 服务之前调用了 loginservice。它登录 OK 200。但是当我进行后续调用以获取进程列表时,我收到 401 错误。您从第一次调用中获得一个 JSESSIONID,并且您应该将其传递给后续调用以对您进行身份验证。

var baseAddress = new Uri(<base address>);
var cookieContainer = new CookieContainer();
using (var handler = new HttpClientHandler() { CookieContainer = cookieContainer })
using (var client = new HttpClient(handler) { BaseAddress = baseAddress })
    {
            HttpResponseMessage result = client.PostAsync("/bonita/loginservice", new StringContent("login=<username>,password=<password>,redirect=false")).Result;
            client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
            HttpResponseMessage result2 = client.GetAsync("/bonita/API/bpm/process").Result;
            result2.EnsureSuccessStatusCode();
    }
4

2 回答 2

2

这适用于 .Net 2.0 C#,但有一些有趣的事情需要检查。

WebClient wc = new WebClient();
wc.Proxy = WebRequest.GetSystemWebProxy();
//wc.Headers[HttpRequestHeader.AcceptEncoding] = "gzip, deflate";
string strLogin = wc.DownloadString("http://localhost:8080/bonita/loginservice?username=walter.bates&password=bpm&redirect=false");

wc.Headers[HttpRequestHeader.Cookie] = wc.ResponseHeaders[HttpResponseHeader.SetCookie].ToString();
string strCookie = wc.ResponseHeaders[HttpResponseHeader.SetCookie].ToString();

string strProcesses = wc.DownloadString("http://localhost:8080/bonita/API/bpm/process?p=0");

首先,您应该知道如何确定执行的操作是否成功(登录、getProcesses 等)当您尝试登录时,"JSESSIONID=50E509D37AC28E2D725CBD45A8112FA7; Path=/bonita; HttpOnly"即使您在 Bonita 中的登录尝试不成功,您也将始终获得标题(例如)和 OK 200。

对于上一个示例的成功登录

1)您必须传递强制性表单数据:用户名,密码和重定向您还必须确保以小写形式传递重定向。"False"不会工作,"false"会工作。所以.Net假设你有一个property-> Boolean重定向。redirect.ToString().ToLower()无论哪种方式,您都必须将其设为小写,"False"而您不希望这样。

假设您尝试仅使用用户名和密码登录而不通过重定向。结果是您将获得 OK 200 和标头,但您还将获得一个错误的响应(响应必须为空),因此在下一个请求(即 getProcesses)中,您将获得 (401) Unauthorized。猜猜如果你通过redirect=False而不是redirect=false. 完全相同的。

2) 你必须得到:strLogin="" // the body of the response must be empty strCookie="JSESSIONID=4F67F134840A2C72DBB968D53772FB22; Path=/bonita; HttpOnly"

对于getProcesses上一个示例的成功,您传递从登录获得的标头

wc.Headers[HttpRequestHeader.Cookie] = wc.ResponseHeaders[HttpResponseHeader.SetCookie].ToString();

然后你调用这个过程并得到一个json格式的字符串,例如

"[{\"id\":\"6996906669894804403\",\"icon\":\"\",\"displayDescription\":\"\",\"deploymentDate\":\"2014-11-19 17:57:40.893\",\"description\":\"\",\"activationState\":\"ENABLED\",\"name\":\"Travel request\",\"deployedBy\":\"22\",\"displayName\":\"Travel request\",\"actorinitiatorid\":\"4\",\"last_update_date\":\"2014-11-19 17:57:41.753\",\"configurationState\":\"RESOLVED\",\"version\":\"1.0\"}]"

(或 [] 表示空 json)

如果 cookie 未正确传递,您将再次收到 401 错误。

.Net 4.5.1 的解决方案

using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.IO;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Text;
using System.Threading.Tasks;
using System.Web;


namespace BonitaRestApi
{
    class BonitaApi
    {
        private CookieCollection collection;
        string strCookietoPass;
        string sessionID;

        static void Main(string[] args)
        {
            BonitaApi obj = new BonitaApi();
            Task login = new Task(obj.Login);
            login.Start();
            login.Wait();
            Console.ReadLine();

            Task GetProcesses = new Task(obj.GetProcesses);
            GetProcesses.Start();
            GetProcesses.Wait();
            Console.ReadLine();

            Task logout = new Task(obj.Logout);
            logout.Start();
            logout.Wait();
            Console.ReadLine();

