Ran into some token issues, first below is the process:
-
get the onlyoffice service in docker again using the command
docker run -i -t -d -p 8787:80 --restart=always -e JWT_ENABLED=false onlyoffice/documentserver:7.5.0 -dns 8.8.8.8
-
Manually configure the token configuration file as follows:
① Enable token authentication for outgoing requests.
② Set the key for outgoing requests.
③ Set the transmission request in , inBody = false
The specific configuration is as follows:
{
“services”: {
“CoAuthoring”: {
“request-filtering-agent”: {
“allowPrivateIPAddress”: true,
“allowMetaIPAddress”: true
},
“sql”: {
“type”: “postgres”,
“dbHost”: “localhost”,
“dbPort”: “5432”,
“dbName”: “onlyoffice”,
“dbUser”: “onlyoffice”,
“dbPass”: “onlyoffice”
},
“token”: {
“enable”: {
“request”: {
“inbox”: false,
“outbox”: true
},
“browser”: false
},
“inbox”: {
“header”: “Authorization”,
“inBody”: false
},
“outbox”: {
“header”: “TOKEN”,
“inBody”: false
}
},
“secret”: {
“inbox”: {
“string”: “iaernYcofSqMfvseceUBQdS2jnh7RZZd”
},
“outbox”: {
“string”: “iaernYcofSqMfvseceUBQdS2jnh7RZZd”
},
“session”: {
“string”: “iaernYcofSqMfvseceUBQdS2jnh7RZZd”
}
}
}
},
“rabbitmq”: {
“url”: “amqp://guest:guest@localhost”
},
“storage”: {
“fs”: {
“secretString”: “EpFwrLvCKOUi1enaLl8j”
}
}
}
Based on the above configuration information, the following issues were encountered:
- when requesting “url”: “https://example.com/url-to-example-document.docx” file address, the header does not contain the token.
- when requesting “url”: “https://example.com/url-to-document-changes.zip” attachment address, the header does not contain the token.
- When requesting callbackUrl, the token is included in the header, but the token information also appears in the body, because the “inBody”: false I set should not appear in the body.
According to the document “ONLYOFFICE Api Documentation - Signature”, outgoing requests should all carry the token information in the header, but now problem 1 and problem 2 do not carry the token, how to solve this problem? ?
