How do you make new DocsAPI.DocEditor(...) create the security token?

joshjava · 7 October 2022 19:37

I am trying to use the code below to have Document Server open a docx on my Tomcat server that is running this code. And it attempts to open the editor but a popup comes up “The document security token is not correctly formed.” I can see in the log that Document Server is receiving a empty string as the token. But I have put the key for creating the token in the code below. What more is needed to create the token? (Note, I did not edit web-apps/apps/api/documents/api.js any but kept it as it was in the initial install.)

<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>JSP Page</title>
        <script type="text/javascript" src="http://192.168.126.129/web-apps/apps/api/documents/api.js"></script>
    </head>
    <body>
        <h1>document test</h1>
        
        <div id="placeholder"></div>
        
    </body>
<script>
new DocsAPI.DocEditor("placeholder", {
    "document": {
        "fileType": "docx",
        "key": "dmyiVmPB7VWc",
        "title": "Example Document Title.docx",
        "url": "http://mydomain:8080/docx/doc1.docx"
    },
    "documentType": "word",
    "editorConfig": {
        "callbackUrl": "http://mydomain:8080/docx/save.jsp"
    }
});
</script>
</html>

Alexandre · 10 October 2022 14:51

Hello @joshjava
Your config doesn’t contain token. Please take a look at these titles:
https://api.onlyoffice.com/editors/config/#token
https://api.onlyoffice.com/editors/signature/browser#open

So, it should look like this:

{
    "document": {
        "fileType": "docx",
        "key": "dmyiVmPB7VWc",
        "title": "Example Document Title.docx",
        "url": "http://mydomain:8080/docx/doc1.docx"
    },
    "documentType": "word",
    "editorConfig": {
        "callbackUrl": "http://mydomain:8080/docx/save.jsp"
    },
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkb2N1bWVudCI6eyJmaWxlVHlwZSI6ImRvY3giLCJrZXkiOiJkbXlpVm1QQjdWV2MiLCJ0aXRsZSI6IkV4YW1wbGUgRG9jdW1lbnQgVGl0bGUuZG9jeCIsInVybCI6Imh0dHA6Ly9teWRvbWFpbjo4MDgwL2RvY3gvZG9jMS5kb2N4In0sImRvY3VtZW50VHlwZSI6IndvcmQiLCJlZGl0b3JDb25maWciOnsiY2FsbGJhY2tVcmwiOiJodHRwOi8vbXlkb21haW46ODA4MC9kb2N4L3NhdmUuanNwIn19.s8AjLr37XFgg9q46ogE8hBpV-leEd-4Fb9xSVdioWFs"
}

joshjava · 10 October 2022 20:54

Ok, so apparently you are expecting an entire json document to be stored in the JWT, per ONLYOFFICE Api Documentation - Signature And you have to duplicate the javascript config with the JWT claims. Finally got the JWT working. But now I get an error that it can’t save the document.

I’m guessing this is due to using the save callback url as my own server rather than a url on the Document Server.

"callbackUrl": "http://mydomain:8080/docx/save.jsp",

Either this is not allowed, or I need to return something specific in that page to claim I save the file?

Alexandre · 12 October 2022 07:19

As for save issue, please provide us with details (error screenshot and Document server logs). We have information about how to run Save process here, please take a look at it: ONLYOFFICE Api Documentation - Saving File