У меня есть Javascript приложение, генерирующее XML и отправляющее его в REST API. API ожидает тип контента: application / xml. Я попытался прикрепить XML к запросам в разных форматах:
import {create} from 'xmlbuilder2';
const rawXML = '<?xml version="1.0" encoding="UTF-8"?><TokenExchangeRequest xmlns="http://schemas.nav.gov.hu/OSA/2.0/api"><header><requestId>202003201315421</requestId><timestamp>2020-03-20T13:15:42.941Z</timestamp><requestVersion>2.0</requestVersion><headerVersion>1.0</headerVersion></header><user><login>vbdznuownd8murm</login><passwordHash>D6CD2AF6CD5912B800EC3050477E788C84804800A0235E93C7B47A436FD730504BFC979F44EB4C745F2968FE35772E1193F95BDC8DDFDC998A18C7E9E9718F28</passwordHash><taxNumber>66604093</taxNumber><requestSignature>EE265DA5AC4ADA7BBAD2D15581AA230CE50C90D9B7075814866BD43E92B30BCC0E52BA8355E0A09AB38F33D5EF7B502983ACBC5E42532C5EB8479BFDE5031AD2</requestSignature></user><software><softwareId>123456789123456789</softwareId><softwareName>placeholder</softwareName><softwareOperation>LOCAL_SOFTWARE</softwareOperation><softwareMainVersion>placeholder</softwareMainVersion><softwareDevName>placeholder</softwareDevName><softwareDevContact>placeholder</softwareDevContact><softwareDevCountryCode>HU</softwareDevCountryCode><softwareDevTaxNumber>placeholder</softwareDevTaxNumber></software></TokenExchangeRequest>'
let parser = new DOMParser();
let parserXML = parser.parseFromString(rawXML, "application/xml");
let xmlbuilderXML = create(rawXML);
fetch('https://api-test.onlineszamla.nav.gov.hu/invoiceService/v2/tokenExchange', {
method: 'POST', // *GET, POST, PUT, DELETE, etc.
mode: 'no-cors', // no-cors, *cors, same-origin
cache: 'no-cache', // *default, no-cache, reload, force-cache, only-if-cached
credentials: 'same-origin', // include, *same-origin, omit
headers: {
'Content-Type': 'application/xml',
'accept': 'application/xml'
// 'Content-Type': 'application/x-www-form-urlencoded',
},
redirect: 'follow', // manual, *follow, error
referrerPolicy: 'no-referrer', // no-referrer, *client
body: rawXML // body data type must match "Content-Type" header
});
Ответ, который я получаю:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><GeneralExceptionResponse xmlns="http://schemas.nav.gov.hu/OSA/2.0/api" xmlns:ns2="http://schemas.nav.gov.hu/OSA/2.0/data"><funcCode>ERROR</funcCode><errorCode>OPERATION_FAILED</errorCode><message>RESTEASY003065: Cannot consume content type</message></GeneralExceptionResponse>
Когда я пытаюсь сделать тот же звонок от Почтальона с необработанная строка в качестве тела xml, сервер может проанализировать ее и отправить соответствующий ответ:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<GeneralErrorResponse xmlns="http://schemas.nav.gov.hu/OSA/2.0/api" xmlns:ns2="http://schemas.nav.gov.hu/OSA/2.0/data">
<result>
<funcCode>ERROR</funcCode>
<errorCode>INVALID_REQUEST</errorCode>
<message>Helytelen kérés!</message>
</result>
<technicalValidationMessages>
<validationResultCode>ERROR</validationResultCode>
<validationErrorCode>SCHEMA_VIOLATION</validationErrorCode>
<message>Request body contains error: [cvc-pattern-valid: Value 'login' is not facet-valid with respect to pattern '[a-zA-Z0-9]{6,15}' for type 'LoginType'.]</message>
</technicalValidationMessages>
<technicalValidationMessages>
<validationResultCode>ERROR</validationResultCode>
<validationErrorCode>SCHEMA_VIOLATION</validationErrorCode>
<message>Field [login] contains error: [cvc-type.3.1.3: The value 'login' of element 'login' is not valid.]</message>
</technicalValidationMessages>
<technicalValidationMessages>
<validationResultCode>ERROR</validationResultCode>
<validationErrorCode>SCHEMA_VIOLATION</validationErrorCode>
