@fluidframework/odsp-driver 2.0.0 → 2.0.2

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fluidframework/odsp-driver",
-  "version": "2.0.0",
+  "version": "2.0.2",
   "description": "Socket storage implementation for SPO and ODC",
   "homepage": "https://fluidframework.com",
   "repository": {
@@ -77,15 +77,15 @@
     "temp-directory": "nyc/.nyc_output"
   },
   "dependencies": {
-    "@fluid-internal/client-utils": "~2.0.0",
-    "@fluidframework/core-interfaces": "~2.0.0",
-    "@fluidframework/core-utils": "~2.0.0",
-    "@fluidframework/driver-base": "~2.0.0",
-    "@fluidframework/driver-definitions": "~2.0.0",
-    "@fluidframework/driver-utils": "~2.0.0",
-    "@fluidframework/odsp-doclib-utils": "~2.0.0",
-    "@fluidframework/odsp-driver-definitions": "~2.0.0",
-    "@fluidframework/telemetry-utils": "~2.0.0",
+    "@fluid-internal/client-utils": "~2.0.2",
+    "@fluidframework/core-interfaces": "~2.0.2",
+    "@fluidframework/core-utils": "~2.0.2",
+    "@fluidframework/driver-base": "~2.0.2",
+    "@fluidframework/driver-definitions": "~2.0.2",
+    "@fluidframework/driver-utils": "~2.0.2",
+    "@fluidframework/odsp-doclib-utils": "~2.0.2",
+    "@fluidframework/odsp-driver-definitions": "~2.0.2",
+    "@fluidframework/telemetry-utils": "~2.0.2",
     "node-fetch": "^2.6.9",
     "socket.io-client": "^4.7.3",
     "uuid": "^9.0.0"
@@ -93,7 +93,7 @@
   "devDependencies": {
     "@arethetypeswrong/cli": "^0.15.2",
     "@biomejs/biome": "^1.7.3",
-    "@fluid-internal/mocha-test-setup": "~2.0.0",
+    "@fluid-internal/mocha-test-setup": "~2.0.2",
     "@fluid-tools/build-cli": "^0.39.0",
     "@fluidframework/build-common": "^2.0.3",
     "@fluidframework/build-tools": "^0.39.0",

package/src/createFile.ts

@@ -28,7 +28,7 @@ import {
 } from "./createNewUtils.js";
 import { createOdspUrl } from "./createOdspUrl.js";
 import { EpochTracker } from "./epochTracker.js";
-import { getUrlAndHeadersWithAuth } from "./getUrlAndHeadersWithAuth.js";
+import { getHeadersWithAuth } from "./getUrlAndHeadersWithAuth.js";
 import { OdspDriverUrlResolver } from "./odspDriverUrlResolver.js";
 import { getApiRoot } from "./odspUrlHelper.js";
 import {
@@ -50,7 +50,7 @@ const isInvalidFileName = (fileName: string): boolean => {
  * Returns resolved url
  */
 export async function createNewFluidFile(
-	getStorageToken: InstrumentedStorageTokenFetcher,
+	getAuthHeader: InstrumentedStorageTokenFetcher,
 	newFileInfo: INewFileInfo,
 	logger: ITelemetryLoggerExt,
 	createNewSummary: ISummaryTree | undefined,
@@ -75,16 +75,10 @@ export async function createNewFluidFile(
 	let summaryHandle: string = "";
 	let shareLinkInfo: ShareLinkInfoType | undefined;
 	if (createNewSummary === undefined) {
-		itemId = await createNewEmptyFluidFile(
-			getStorageToken,
-			newFileInfo,
-			logger,
-			epochTracker,
-			forceAccessTokenViaAuthorizationHeader,
-		);
+		itemId = await createNewEmptyFluidFile(getAuthHeader, newFileInfo, logger, epochTracker);
 	} else {
 		const content = await createNewFluidFileFromSummary(
-			getStorageToken,
+			getAuthHeader,
 			newFileInfo,
 			logger,
 			createNewSummary,
@@ -163,11 +157,10 @@ function extractShareLinkData(
 }
 
