Upload file trought JAVA with bonita rest API

Helo,

I’m trying to upload file in bonita to create a ‘bonita temporaly file’.
The url is : http://:/bonita/portal/resource/process///API/formFileUpload
To execute this call, we need to be connect and add bonita token and bonita cookie in the POST call.
So, i’m trying to do it like that ( with OKHttp ):

OkHttpClient client = new OkHttpClient();

MediaType mediaType = MediaType.parse("multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW");
RequestBody body = RequestBody.create(mediaType, file);
Request.Builder requestBuilder = new Request.Builder()
	.url("http://<server>:<port>/bonita/portal/resource/process/<process>/<verrsion>/API/formFileUpload")
	.post(body)
	.addHeader("Content-Type", "multipart/form-data")
	.addHeader("Accept", "application/json")
	.addHeader("X-Bonita-API-Token", authenticationService.extractBonitaTokenFromCookie(authenticationResult))
	.addHeader("cache-control", "no-cache");

for (String aa :
	authenticationResult.getHeaders().get("Set-Cookie")) {
	requestBuilder.addHeader("Cookie", aa);
}

Request request = requestBuilder
	.build();
Response response = client.newCall(request).execute();
ResponseBody result = response.body();

authenticationResult.getHeaders().get(“Set-Cookie”) contain a list with:

  • JSESSIONID=6ECBA8154F52E34C796FBAB2569702C5; path=/bonita;
  • bonita.tenant=1;
  • X-Bonita-API-Token=321a90a4-dce9-4b5e-ab00-97f7ee2aded0;

When i’m doing that, i have an HTTP-200 but nothing in my body.
And when i’m doing this in Postman, i’ve got a response like:
{"filename":"Shema.docx","tempPath":"tmp_7955574425971529233.docx","contentType":"application\/vnd.openxmlformats-officedocument.wordprocessingml.document"}

I need to do this in order to instantiate a form.

Someone can help me ?

Hello,
My case is a little different. I try to start a process which has a contract defining a document (defined at pool and lane levels). The actor is defined. It works perfect through the portal forms but I can’t manage to trigger the process through the REST API. I studied the URLs used by the forms but they are not using the REST bpm/case API. So I am stuck…
Regards
GB

Hello,

I am not familiar with OKHttp but given the response you get (200 with nothing in the body), my guess would be that the content of the file is not sent or rather not sent as Multipart.
Maybe you need to use OKHttp’s MultipartBuilder rather tan RequestBuilder.

Hope that helps

Hello
Thanks you for the recommendation on multipart builder. I have managed to make a python client which (almost) makes a similar request to those of the portal during file upload. However I still have the 401 error :frowning:
Using Wireshark to analyze the http frame emitted by the Bonital Portal upload web page, I see an additional multipart with name “CSRFToken”. My Python programmatic client doesn’t generate this information, that may explain the auth failure.

Here is a copy of the Wireshark capture (this copy doesn’t show all the frame) :

Frame 1748: 61712 bytes on wire (493696 bits), 61712 bytes captured (493696 bits) on interface 0
Ethernet II, Src: 00:00:00_00:00:00 (00:00:00:00:00:00), Dst: 00:00:00_00:00:00 (00:00:00:00:00:00)
Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1
Transmission Control Protocol, Src Port: 57004, Dst Port: 8080, Seq: 799105, Ack: 943605, Len: 61646
[20 Reassembled TCP Segments (847813 bytes): #1724(32768), #1725(32768), #1727(32768), #1728(32768), #1730(32768), #1731(32768), #1732(32768), #1733(32768), #1734(32768), #1735(32768), #1736(32768), #1737(32768), #1738(32768), #1739(32768),]
Hypertext Transfer Protocol
    POST /bonita/portal/resource/process/Pool/1.0/API/formFileUpload HTTP/1.1\r\n
    Host: localhost:8080\r\n
    User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0\r\n
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n
    Accept-Language: fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3\r\n
    Accept-Encoding: gzip, deflate\r\n
    Content-Type: multipart/form-data; boundary=---------------------------208020274213277501077135792\r\n
    Content-Length: 847019\r\n
    Connection: keep-alive\r\n
    Referer: http://localhost:8080/bonita/portal/resource/process/Pool/1.0/content/?id=7785025166048348716&autoInstantiate=false\r\n
    Cookie: bonita.tenant=1; BOS_Locale=en; JSESSIONID=61FE0F106DFDC55EDB87147C71686F32; X-Bonita-API-Token=47a4f1d9-f90e-41bd-b926-cde3425f5050\r\n
    Upgrade-Insecure-Requests: 1\r\n
    \r\n
    [Full request URI: http://localhost:8080/bonita/portal/resource/process/Pool/1.0/API/formFileUpload]
    [HTTP request 22/22]
    [Prev request in frame: 1701]
    [Response in frame: 1753]
    File Data: 847019 bytes
MIME Multipart Media Encapsulation, Type: multipart/form-data, Boundary: "---------------------------208020274213277501077135792"
    [Type: multipart/form-data]
    First boundary: -----------------------------208020274213277501077135792\r\n
    Encapsulated multipart part:  (application/pdf)
    Boundary: \r\n-----------------------------208020274213277501077135792\r\n
    Encapsulated multipart part: 
        Content-Disposition: form-data; name="CSRFToken"\r\n\r\n
        Data (36 bytes)
    Last boundary: \r\n-----------------------------208020274213277501077135792--\r\n

What is the “Content-Disposition: form-data; name=“CSRFToken”\r\n\r\n” ?
The 36 bytes seem random.
I wonder how to calculate this CSRFToken which I guess is generated from X-Bonita-API-Token and the frame content…
Can anybody explain that ?
Thanks a lot.
GB

Hello,
I have the same problem. I saw another question on this issue, without clear answer on what to do. However, you can find demos on document manipulation and upload on the Bonita Github. https://github.com/Bonitasoft-Community/file-upload-download-example/releases
After a few adaptation, you can see that demonstration works. But actually, it doesn’t explain how to trigger a process with a document upload (linked to the process Contract). If anybody has a clear explanation on that, it would be of great help.
Thanks
GB

Hi,
I have allready do that job in process.
Now, i just want to do the same job with JAVA API only.
In my case, i have a bonita process with an initialisation form who contain a file (Document).
So i want to initialise my process trough a JAVA API for including the process initialisation to my web application.

Ok, thx for the reply.
I will try that when i will have a time.
Regards

Hi,
You indeed need to pass the CSRF token in the request.
For the files upload it is expected to be present as one of the form data of the request (contrary to the REST API which expects it in the request headers).
The name of this form-data needs to be “CSRFToken” and the value, the content of the X-Bonita-API-Token cookie.
HTH