<message>Request body contains error: [cvc-pattern-valid: Value '' is not facet-valid with respect to pattern '[0-9A-F]{128}' for type 'Sha512HashType'.]</message>
</technicalValidationMessages>
<technicalValidationMessages>
<validationResultCode>ERROR</validationResultCode>
<validationErrorCode>SCHEMA_VIOLATION</validationErrorCode>
<message>Field [passwordHash] contains error: [cvc-type.3.1.3: The value '' of element 'passwordHash' is not valid.]</message>
</technicalValidationMessages>
<technicalValidationMessages>
<validationResultCode>ERROR</validationResultCode>
<validationErrorCode>SCHEMA_VIOLATION</validationErrorCode>
<message>Request body contains error: [cvc-pattern-valid: Value '' is not facet-valid with respect to pattern '[0-9A-F]{128}' for type 'Sha512HashType'.]</message>
</technicalValidationMessages>
<technicalValidationMessages>
<validationResultCode>ERROR</validationResultCode>
<validationErrorCode>SCHEMA_VIOLATION</validationErrorCode>
<message>Field [requestSignature] contains error: [cvc-type.3.1.3: The value '' of element 'requestSignature' is not valid.]</message>
</technicalValidationMessages>
</GeneralErrorResponse>
Здесь ОШИБКА означает, что сервер ПАРАСИРОВАЛ xml и определил, что данные ВНУТРИ XML недостаточно. Это связано с тем, что правильный запрос будет содержать конфиденциальные данные, которыми я не буду делиться по понятным причинам.
Коллекция почтальонов:
{
"info": {
"_postman_id": "9e2f2870-d35b-45b0-8d35-a81d190a8679",
"name": "NAV",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "tokenExchange",
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"name": "Content-Type",
"value": "application/xml",
"type": "text"
},
{
"key": "accept",
"value": "application/xml",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<TokenExchangeRequest xmlns=\"http://schemas.nav.gov.hu/OSA/2.0/api\">\n <header>\n <requestId>202003201315421</requestId>\n <timestamp>2020-03-20T13:15:42.941Z</timestamp>\n <requestVersion>2.0</requestVersion>\n <headerVersion>1.0</headerVersion>\n </header>\n <user>\n <login>login</login>\n <passwordHash></passwordHash>\n <taxNumber>12345678</taxNumber>\n <requestSignature></requestSignature>\n </user>\n <software>\n <softwareId>123456789123456789</softwareId>\n <softwareName>placeholder</softwareName>\n <softwareOperation>LOCAL_SOFTWARE</softwareOperation>\n <softwareMainVersion>placeholder</softwareMainVersion>\n <softwareDevName>placeholder</softwareDevName>\n <softwareDevContact>placeholder</softwareDevContact>\n <softwareDevCountryCode>HU</softwareDevCountryCode>\n <softwareDevTaxNumber>placeholder</softwareDevTaxNumber>\n </software>\n</TokenExchangeRequest>",
"options": {
"raw": {
"language": "xml"
}
}
},
"url": {
"raw": "https://api-test.onlineszamla.nav.gov.hu/invoiceService/v2/tokenExchange",
"protocol": "https",
"host": [
"api-test",
"onlineszamla",
"nav",
"gov",
"hu"
],
"path": [
"invoiceService",
"v2",
"tokenExchange"
]
}
},
"response": []
}
],
"protocolProfileBehavior": {}
}
Как мне прикрепить XML к запросу в код?
РЕДАКТИРОВАТЬ:
Ответ, если я вынуть "mode: cors" из заголовка запроса:
<html><head><meta http-equiv='content-type' content='text/html;charset=utf-8'><title>400 Bad Request</title></head><body text=#000000 bgcolor=#ffffff><H1>400 Bad Request</H1></BR>An HTTP protocol violation was detected and your request was denied.</BR>SessionID: aZYz1fRA::02<BR>Date: 2020-03-20 09:05:33</body></html>
и консоли :
Failed to load https://api-test.onlineszamla.nav.gov.hu/invoiceService/v2/tokenExchange: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:9080' is therefore not allowed access. The response had HTTP status code 400. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.