Hi,
I'm developing a native android app with NetWeaver Gateway, OData sdk, SMP 3.0 SP 04 y SMP sdk SP05. I'm trying to execute a batch request from android with store concept so, I make a read request first, with a created batchItem (which is working on the rest client as on android, both return a satus 200 Ok. Img 1. for GET Method in rest Client) for the store object to gets the CSRF-Token, then I create an entity, assign its properties and create a batchItem2, to execute the batch request but with the same store object. I've read that with OnlineStore concept you don't need to manually set the X-CSRF-Token header, that store autmatically from request #1 (read request) gets it and the pass it to the second request (post request). I'll post a part of my code so anyone can tell me what I'm doing wrong or if the concept is bad an I really have to get the CSRF token manually an then put the X-CSRF-Token header manually.
Img 1. GET Method. 200 Ok.
Img 2. POST Method. 202 Accepted. And every changeset gets a 201 Created.
In my android code I have, based on the following two blogs: https://scn.sap.com/thread/3732019 on the answers of Former Member, Former Member, @Jitendra Kansal, and the @Claudia Pacheco's Sending batch request using SMP 3.0 SDK for Android blog.
StoreOpenListener openListener = StoreOpenListener.getInstance();
OnlineODataStore store = openListener.getStore();
ODataRequestParamBatch requestParamBatch = new ODataRequestParamBatchDefaultImpl();
ODataEntity newEntity = new ODataEntityDefaultImpl("MY_SERVICE_SRV.MarcacionImprMat");
newEntity.getProperties().put("IPedido", new ODataPropertyDefaultImpl("IPedido", "333333"));
newEntity.getProperties().put("Maktx", new ODataPropertyDefaultImpl("Maktx", "123 Main street"));
// Create batch item for GET Method
ODataRequestParamSingle batchItem = new ODataRequestParamSingleDefaultImpl();
batchItem.setResourcePath("MarcacionImprMatSet(Matnr='123456',IUsuario='READ_GW')");
batchItem.setMode(ODataRequestParamSingle.Mode.Read);
batchItem.setCustomTag("Read operation");
// Add batch item to batch request
requestParamBatch.add(batchItem);
ODataResponse oDataResponse = store.executeRequest(batchItem); //The response is 200 Ok
// Create batch item for POST method
ODataRequestParamSingle batchItem2 = new ODataRequestParamSingleDefaultImpl();
// Allocate OData Entity
batchItem2.setResourcePath("MarcacionImprMatSet(Matnr='123456',IUsuario='READ_GW')");
batchItem2.setMode(ODataRequestParamSingle.Mode.Create);
batchItem2.setCustomTag("Create operation");
batchItem2.setPayload(newEntity);
// // Add headers
Map<String, String> createHeaders = new HashMap<String, String>();
createHeaders.put("content-type", "multipart/mixed; boundary=batch");
batchItem2.setOptions(createHeaders);
// // Create change set
ODataRequestChangeSet changeSetItem = new ODataRequestChangeSetDefaultImpl();
// // Add batch item to change set.
// // You can add more batch items to the same change set as long as they are CUD operations
changeSetItem.add(batchItem2);
// // Add batch item to batch request
requestParamBatch.add(changeSetItem);
// Send request synchronously
oDataResponse = store.executeRequest(requestParamBatch);
// Check http status response for batch request.
// Status code should be "202 Accepted"
Map<ODataResponse.Headers, String> headerMap = oDataResponse.getHeaders(); //Here the response is 403 Forbidden.
if (headerMap != null) {
String code = headerMap.get(ODataResponse.Headers.Code);
}
If I send a POST request from Advanced Rest Client without the X-CSRF-TOKEN header or empty it gives me the 403 Forbidden error and says that is "csrf token validation failed". So I think that, that's the source of the problem.
Thanks in advance.
Best regards.
--
Ana Velásquez