 export async function createNewEmptyFluidFile(
-	getStorageToken: InstrumentedStorageTokenFetcher,
+	getAuthHeader: InstrumentedStorageTokenFetcher,
 	newFileInfo: INewFileInfo,
 	logger: ITelemetryLoggerExt,
 	epochTracker: EpochTracker,
-	forceAccessTokenViaAuthorizationHeader: boolean,
 ): Promise<string> {
 	const filePath = newFileInfo.filePath ? encodeURIComponent(`/${newFileInfo.filePath}`) : "";
 	// add .tmp extension to empty file (host is expected to rename)
@@ -177,17 +170,18 @@ export async function createNewEmptyFluidFile(
 	}/items/root:/${filePath}/${encodedFilename}:/content?@name.conflictBehavior=rename&select=id,name,parentReference`;
 
 	return getWithRetryForTokenRefresh(async (options) => {
-		const storageToken = await getStorageToken(options, "CreateNewFile");
+		const url = initialUrl;
+		const method = "PUT";
+		const authHeader = await getAuthHeader(
+			{ ...options, request: { url, method } },
+			"CreateNewFile",
+		);
 
 		return PerformanceEvent.timedExecAsync(
 			logger,
 			{ eventName: "createNewEmptyFile" },
 			async (event) => {
-				const { url, headers } = getUrlAndHeadersWithAuth(
-					initialUrl,
-					storageToken,
-					forceAccessTokenViaAuthorizationHeader,
-				);
+				const headers = getHeadersWithAuth(authHeader);
 				headers["Content-Type"] = "application/json";
 
 				const fetchResponse = await runWithRetry(
@@ -197,7 +191,7 @@ export async function createNewEmptyFluidFile(
 							{
 								body: undefined,
 								headers,
-								method: "PUT",
+								method,
 							},
 							"createFile",
 						),
@@ -225,7 +219,7 @@ export async function createNewEmptyFluidFile(
 }
 
 export async function createNewFluidFileFromSummary(
-	getStorageToken: InstrumentedStorageTokenFetcher,
+	getAuthHeader: InstrumentedStorageTokenFetcher,
 	newFileInfo: INewFileInfo,
 	logger: ITelemetryLoggerExt,
 	createNewSummary: ISummaryTree,
@@ -249,7 +243,7 @@ export async function createNewFluidFileFromSummary(
 
 	return createNewFluidContainerCore<ICreateFileResponse>({
 		containerSnapshot,
-		getStorageToken,
+		getAuthHeader,
 		logger,
 		initialUrl,
 		forceAccessTokenViaAuthorizationHeader,

package/src/createNewContainerOnExistingFile.ts

@@ -38,7 +38,7 @@ import { IExistingFileInfo, createCacheSnapshotKey } from "./odspUtils.js";
  * "alternative file partition" where the main File stub is an ASPX page.
  */
 export async function createNewContainerOnExistingFile(
-	getStorageToken: InstrumentedStorageTokenFetcher,
+	getAuthHeader: InstrumentedStorageTokenFetcher,
 	fileInfo: IExistingFileInfo,
 	logger: ITelemetryLoggerExt,
 	createNewSummary: ISummaryTree | undefined,
@@ -62,7 +62,7 @@ export async function createNewContainerOnExistingFile(
 
 	const { id: summaryHandle } = await createNewFluidContainerCore<IWriteSummaryResponse>({
 		containerSnapshot,
-		getStorageToken,
+		getAuthHeader,
 		logger,
 		initialUrl,
 		forceAccessTokenViaAuthorizationHeader,

package/src/createNewUtils.ts

@@ -31,7 +31,7 @@ import {
 	OdspSummaryTreeValue,
 } from "./contracts.js";
 import { EpochTracker, FetchType } from "./epochTracker.js";
-import { getUrlAndHeadersWithAuth } from "./getUrlAndHeadersWithAuth.js";
+import { getHeadersWithAuth } from "./getUrlAndHeadersWithAuth.js";
 import { getWithRetryForTokenRefresh, maxUmpPostBodySize } from "./odspUtils.js";
 import { runWithRetry } from "./retryUtils.js";
 
