cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Did you know you can set a signature that will be added to all your posts? Set it here! X

Problem getting CSRF_NONCE value (HTTP 400)

nbojcetic
11-Garnet

Problem getting CSRF_NONCE value (HTTP 400)

Hello,

I am stuck and need suggestions what to do. I am trying to get CSRF_NONCE value, using rest query with java api (I working with Windchill 12.0 server). But what ever I do I get HTTP code 400.

Tried queries were: https://myServer/Windchill/servlet/odata/PTC/GetCSRFToken()

My code is:

URL url = new URL ("https://myServer/Windchill/servlet/odata/PTC/GetCSRFToken()");
HttpURLConnection conn = (HttpURLConnection) obj.openConnection();
conn.setRequestMethod("GET");
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", "Basic " + authString); //authstring is Base64 encoded
conn.connect();
BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
conn.disconnect();

------------
I am pretty sure that code is ok because if I try query "https://myServer/Windchill//servlet/rest/objects?$select=number&typeId=wt.part.WTPart"
I am getting right result. Also both queries return right result if I use Firefox or Postman instead of my
code.

If anybody have suggestions what is wrong or what to do I will be grateful for help.
Best reagads,
Nenad

 

 

 

 

 

 

 

 

ACCEPTED SOLUTION

Accepted Solutions
HelesicPetr
22-Sapphire I
(To:nbojcetic)

Hi @nbojcetic 

You forgot to add a accept property string

 

conn.setRequestProperty("accept", "application/json");

 

I test it and it works

 

PetrH

View solution in original post

11 REPLIES 11
HelesicPetr
22-Sapphire I
(To:nbojcetic)

Hi @nbojcetic 

May be the version does miss in the url

https://wchserver.aa.com:443/Windchill/servlet/odata/v3/PTC/GetCSRFToken()

 PetrH

PetrH,

thank you for the suggestion, I already tired that but with the same result.

 

Thanks!

HelesicPetr
22-Sapphire I
(To:nbojcetic)

Hi @nbojcetic 

Have you tried earlier versions? v1 ? v2?

 

go to the a restApi documentation and test it directly from the windchill if it works.

https://wch.server.com/Windchill/netmarkets/html/wrs/doc.html

HelesicPetr_0-1679495061569.png

 

PetrH

Yes i tried all from v1 to v4 . I looked into the logs and I found message that I do not understand:

2023-03-22 14:15:00,759 ERROR [ajp-nio-127.0.0.1-8010-exec-5] com.ptc.odata.windchill.servlet.WcRestServlet nenad - An unexpected REST error occured Not exactly one '/ at the beginning or at the end in format: *; q=.2

Its like that server has issue with the query string, but I did not see this before.

 

Nenad

HelesicPetr
22-Sapphire I
(To:nbojcetic)

bi @nbojcetic 

btw

what is the obj OBJECT? shouldn't be there a url?

HttpURLConnection conn = (HttpURLConnection) obj.openConnection();

 

PetrH

rleir
17-Peridot
(To:nbojcetic)

With the 400 you should be getting an error message too.  What do you get?

 

What headers do you send?

 

nbojcetic
11-Garnet
(To:rleir)

Well, this is a whole code for the method doing GET:

sendurl is https://<myServer>/Windchill/servlet/odata/PTC/GetCSRFToken()

the authSting is encripted using:

String authString = uname + ":" + upass;
byte[] authEncBytes = Base64.encodeBase64(authString.getBytes());
authString = new String(authEncBytes);

-------------------------

private static String serverGET(String sendurl, String authString) {
String retmsg = "";
try {
URL obj = new URL(sendurl);
System.out.println(">> query = " + sendurl);
HttpURLConnection conn = (HttpURLConnection) obj.openConnection();

//add request header
conn.setRequestMethod("GET");
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", "Basic " + authString);
System.out.println(">> Send query..");
conn.connect();

int responseCode = conn.getResponseCode();
System.out.println(">>HTTP code: " + responseCode);

if(responseCode != 200) {
conn.disconnect();
System.out.println(">>HTTP " + responseCode);
System.out.println(">>Message = " + conn.getResponseMessage());
retmsg = "HTTP Error.";
} else {
System.out.println(">> Reading response data...");
BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream(), "UTF-8"));

String inputLine;
StringBuffer response = new StringBuffer();

while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
retmsg = response.toString();
conn.disconnect();
System.out.println(">> Disconnected.");
}
}catch(Exception ex) {
ex.printStackTrace();
retmsg = "Exception.";
}
return retmsg;
}

 

Nenad

HelesicPetr
22-Sapphire I
(To:nbojcetic)

Missing set the accept properties as i mentioned earlier
PetrH

When I try query https://<MyServer>/Windchill/servlet/odata/PTC/GetCSRFToken() form the browser or Postman
or using Windchill directly I am getting something like this:
{
    "@odata.context": "https://<MyServer>/Windchill/servlet/odata/v3/PTC/$metadata#PTC.CSRFToken",
    "@PTC.AppliedContainerContext.LocalTimeZone": "Europe/*****",
    "NonceKey": "CSRF_NONCE",
    "NonceValue": "dXwVsqNPptkx0aZfRxpv2owG3Ip3o+sSPRNS2MoCwrR3pO4ZPBJtwJAhkpRkl+EtJiRRwtou1eQL4JBoTEgsi5J/nuwJ6Jw9DRt32JN867J64c4KHwxShMpk7vZkvdAeNylt35EDn658vOIXIyp7h5F3mw=="
}
 
Nenad
HelesicPetr
22-Sapphire I
(To:nbojcetic)

Hi @nbojcetic 

You forgot to add a accept property string

 

conn.setRequestProperty("accept", "application/json");

 

I test it and it works

 

PetrH

YES, that is correct and now it works. Thank you very much! 😊

 

Nenad

Announcements

Top Tags