From 864e007cb30d73941c21540dc44eb755001257da Mon Sep 17 00:00:00 2001 From: Armin Friedl Date: Tue, 21 Jul 2020 22:01:37 +0200 Subject: [PATCH] Artifact download --- .../security/FlingWebSecurityConfigurer.java | 1 + .../filter/TokenAuthenticationFilter.java | 2 +- web/fling/package-lock.json | 2 +- .../src/components/admin/FlingArtifacts.jsx | 31 ++++++++----------- web/fling/src/util/fc.js | 4 +-- 5 files changed, 18 insertions(+), 22 deletions(-) diff --git a/service/fling/src/main/java/net/friedl/fling/security/FlingWebSecurityConfigurer.java b/service/fling/src/main/java/net/friedl/fling/security/FlingWebSecurityConfigurer.java index fe6ed9d..03c2da2 100644 --- a/service/fling/src/main/java/net/friedl/fling/security/FlingWebSecurityConfigurer.java +++ b/service/fling/src/main/java/net/friedl/fling/security/FlingWebSecurityConfigurer.java @@ -52,6 +52,7 @@ public class FlingWebSecurityConfigurer extends WebSecurityConfigurerAdapter { http .csrf().disable() .cors(withDefaults()) + .headers().frameOptions().disable().and() /**********************************************/ /** Authentication Interceptor Configuration **/ diff --git a/service/fling/src/main/java/net/friedl/fling/security/authentication/filter/TokenAuthenticationFilter.java b/service/fling/src/main/java/net/friedl/fling/security/authentication/filter/TokenAuthenticationFilter.java index 5650c05..c1dd233 100644 --- a/service/fling/src/main/java/net/friedl/fling/security/authentication/filter/TokenAuthenticationFilter.java +++ b/service/fling/src/main/java/net/friedl/fling/security/authentication/filter/TokenAuthenticationFilter.java @@ -30,7 +30,7 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter { protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { - String derivedToken = request.getParameter("derivedtoken"); + String derivedToken = request.getParameter("derivedToken"); if (derivedToken == null) { log.info("No derived token in request for {} {}{}", request.getMethod(), request.getRequestURL(), diff --git a/web/fling/package-lock.json b/web/fling/package-lock.json index b577473..d3a5315 100644 --- a/web/fling/package-lock.json +++ b/web/fling/package-lock.json @@ -1129,7 +1129,7 @@ "@fling/flingclient": { "version": "0.1.0-snapshot", "resolved": "https://nexus.friedl.net/repository/npm-private/@fling/flingclient/-/flingclient-0.1.0-snapshot.tgz", - "integrity": "sha512-L7csowwIzJx6A3Jgm/ejrgoClPyTimrMGM2ezChklgV/FI/4OJAuk3eYJ8IM9rkT59/Zm4B8z6xmM4GOquuncQ==", + "integrity": "sha512-P3JWlmnaYYpj5xS5EFp94OVZXSG9lJbraKlQE4SHnTctxLv3OaR4XOaO7j/FJFygJ3KhOLqVi0x8gQQEDnlMBQ==", "requires": { "@babel/cli": "^7.0.0", "superagent": "3.7.0" diff --git a/web/fling/src/components/admin/FlingArtifacts.jsx b/web/fling/src/components/admin/FlingArtifacts.jsx index 8ceb7d3..ebe2684 100644 --- a/web/fling/src/components/admin/FlingArtifacts.jsx +++ b/web/fling/src/components/admin/FlingArtifacts.jsx @@ -2,36 +2,31 @@ import log from 'loglevel'; import React, { useState, useEffect, useRef } from 'react'; import { useSelector } from 'react-redux'; -import { ArtifactClient, FlingClient } from '../../util/fc'; +import { ArtifactClient, FlingClient, AuthClient } from '../../util/fc'; import { prettifyTimestamp } from '../../util/fn'; function FlingArtifactControl(props) { let iframeContainer = useRef(null); const artifactClient = new ArtifactClient(); + const authClient = new AuthClient(); function handleDelete(ev) { artifactClient.deleteArtifact(props.artifact.id) .then(() => props.reloadArtifactsFn()); } - function handleDownload(ev) { - artifactClient.downloadArtifactWithHttpInfo(props.artifact.id) - .then(response => { - log.info(response.headers); - var blob = new Blob([response.data], {type: response.type}); - if(window.navigator.msSaveOrOpenBlob) { - window.navigator.msSaveBlob(blob, response.name); - } - else{ - var elem = window.document.createElement('a'); - elem.href = window.URL.createObjectURL(blob); - elem.download = response.name; - document.body.appendChild(elem); - elem.click(); - document.body.removeChild(elem); - } - }); + authClient.deriveToken({ singleUse: true }) + .then(token => { + // We need this iframe hack because with a regular href, while + // the browser downloads the file fine, it also reloads the page, hence + // loosing all logs and state + let frame = document.createElement("iframe"); + let url = `${process.env.REACT_APP_API.replace(/\/+$/, '')}/api/artifacts/${props.artifact.id}/data?derivedToken=${token}`; + log.trace(`Generated download url: ${url}`); + frame.src = url; + iframeContainer.current.appendChild(frame); + }) } return ( diff --git a/web/fling/src/util/fc.js b/web/fling/src/util/fc.js index 905186a..b6d6051 100644 --- a/web/fling/src/util/fc.js +++ b/web/fling/src/util/fc.js @@ -25,8 +25,8 @@ function ArtifactClient(token) { return new fc.ArtifactApi(clientConfig(token)); } -function AuthClient() { - return new fc.AuthApi(clientConfig()); +function AuthClient(token) { + return new fc.AuthApi(clientConfig(token)); } export {FlingClient, ArtifactClient, AuthClient, fc};