@@ -202,7 +202,7 @@ function convertSummaryToSnapshotTreeForCreateNew(summary: ISummaryTree): IOdspS
 
 export async function createNewFluidContainerCore<T>(args: {
 	containerSnapshot: IOdspSummaryPayload;
-	getStorageToken: InstrumentedStorageTokenFetcher;
+	getAuthHeader: InstrumentedStorageTokenFetcher;
 	logger: ITelemetryLoggerExt;
 	initialUrl: string;
 	forceAccessTokenViaAuthorizationHeader: boolean;
@@ -213,10 +213,9 @@ export async function createNewFluidContainerCore<T>(args: {
 }): Promise<T> {
 	const {
 		containerSnapshot,
-		getStorageToken,
+		getAuthHeader,
 		logger,
 		initialUrl,
-		forceAccessTokenViaAuthorizationHeader,
 		epochTracker,
 		telemetryName,
 		fetchType,
@@ -224,8 +223,6 @@ export async function createNewFluidContainerCore<T>(args: {
 	} = args;
 
 	return getWithRetryForTokenRefresh(async (options) => {
-		const storageToken = await getStorageToken(options, telemetryName);
-
 		return PerformanceEvent.timedExecAsync(
 			logger,
 			{ eventName: telemetryName },
@@ -235,31 +232,42 @@ export async function createNewFluidContainerCore<T>(args: {
 				let headers: { [index: string]: string };
 				let addInBody = false;
 				const formBoundary = uuid();
-				let postBody = `--${formBoundary}\r\n`;
-				postBody += `Authorization: Bearer ${storageToken}\r\n`;
-				postBody += `X-HTTP-Method-Override: POST\r\n`;
-				postBody += `Content-Type: application/json\r\n`;
-				postBody += `_post: 1\r\n`;
-				postBody += `\r\n${snapshotBody}\r\n`;
-				postBody += `\r\n--${formBoundary}--`;
+				const urlObj = new URL(initialUrl);
+				urlObj.searchParams.set("ump", "1");
+				const authInBodyUrl = urlObj.href;
+				const method = "POST";
+				const authHeader = await getAuthHeader(
+					{ ...options, request: { url: authInBodyUrl, method } },
+					telemetryName,
+				);
+				const postBodyWithAuth =
+					`--${formBoundary}\r\n` +
+					`Authorization: ${authHeader}\r\n` +
+					`X-HTTP-Method-Override: POST\r\n` +
+					`Content-Type: application/json\r\n` +
+					`_post: 1\r\n` +
+					`\r\n${snapshotBody}\r\n` +
+					`\r\n--${formBoundary}--`;
 
-				if (postBody.length <= maxUmpPostBodySize) {
-					const urlObj = new URL(initialUrl);
-					urlObj.searchParams.set("ump", "1");
-					url = urlObj.href;
+				let postBody = snapshotBody;
+				if (
+					postBodyWithAuth.length <= maxUmpPostBodySize &&
+					authHeader?.startsWith("Bearer")
+				) {
+					url = authInBodyUrl;
 					headers = {
 						"Content-Type": `multipart/form-data;boundary=${formBoundary}`,
 					};
 					addInBody = true;
+					postBody = postBodyWithAuth;
 				} else {
-					const parts = getUrlAndHeadersWithAuth(
-						initialUrl,
-						storageToken,
-						forceAccessTokenViaAuthorizationHeader,
+					url = initialUrl;
+					const authHeaderNoUmp = await getAuthHeader(
+						{ ...options, request: { url, method } },
+						telemetryName,
 					);
-					url = parts.url;
 					headers = {
-						...parts.headers,
+						...getHeadersWithAuth(authHeaderNoUmp),
 						"Content-Type": "application/json",
 					};
 					postBody = snapshotBody;
@@ -272,7 +280,7 @@ export async function createNewFluidContainerCore<T>(args: {
 							{
 								body: postBody,
 								headers,
-								method: "POST",
+								method,
 							},
 							fetchType,
 							addInBody,

package/src/fetchSnapshot.ts

@@ -45,7 +45,7 @@ import {
 } from "./contracts.js";
 import { EpochTracker } from "./epochTracker.js";
 import { getQueryString } from "./getQueryString.js";
-import { getUrlAndHeadersWithAuth } from "./getUrlAndHeadersWithAuth.js";
+import { getHeadersWithAuth } from "./getUrlAndHeadersWithAuth.js";
 import { convertOdspSnapshotToSnapshotTreeAndBlobs } from "./odspSnapshotParser.js";
 import {
 	IOdspResponse,
@@ -57,6 +57,7 @@ import {
 	measure,
 	measureP,
 	useLegacyFlowWithoutGroupsForSnapshotFetch,
+	type TokenFetchOptionsEx,
 } from "./odspUtils.js";
 import { pkgVersion } from "./packageVersion.js";
 
