#1
|
|||
|
|||
(deprecated) API ServerEncryptionToken
Hello,
im trying to connect my react app to the JDownloader API. I use the old "deprecated" API, because i dont see a reason to use MyJDownloader, my instance is only running local and is not available to the internet. My Problem now, i always get a "403 - forbidden".I dont know what the "ServerEncryptionToken" would be in my case. From the Documentation i see:
Spoiler:
hmac the queryString. The used Key depends. Some calls use serverEncryptionToken, others have to ask the user for email and password, create the loginSecret and use the loginsecret as key. email needs to be lower case! I dont have a email or password because its not connected to myjdl. Maybe i just think wrong but and do a really stupid mistake. Would be amazing if someone could help me with it! My current setup looks like this: Code:
const url = '/jd/getCoreRevision'; const requestID = Date.now(); let queryString = `${url}&rid=${requestID}`; queryString += `&signature=${CryptoJS.HmacSHA256(encodeURI(queryString), "secret here")}`; axiosJDL.get(queryString) .then(res => { console.log(res); this.setState({ responseData: res }); }) .catch(err => { console.log(err); this.setState({ responseData: err.message }) }); Code:
const instance = axios.create({ baseURL: '**External links are only visible to Support Staff**, timeout: 2000 }); |
#2
|
||||
|
||||
Even when you only want to use the the api locally, you should think about using MyJDownloader as it provides authentication/security/encryption. You can also use it in direct-connection mode, that means you just communicate with the api to create a session/login and all further connections/requests are directly made between client<->JDownloader without relay server being involved.
The deprecated api doesn't provide authentication/security/encryption. Both (MyJDownloader and deprecated api) use the same api. The only difference is the protocol that is used for communication. The deprecated api method, you simply call the methods directly (eg ip:port/jd/getCoreRevision) while with MyJDownloader you have to create encrypted/signed requests. You can find the api docs here, https://my.jdownloader.org/developers/ See here for more technical details about encryption/security, https://support.jdownloader.org/Know...erorg-api-docu Feel free to ask for help via support@jdownloader.org or contact us via livechat (irc, freenode, #jdteam)
__________________
JD-Dev & Server-Admin |
#3
|
|||
|
|||
Hello, thanks for your reply.
Already figured out that i dont need encryption. But i have another problem that looks a bit wired. If i open the api in the browser (eg. **External links are only visible to Support Staff**...) i see the following result: Code:
{ "data" : 39752 } Code:
const url = '/jd/getCoreRevision'; axiosJDL.get(url) .then(res => { console.log(res); this.setState({ responseData: res.data }); }) .catch(err => { console.log(err); this.setState({ responseData: err.message }) }); Code:
{ "type": "AUTH_FAILED", "data": "Bad Origin", "src": "DEVICE" } Are there any special HTTP Header or stuff like that, that i have missed? I found nothing about that inside the documentation. |
#4
|
||||
|
||||
What exactly is axiosJDL? Is the source available for me to check/look at it.
My first guess is that your axiosJDL client does more than just call the url. The error message looks like it's still using MyJDownloader Protocol. If you want I can take a look via Teamviewer, contact us via support@jdownloader.org
__________________
JD-Dev & Server-Admin |
#5
|
|||
|
|||
axiosJDL is the axios instance from my first post (const instance = axios.create.....) just renamed. Nothing else has changed.
The strange thing is that if i run JDL 2, i still see "login to my JDownloader" but in the "org.jdownloader.api.RemoteAPIConfig" i set "deprecatedapienabled" to true. Did i missed some config options? |
#6
|
||||
|
||||
Sorry, I didn't know what axios is, so I asked Now I know that it is a http client
MyJDownloader has nothing to do with deprecatedapi. Why should it disappear? deprecatedapi is just an option to allow access to the api without MyJDownloader Please know that when you enable RemoteAPI.deprecatedapienabled that you have to access it through via port RemoteAPI.deprecatedapiport Looks like you are using the wrong api port I can also take a look via Teamviewer if you like or you can contact us in live chat (irc, freenode, #jdteam)
__________________
JD-Dev & Server-Admin |
#7
|
|||
|
|||
Ahh okay my bad then. I tought you dont know the Variable "axiosJDL" because i renamed it. sorry
In the same config file the "deprecatedapiport" is set to 3128, the same port i use for my requests (localhost:3128/.........). Sure if i have a little bit more time i will contact you on irc. |
#8
|
||||
|
||||
Nothing to be sorry for It thought axious would be a 3rd party MyJDownloader client That's why I was asking.
Just contact us when you find time and I'm sure we will get your code running
__________________
JD-Dev & Server-Admin |
Thread Tools | |
Display Modes | |
|
|