500 on request

[timowevel1]

Hello,

I think its rather an error with the way I use it, but I cannot figure it out.

With postman I tried to test with

GET https://domain/index.php/apps/webapppassword/api/v1/shares?path=/Assessments/Max%20Mustermann/11.09.2024/8ed25dc5-d4f6-4a3f-9e51-05024ccb38e3.mp4

Authorization with Basic

Nextcloud 28.0.5

Header OCS-APIRequest to true

As return in the body it returns me the HTML code of nextcloud
`

<title> Nextcloud </title>

This application requires JavaScript for correct operation. Please enable JavaScript and reload the page.

Nextcloud

Internal Server Error

The server was unable to complete your request.

If this happens again, please send the technical details below to the server administrator.

More details can be found in the server log.

                <h3>Technical details</h3>
                <ul>
                    <li>Remote Address: 91.0.47.62</li>
                    <li>Request ID: XpJQ1rBdGwrb9ek1etW4</li>
                </ul>

            </div>
        </main>
    </div>
</div>
<footer class="guest-box ">
    <p class="info">
        <a href="https://nextcloud.com" target="_blank" rel="noreferrer noopener" class="entity-name">Nextcloud</a>
        – a safe home for all your data
    </p>
</footer>

`

When I embed that into my application it returns me a cors error

Access to fetch at 'https://domain/index.php/apps/webapppassword/api/v1/shares?path=/Assessments/Max%20Mustermann/11.09.2024/8ed25dc5-d4f6-4a3f-9e51-05024ccb38e3.mp4' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Code:

`const fetchVideoShareLink = async (path) => {
// Extract the part starting from "/Assessments"
const cleanPath = path.substring(path.indexOf("/Assessments"));
console.log(cleanPath)

const response = await fetch(`https://xxx/index.php/apps/webapppassword/api/v1/shares?path=${cleanPath}`, {
    method: 'GET',
    headers: {
        'Authorization': `Basic ${btoa('username:password')}`, // Replace 'username' and 'password' with actual credentials
        'OCS-APIRequest': 'true',
    },
});

console.log(response)

if (response.ok) {
    const data = await response.json();
    if (data.ocs && data.ocs.data && data.ocs.data.length > 0) {
        return data.ocs.data[0].url; // Return the share URL
    } else {
        throw new Error('No share link found.');
    }
} else {
    throw new Error('Error fetching share link.');
}

};`

Any idea what I am doing wrong?

[timowevel1]

Okay, I updated from 0.5 to 0.10. Now it says
<?xml version="1.0"?> <ocs> <meta> <status>failure</status> <statuscode>404</statuscode> <message>Could not create share</message> <totalitems></totalitems> <itemsperpage></itemsperpage> </meta> <data/> </ocs>

If I use webapppassword.
https://xxxx/index.php/apps/webapppassword/api/v1/shares?path=/Assessments/Max%20Mustermann/11.09.2024/8ed25dc5-d4f6-4a3f-9e51-05024ccb38e3.mp4

If I use the legacy API, it returns the right response.

https://xxx/ocs/v2.php/apps/files_sharing/api/v1/shares?path=/Assessments/Max%20Mustermann/11.09.2024/8ed25dc5-d4f6-4a3f-9e51-05024ccb38e3.mp4

<?xml version="1.0"?> <ocs> <meta> <status>ok</status> <statuscode>200</statuscode> <message>OK</message> </meta> <data> <element> <id>2</id> <share_type>3</share_type> <uid_owner>admin</uid_owner> <displayname_owner>admin</displayname_owner> <permissions>17</permissions> <can_edit>1</can_edit> <can_delete>1</can_delete> <stime>1726238422</stime> <parent/> <expiration/> <token>BCRiffnPHtzXEfp</token> <uid_file_owner>admin</uid_file_owner> <note></note> <label></label> <displayname_file_owner>admin</displayname_file_owner> <path>/Assessments/Max Mustermann/11.09.2024/8ed25dc5-d4f6-4a3f-9e51-05024ccb38e3.mp4</path> <item_type>file</item_type> <item_permissions>27</item_permissions> <mimetype>video/mp4</mimetype> <has_preview></has_preview> <storage_id>home::admin</storage_id> <storage>1</storage> <item_source>177</item_source> <file_source>177</file_source> <file_parent>176</file_parent> <file_target>/8ed25dc5-d4f6-4a3f-9e51-05024ccb38e3.mp4</file_target> <item_size>218475</item_size> <item_mtime>1726238377</item_mtime> <share_with/> <share_with_displayname>(Shared link)</share_with_displayname> <password/> <send_password_by_talk></send_password_by_talk> <url>https://xxxx/s/BCRiffnPHtzXEfp</url> <mail_send>0</mail_send> <hide_download>0</hide_download> <attributes/> </element> </data> </ocs>

The cors error still persists, but I am testing in postman

[pbek]

@DanRiess, @aleixq?

[DanRiess]

Hey, sorry for the late reply. Webapppasswords share api wrapper works with POST requests only. Try the following:

const result = await fetch(`${this.server}/index.php/apps/webapppassword/api/v1/shares`, {
	method: 'POST',
	headers: {
		Authorization: `Bearer ${this.token}`,
		// Authorization: `Basic ${btoa('user:password')}`,
		'Content-Type': 'application/json',
		'OCS-APIRequest': 'true',
	},
	body: JSON.stringify({
		path: pathToYourFile,
		shareType: 3, // check out nextcloud docs for a list of supported share types. The most common one is 3.
		password: shareFilePassword,
		expireDate: expireDate ? expireDate.toISOString() : null,
	}),
})