@@ -73,25 +74,19 @@ export enum SnapshotFormatSupportType {
 /**
  * Fetches a snapshot from the server with a given version id.
  * @param snapshotUrl - snapshot url from where the odsp snapshot will be fetched
- * @param token - token used for authorization in the request
- * @param storageFetchWrapper - Implementation of the get/post methods used to fetch the snapshot
  * @param versionId - id of specific snapshot to be fetched
  * @param fetchFullSnapshot - whether we want to fetch full snapshot(with blobs)
- * @param forceAccessTokenViaAuthorizationHeader - whether to force passing given token via authorization header
+ * @param forceAccessTokenViaAuthorizationHeader - @deprecated Not used, true value always used instead. Whether to force passing given token via authorization header
+ * @param snapshotDownloader - Implementation of the get/post methods used to fetch the snapshot. snapshotDownloader is responsible for generating the appropriate headers (including Authorization header) as well as handling any token refreshes before retrying.
  * @returns A promise of the snapshot and the status code of the response
  */
 export async function fetchSnapshot(
 	snapshotUrl: string,
-	// eslint-disable-next-line @rushstack/no-new-null
-	token: string,
 	versionId: string,
 	fetchFullSnapshot: boolean,
 	forceAccessTokenViaAuthorizationHeader: boolean,
 	logger: ITelemetryLoggerExt,
-	snapshotDownloader: (
-		url: string,
-		fetchOptions: { [index: string]: RequestInit },
-	) => Promise<IOdspResponse<unknown>>,
+	snapshotDownloader: (url: string) => Promise<IOdspResponse<unknown>>,
 ): Promise<ISnapshot> {
 	const path = `/trees/${versionId}`;
 	let queryParams: ISnapshotOptions = {};
@@ -101,17 +96,13 @@ export async function fetchSnapshot(
 	}
 
 	const queryString = getQueryString(queryParams);
-	const { url, headers } = getUrlAndHeadersWithAuth(
-		`${snapshotUrl}${path}${queryString}`,
-		token,
-		forceAccessTokenViaAuthorizationHeader,
-	);
+	const url = `${snapshotUrl}${path}${queryString}`;
 	const response = (await PerformanceEvent.timedExecAsync(
 		logger,
 		{
 			eventName: "fetchSnapshot",
 		},
-		async () => snapshotDownloader(url, { headers }),
+		async () => snapshotDownloader(url),
 	)) as IOdspResponse<IOdspSnapshot>;
 	return convertOdspSnapshotToSnapshotTreeAndBlobs(response.content);
 }
@@ -124,7 +115,8 @@ export async function fetchSnapshotWithRedeem(
 	logger: ITelemetryLoggerExt,
 	snapshotDownloader: (
 		finalOdspResolvedUrl: IOdspResolvedUrl,
-		storageToken: string,
+		getAuthHeader: InstrumentedStorageTokenFetcher,
+		tokenFetchOptions: TokenFetchOptionsEx,
 		loadingGroupIds: string[] | undefined,
 		snapshotOptions: ISnapshotOptions | undefined,
 		controller?: AbortController,
@@ -217,7 +209,7 @@ export async function fetchSnapshotWithRedeem(
 
 async function redeemSharingLink(
 	odspResolvedUrl: IOdspResolvedUrl,
-	storageTokenFetcher: InstrumentedStorageTokenFetcher,
+	getAuthHeader: InstrumentedStorageTokenFetcher,
 	logger: ITelemetryLoggerExt,
 	forceAccessTokenViaAuthorizationHeader: boolean,
 ): Promise<void> {
@@ -239,15 +231,16 @@ async function redeemSharingLink(
 			let redeemUrl: string | undefined;
 			async function callSharesAPI(baseUrl: string): Promise<void> {
 				await getWithRetryForTokenRefresh(async (tokenFetchOptions) => {
-					const storageToken = await storageTokenFetcher(tokenFetchOptions, "RedeemShareLink");
 					redeemUrl = `${baseUrl}/_api/v2.0/shares/${encodedShareUrl}`;
-					const { url, headers } = getUrlAndHeadersWithAuth(
-						redeemUrl,
-						storageToken,
-						forceAccessTokenViaAuthorizationHeader,
+					const url = redeemUrl;
+					const method = "GET";
+					const authHeader = await getAuthHeader(
+						{ ...tokenFetchOptions, request: { url, method } },
+						"RedeemShareLink",
 					);
+					const headers = getHeadersWithAuth(authHeader);
 					headers.prefer = "redeemSharingLink";
-					await fetchAndParseAsJSONHelper(url, { headers });
+					await fetchAndParseAsJSONHelper(url, { headers, method });
 				});
 			}
 
