Missing 'Authorization' header when download file
Opened this issue · 2 comments
<LinkButton
style={{ textDecoration: 'none' }}
variant="outlined"
title={`Download ${objectInfo.downloadName}`}
to={objectInfo.downloadUrl}
download={objectInfo.downloadName}
>
When click this linkbutton, the Authorization didn't set into the header. It will return 401 on production env
{
"error": {
"name": "AuthenticationError",
"message": "Missing 'Authorization' header in request"
},
"request": {
"method": "GET",
"url": "[/stream/test/report%2Fscan_20_report.html?endpoint=test-report](https://portal.8293f99d.nip.io/stream/test/report%2Fscan_20_report.html?endpoint=test-report)"
},
"response": {
"statusCode": 401
}
}
@ivangonzalezacuna, could you have a look at this? As far as I can tell the button definitely works for us internally.
This is definitely working for us. All the requests from the backend can easily add the Authorization header, however, to make it work for the frontend there's something required. The steps are explained here: https://github.com/spreadshirt/backstage-plugin-s3/tree/main/plugins/s3-viewer-backend#permissions-setup. Have you added that @zhongqishi12?
If you follow those steps a new cookie called s3_viewer_token is added to all the requests, and the middleware will inject that header to the s3-viewer requests if the Authorization is not found, which is what happens when you click that Button in the UI.
Please, let me know if adding that fixes the issue, otherwise I'll investigate what is missing.