OneTime Token for downloads

2022-01-25 13:03:41 +02:00 · 2022-01-25 13:03:41 +02:00 · bbcf15e89f
commit bbcf15e89f
parent d1304449e2
3 changed files with 10 additions and 11 deletions
--- a/apps/red-ui/src/app/modules/upload-download/services/file-download.service.ts
+++ b/apps/red-ui/src/app/modules/upload-download/services/file-download.service.ts
@ -7,7 +7,7 @@ import {
    IPrepareDownloadRequest,
    IRemoveDownloadRequest,
 } from '@red/domain';
-import { Observable } from 'rxjs';
+import { firstValueFrom, Observable } from 'rxjs';
 import { ConfigService } from '@services/config.service';
 import { map, switchMap, tap } from 'rxjs/operators';
 import { KeycloakService } from 'keycloak-angular';
@ -44,12 +44,9 @@ export class FileDownloadService extends EntitiesService<DownloadStatus, IDownlo
    }

    async performDownload(status: DownloadStatus) {
+        const token = await firstValueFrom(this.generateToken(status.storageId));
        const anchor = document.createElement('a');
-        anchor.href = `${this._configService.values.API_URL}/async/download?storageId=${encodeURIComponent(status.storageId)}`;
-        if (!this._configService.values.USE_SESSION_FOR_DOWNLOAD) {
-            const token = await this._keycloakService.getToken();
-            anchor.href = anchor.href + `&access_token=${encodeURIComponent(token)}`;
-        }
+        anchor.href = `${this._configService.values.API_URL}/async/download/${token.value}`;
        anchor.download = status.filename;
        anchor.target = '_blank';

@ -63,6 +60,11 @@ export class FileDownloadService extends EntitiesService<DownloadStatus, IDownlo
        return this._post(body, `${this._defaultModelPath}/prepare`);
    }

+    @Validate()
+    generateToken(@RequiredParam() storageId: string): Observable<{ value: string }> {
+        return this._post<{ value: string }>({ value: storageId }, `${this._defaultModelPath}/generate-ott`);
+    }
+
    @Validate()
    delete(@RequiredParam() body: IRemoveDownloadRequest): Observable<unknown> {
        return super._post(body, `${this._defaultModelPath}/delete`);
--- a/apps/red-ui/src/assets/config/config.json
+++ b/apps/red-ui/src/assets/config/config.json
@ -19,6 +19,5 @@
  "OAUTH_IDP_HINT": null,
  "OAUTH_URL": "https://dev-04.iqser.cloud/auth/realms/redaction",
  "RECENT_PERIOD_IN_HOURS": 24,
-  "SELECTION_MODE": "structural",
-  "USE_SESSION_FOR_DOWNLOAD": false
+  "SELECTION_MODE": "structural"
 }
--- a/docker/red-ui/docker-entrypoint.sh
+++ b/docker/red-ui/docker-entrypoint.sh
@ -24,7 +24,6 @@ OAUTH_URL="${OAUTH_URL:-/auth}"
 RECENT_PERIOD_IN_HOURS="${RECENT_PERIOD_IN_HOURS:-24}"
 SELECTION_MODE="${SELECTION_MODE:-structural}"

-USE_SESSION_FOR_DOWNLOAD="${USE_SESSION_FOR_DOWNLOAD:-false}"


 echo '{
@ -47,8 +46,7 @@ echo '{
          "OAUTH_IDP_HINT":"'"$OAUTH_IDP_HINT"'",
          "OAUTH_URL":"'"$OAUTH_URL"'",
          "RECENT_PERIOD_IN_HOURS":'"$RECENT_PERIOD_IN_HOURS"',
-          "SELECTION_MODE":"'"$SELECTION_MODE"'",
-          "USE_SESSION_FOR_DOWNLOAD":'"$USE_SESSION_FOR_DOWNLOAD"'
+          "SELECTION_MODE":"'"$SELECTION_MODE"'"
       }' > /usr/share/nginx/html/ui/assets/config/config.json

 echo 'Env variables: '