@@ -271,7 +264,7 @@ async function redeemSharingLink(
 								shareLinkUrlLength: odspResolvedUrl.shareLinkInfo?.sharingLinkToRedeem.length,
 								queryParamsLength: new URL(odspResolvedUrl.shareLinkInfo?.sharingLinkToRedeem)
 									.search.length,
-								useHeaders: forceAccessTokenViaAuthorizationHeader,
+								useHeaders: true,
 							}),
 						},
 						error,
@@ -285,12 +278,13 @@ async function redeemSharingLink(
 
 async function fetchLatestSnapshotCore(
 	odspResolvedUrl: IOdspResolvedUrl,
-	storageTokenFetcher: InstrumentedStorageTokenFetcher,
+	getAuthHeader: InstrumentedStorageTokenFetcher,
 	snapshotOptions: ISnapshotOptions | undefined,
 	logger: ITelemetryLoggerExt,
 	snapshotDownloader: (
 		finalOdspResolvedUrl: IOdspResolvedUrl,
-		storageToken: string,
+		getAuthHeader: InstrumentedStorageTokenFetcher,
+		tokenFetchOptions: TokenFetchOptionsEx,
 		loadingGroupIds: string[] | undefined,
 		snapshotOptions: ISnapshotOptions | undefined,
 		controller?: AbortController,
@@ -302,7 +296,6 @@ async function fetchLatestSnapshotCore(
 	return getWithRetryForTokenRefresh(async (tokenFetchOptions) => {
 		const fetchSnapshotForLoadingGroup = isSnapshotFetchForLoadingGroup(loadingGroupIds);
 		const eventName = fetchSnapshotForLoadingGroup ? "TreesLatestForGroup" : "TreesLatest";
-		const storageToken = await storageTokenFetcher(tokenFetchOptions, eventName, true);
 
 		const perfEvent = {
 			eventName,
@@ -331,7 +324,8 @@ async function fetchLatestSnapshotCore(
 			const [response, fetchTime] = await measureP(async () =>
 				snapshotDownloader(
 					odspResolvedUrl,
-					storageToken,
+					getAuthHeader,
+					tokenFetchOptions,
 					loadingGroupIds,
 					snapshotOptions,
 					controller,
@@ -594,7 +588,7 @@ export interface ISnapshotRequestAndResponseOptions {
 
 function getFormBodyAndHeaders(
 	odspResolvedUrl: IOdspResolvedUrl,
-	storageToken: string,
+	authHeader: string,
 	headers?: { [index: string]: string },
 ): {
 	body: string;
@@ -606,7 +600,7 @@ function getFormBodyAndHeaders(
 	const formParams: string[] = [];
 	formParams.push(
 		`--${formBoundary}`,
-		`Authorization: Bearer ${storageToken}`,
+		`Authorization: ${authHeader}`,
 		`X-HTTP-Method-Override: GET`,
 	);
 
@@ -690,7 +684,8 @@ function getTreeStatsCore(snapshotTree: ISnapshotTree, stats: ITreeStats): void
  */
 export async function downloadSnapshot(
 	odspResolvedUrl: IOdspResolvedUrl,
-	storageToken: string,
+	getAuthHeader: InstrumentedStorageTokenFetcher,
+	tokenFetchOptions: TokenFetchOptionsEx,
 	loadingGroupIds: string[] | undefined,
 	snapshotOptions: ISnapshotOptions | undefined,
 	snapshotFormatFetchType?: SnapshotFormatSupportType,
@@ -724,17 +719,23 @@ export async function downloadSnapshot(
 
 	const queryString = getQueryString(queryParams);
 	const url = `${snapshotUrl}/trees/latest${queryString}`;
+	const method = "POST";
 	// The location of file can move on Spo in which case server returns 308(Permanent Redirect) error.
 	// Adding below header will make VROOM API return 404 instead of 308 and browser can intercept it.
 	// This error thrown by server will contain the new redirect location. Look at the 404 error parsing
 	// for further reference here: \packages\utils\odsp-doclib-utils\src\odspErrorUtils.ts
 	const header = { prefer: "manualredirect" };
-	const { body, headers } = getFormBodyAndHeaders(odspResolvedUrl, storageToken, header);
+	const authHeader = await getAuthHeader(
+		{ ...tokenFetchOptions, request: { url, method } },
+		"downloadSnapshot",
+	);
+	assert(authHeader !== null, 0x1e5 /* "Storage token should not be null" */);
+	const { body, headers } = getFormBodyAndHeaders(odspResolvedUrl, authHeader, header);
 	const fetchOptions = {
 		body,
 		headers,
 		signal: controller?.signal,
-		method: "POST",
+		method,
 	};
 	// Decide what snapshot format to fetch as per the feature gate.
 	switch (snapshotFormatFetchType) {

package/src/getFileLink.ts

@@ -19,7 +19,7 @@ import {
 	isFluidError,
 } from "@fluidframework/telemetry-utils/internal";
 