        }

        public async void Login()
        {
            const string url = "http://localhost:8080/bonita/";

            var cookies = new CookieContainer();
            var handler = new HttpClientHandler();
            handler.CookieContainer = cookies;

            using (var client = new HttpClient(handler))
            {
                var uri = new Uri(url);
                client.BaseAddress = uri;
                //client.DefaultRequestHeaders.Accept.Clear();
                //client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));

                var content = new FormUrlEncodedContent(new[] 
                {
                    new KeyValuePair<string, string>("username", "helen.kelly"), 
                    new KeyValuePair<string, string>("password", "bpm"), 
                    new KeyValuePair<string, string>("redirect", "false"), 
                    new KeyValuePair<string, string>("redirectUrl", ""), 
                });

                HttpResponseMessage response = await client.PostAsync("loginservice", content);

                if (response.IsSuccessStatusCode)
                {
                    var responseBodyAsText = await response.Content.ReadAsStringAsync();

                    if (!String.IsNullOrEmpty(responseBodyAsText))
                    {
                        Console.WriteLine("Unsuccessful Login.Bonita bundle may not have been started, or the URL is invalid.");
                        return;
                    }

                    collection= cookies.GetCookies(uri);
                    strCookietoPass = response.Headers.GetValues("Set-Cookie").FirstOrDefault();

                    sessionID = collection["JSESSIONID"].ToString();

                    Console.WriteLine(string.Format("Successful Login Retrieved session ID {0}", sessionID));
                        // Do useful work 
                }
                else
                {
                    Console.WriteLine("Login Error" + (int)response.StatusCode + "," + response.ReasonPhrase);
                }

            }
        }

        public async void Logout()
        {
            const string url = "http://localhost:8080/bonita/";

            var cookies = new CookieContainer();
            var handler = new HttpClientHandler();
            handler.CookieContainer = cookies;

            using (var client = new HttpClient(handler))
            {
                var uri = new Uri(url);
                client.BaseAddress = uri;

                var content = new FormUrlEncodedContent(new[] 
                {
                    new KeyValuePair<string, string>("redirect", "false")
                });

                HttpResponseMessage response = await client.PostAsync("logoutservice", content);

                if (response.IsSuccessStatusCode)
                {
                    var responseBodyText = await response.Content.ReadAsStringAsync();

                    if (!String.IsNullOrEmpty(responseBodyText))
                    {
                        Console.WriteLine("Unsuccessful Logout.Bonita bundle may not have been started, or the URL is invalid.");
                        return;
                    }

                    Console.WriteLine("Successfully Logged out.");
                }
                else
                {
                    Console.WriteLine("Logout Error" + (int)response.StatusCode + "," + response.ReasonPhrase);
                }

            }
        }

        public async void GetProcesses()
        {

            var handler = new HttpClientHandler();

            Cookie ok = new Cookie("Set-Cookie:",strCookietoPass);

            handler.CookieContainer.Add(collection);

            using (var client = new HttpClient(handler))
            {

                var builder = new UriBuilder("http://localhost/bonita/API/bpm/process");
                builder.Port = 8080;

                var query = HttpUtility.ParseQueryString(builder.Query);
                query["p"] = "0";
                query["c"] = "10";
                builder.Query = query.ToString();

                Uri uri= new Uri(builder.ToString());
                client.BaseAddress = uri;

                HttpResponseMessage response = await client.GetAsync(uri.ToString());

                if (response.IsSuccessStatusCode)
                {
                    var responseBodyText = await response.Content.ReadAsStringAsync();

                    if (String.IsNullOrEmpty(responseBodyText))
                    {
                        Console.WriteLine("Unsuccessful GetProcesses.Bonita bundle may not have been started, or the URL is invalid.");
                        return;
                    }

                    Console.WriteLine("Successfully GetProcesses:" + responseBodyText);

                }
                else
                {
                    Console.WriteLine("GetProcesses Error" + (int)response.StatusCode + "," + response.ReasonPhrase);
                }

            }
        }
    }
}
于 2014-11-20T11:39:09.423 回答
1

对于每个非 GET 请求,我都有同样的问题(401 错误)。

我终于通过查看 CSRF 文档解决了这个问题: http ://documentation.bonitasoft.com/7.4?page=csrf-security

(请参阅“对 REST API 调用有影响吗?”部分)

成功登录后,您必须在请求中添加一个特殊的标头:

key: X-Bonita-API-Token

value: the one you got after your login (check the relevant cookie)
于 2017-01-19T08:40:08.410 回答