Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HARMONY-1938: Update code to omit Authorization header when redirected to a presigned S3 URL #55

Merged
merged 1 commit into from
Dec 10, 2024
Merged

HARMONY-1938: Update code to omit Authorization header when redirected to a presigned S3 URL #55

merged 1 commit into from
Dec 10, 2024

Conversation

chris-durbin
Copy link
Contributor

Jira Issue ID

HARMONY-1938

Description

The latest service library changes were not working when attempting to download a file that resulted in a redirect to a pre-signed S3 URL. The issue was that the Authorization header with the EDL bearer token was being sent to the redirect location which had conflicting query parameters (Signature and X-Amz-Algorithm indicate a different authorization method).

Now the library will pass in the Authorization header unless one of those query parameters is present in the request.

Local Test Steps

This cannot be tested locally - it needs to be tested in an AWS environment.

  1. Build the harmony-service-example service using the service library in this branch.
  2. Push the image to your sandbox (use a tag other than latest so that it does not conflict with the image used for the main sandbox).
  3. Submit a request {root_lb_url}/C1233800302-EEDTEST/ogc-api-coverages/1.0.0/collections/blue_var/coverage/rangeset?subset=lat(20%3A60)&subset=lon(-140%3A-50)&granuleId=G1233800343-EEDTEST&outputCrs=EPSG%3A31975&format=image%2Fpng
  4. Verify it completes successfully (meaning the bearer token was passed in properly in the Authorization header to the correct endpoints, but omitted from the presigned S3 URL redirect).

You can currently see the broken behavior in the Harmony SIT environment with https://harmony.sit.earthdata.nasa.gov/C1233800302-EEDTEST/ogc-api-coverages/1.0.0/collections/blue_var/coverage/rangeset?subset=lat(20%3A60)&subset=lon(-140%3A-50)&granuleId=G1233800343-EEDTEST&outputCrs=EPSG%3A31975&format=image%2Fpng

PR Acceptance Checklist

  • Acceptance criteria met
  • Tests added/updated (if needed) and passing
  • Documentation updated (if needed)

@chris-durbin
HARMONY-1938: Change to send authorization header with EDL bearer tok…
46c73d8 
…en for any endpoint unless the request includes one of the AWS query parameters indicating a presigned S3 URL.
indiejames
indiejames approved these changes Dec 10, 2024
View reviewed changes
Copy link
Contributor

@indiejames indiejames left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested in sandbox

@chris-durbin chris-durbin merged commit 37467f1 into main Dec 10, 2024
12 checks passed
@chris-durbin chris-durbin deleted the harmony-1938-2 branch December 10, 2024 16:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ygliuvt ygliuvt ygliuvt approved these changes

@indiejames indiejames indiejames approved these changes

@vinnyinverso vinnyinverso Awaiting requested review from vinnyinverso

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@chris-durbin @indiejames @ygliuvt