-import { getUrlAndHeadersWithAuth } from "./getUrlAndHeadersWithAuth.js";
+import { getHeadersWithAuth } from "./getUrlAndHeadersWithAuth.js";
 import {
 	fetchHelper,
 	getWithRetryForTokenRefresh,
@@ -165,12 +165,11 @@ async function getFileLinkCore(
 			let additionalProps;
 			const fileLink = await getWithRetryForTokenRefresh(async (options) => {
 				attempts++;
-				const storageTokenFetcher = toInstrumentedOdspStorageTokenFetcher(
+				const getAuthHeader = toInstrumentedOdspStorageTokenFetcher(
 					logger,
 					odspUrlParts,
 					getToken,
 				);
-				const storageToken = await storageTokenFetcher(options, "GetFileLinkCore");
 
 				// IMPORTANT: In past we were using GetFileByUrl() API to get to the list item that was corresponding
 				// to the file. This was intentionally replaced with GetFileById() to solve the following issue:
@@ -178,17 +177,19 @@ async function getFileLinkCore(
 				// where webDavUrl is constructed using legacy ODC format for backward compatibility reasons.
 				// GetFileByUrl() does not understand that format and thus fails. GetFileById() relies on file item
 				// unique guid (sharepointIds.listItemUniqueId) and it works uniformly across Consumer and Commercial.
-				const { url, headers } = getUrlAndHeadersWithAuth(
-					`${
-						odspUrlParts.siteUrl
-					}/_api/web/GetFileById(@a1)/ListItemAllFields/GetSharingInformation?@a1=guid${encodeURIComponent(
-						`'${fileItem.sharepointIds.listItemUniqueId}'`,
-					)}`,
-					storageToken,
-					true,
+				const url = `${
+					odspUrlParts.siteUrl
+				}/_api/web/GetFileById(@a1)/ListItemAllFields/GetSharingInformation?@a1=guid${encodeURIComponent(
+					`'${fileItem.sharepointIds.listItemUniqueId}'`,
+				)}`;
+				const method = "POST";
+				const authHeader = await getAuthHeader(
+					{ ...options, request: { url, method } },
+					"GetFileLinkCore",
 				);
+				const headers = getHeadersWithAuth(authHeader);
 				const requestInit = {
-					method: "POST",
+					method,
 					headers: {
 						"Content-Type": "application/json;odata=verbose",
 						"Accept": "application/json;odata=verbose",
@@ -262,20 +263,25 @@ async function getFileItemLite(
 			const fileItem = await getWithRetryForTokenRefresh(async (options) => {
 				attempts++;
 				const { siteUrl, driveId, itemId } = odspUrlParts;
-				const storageTokenFetcher = toInstrumentedOdspStorageTokenFetcher(
+				const getAuthHeader = toInstrumentedOdspStorageTokenFetcher(
 					logger,
 					odspUrlParts,
 					getToken,
 				);
-				const storageToken = await storageTokenFetcher(options, "GetFileItemLite");
-
-				const { url, headers } = getUrlAndHeadersWithAuth(
-					`${siteUrl}/_api/v2.0/drives/${driveId}/items/${itemId}?select=webUrl,webDavUrl,sharepointIds`,
-					storageToken,
-					forceAccessTokenViaAuthorizationHeader,
+				const url = `${siteUrl}/_api/v2.0/drives/${driveId}/items/${itemId}?select=webUrl,webDavUrl,sharepointIds`;
+				const method = "GET";
+				const authHeader = await getAuthHeader(
+					{ ...options, request: { url, method } },
+					"GetFileItemLite",
+				);
+				assert(
+					authHeader !== null,
+					0x2bc /* "Instrumented token fetcher with throwOnNullToken =true should never return null" */,
 				);
+
+				const headers = getHeadersWithAuth(authHeader);
 				headers.redirect = "manual";
-				const requestInit = { method: "GET", headers };
+				const requestInit = { method, headers };
 				const response = await fetchHelper(url, requestInit);
 				additionalProps = response.propsToLog;
 

package/src/getUrlAndHeadersWithAuth.ts

@@ -5,38 +5,13 @@
 
 import { assert } from "@fluidframework/core-utils/internal";
 
-export function getUrlAndHeadersWithAuth(
-	url: string,
-	token: string,
-	forceAccessTokenViaAuthorizationHeader: boolean,
-): { url: string; headers: { [index: string]: string } } {
-	assert(token.length > 0, 0x936 /* should be token */);
-
-	if (!forceAccessTokenViaAuthorizationHeader) {
-		// Pass access token via query string: this will make request be treated as 'simple' request
-		// which does not require OPTIONS call as part of CORS check.
-		const urlWithAccessTokenInQueryString = new URL(url);
-		// IMPORTANT: Do not apply encodeURIComponent to token, param value is automatically encoded
-		// when set via URLSearchParams class
-		urlWithAccessTokenInQueryString.searchParams.set("access_token", token);
-		// ODSP APIs have a limitation that the query string cannot exceed 2048 characters.
-		// If the query string exceeds 2048, we have to fall back to sending the access token as a header, which
-		// has a negative performance implication as it adds a performance overhead.
-		// NOTE: URL.search.length value includes '?' symbol and it is unclear whether backend logic which enforces
-		// query length limit accounts for it. This logic errs on side of caution and includes that key in overall
-		// query length.
-		if (urlWithAccessTokenInQueryString.search.length <= 2048) {
-			return {
-				headers: {},
-				url: urlWithAccessTokenInQueryString.href,
-			};
-		}
-	}
+export function getHeadersWithAuth(
+	// eslint-disable-next-line @rushstack/no-new-null
+	authHeader: string | null,
+): { [index: string]: string } {
+	assert(!!authHeader, 0x936 /* authHeader should not be null or empty */);
 
 	return {
-		headers: {
-			Authorization: `Bearer ${token}`,
-		},
-		url,
+		Authorization: authHeader,
 	};
 }

package/src/odspDelayLoadedDeltaStream.ts

@@ -70,7 +70,7 @@ export class OdspDelayLoadedDeltaStream {
 	/**
 	 * @param odspResolvedUrl - resolved url identifying document that will be managed by this service instance.
 	 * @param policies - Document service policies.
-	 * @param getStorageToken - function that can provide the storage token. This is is also referred to as
+	 * @param getAuthHeader - function that can provide the Authentication header value. This is is also referred to as
 	 * the "Vroom" token in SPO.
 	 * @param getWebsocketToken - function that can provide a token for accessing the web socket. This is also referred
 	 * to as the "Push" token in SPO. If undefined then websocket token is expected to be returned with joinSession
@@ -85,13 +85,13 @@ export class OdspDelayLoadedDeltaStream {
 	public constructor(
 		public readonly odspResolvedUrl: IOdspResolvedUrl,
 		public policies: IDocumentServicePolicies,
-		private readonly getStorageToken: InstrumentedStorageTokenFetcher,
+		private readonly getAuthHeader: InstrumentedStorageTokenFetcher,
 		private readonly getWebsocketToken:
 			| ((options: TokenFetchOptions) => Promise<string | null>)
 			| undefined,
 		private readonly mc: MonitoringContext,
 		private readonly cache: IOdspCache,
-		private readonly hostPolicy: HostStoragePolicy,
+		_hostPolicy: HostStoragePolicy,
 		private readonly epochTracker: EpochTracker,
 		private readonly opsReceived: (ops: ISequencedDocumentMessage[]) => void,
 		private readonly metadataUpdateHandler: (metadata: Record<string, string>) => void,
@@ -391,13 +391,12 @@ export class OdspDelayLoadedDeltaStream {
 				"opStream/joinSession",
 				"POST",
 				this.mc.logger,
-				this.getStorageToken,
+				this.getAuthHeader,
 				this.epochTracker,
 				requestSocketToken,
 				options,
 				disableJoinSessionRefresh,
 				isRefreshingJoinSession,
-				this.hostPolicy.sessionOptions?.unauthenticatedUserDisplayName,
 			);
 			// Emit event only in case it is fetched from the network.
 			if (joinSessionResponse.sensitivityLabelsInfo !== undefined) {