npm - windmill-components - Versions diffs - 1.700.1 → 1.700.2 - Mend

windmill-components 1.700.1 → 1.700.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/package/utils/downloadFile.d.ts +6 -4
package/package/utils/downloadFile.js +9 -15
package/package.json +1 -1

package/package/utils/downloadFile.d.ts CHANGED Viewed

@@ -1,8 +1,10 @@
 /**
- * When OpenAPI.TOKEN is set we cannot rely on a plain `<a href>` browser navigation
- * because the browser does not attach the Authorization header. In that case fetch
- * the file via the OpenAPI client (which uses OpenAPI.BASE and the Bearer token) and
- * trigger a download from a blob URL. Otherwise let the default link behavior happen.
+ * When OpenAPI is configured to authenticate via headers (TOKEN, basic auth,
+ * or arbitrary HEADERS) we cannot rely on a plain `<a href>` browser
+ * navigation because the browser does not attach those headers. In that case
+ * fetch the file via the OpenAPI client (which carries the configured auth)
+ * and trigger a download from a blob URL. Cookie-only auth still works with
+ * a plain link.
  *
  * `apiPath` should be the path relative to OpenAPI.BASE, starting with `/`
  * (e.g. `/w/foo/job_helpers/download_s3_file?file_key=...`).

package/package/utils/downloadFile.js CHANGED Viewed

@@ -1,31 +1,25 @@
 import { OpenAPI } from '../gen';
+import { getHeaders } from '../gen/core/request';
 import { sendUserToast } from '../toast';
-async function resolveToken() {
-    const t = OpenAPI.TOKEN;
-    if (!t)
-        return undefined;
-    return typeof t === 'string' ? t : await t({});
-}
 /**
- * When OpenAPI.TOKEN is set we cannot rely on a plain `<a href>` browser navigation
- * because the browser does not attach the Authorization header. In that case fetch
- * the file via the OpenAPI client (which uses OpenAPI.BASE and the Bearer token) and
- * trigger a download from a blob URL. Otherwise let the default link behavior happen.
+ * When OpenAPI is configured to authenticate via headers (TOKEN, basic auth,
+ * or arbitrary HEADERS) we cannot rely on a plain `<a href>` browser
+ * navigation because the browser does not attach those headers. In that case
+ * fetch the file via the OpenAPI client (which carries the configured auth)
+ * and trigger a download from a blob URL. Cookie-only auth still works with
+ * a plain link.
  *
  * `apiPath` should be the path relative to OpenAPI.BASE, starting with `/`
  * (e.g. `/w/foo/job_helpers/download_s3_file?file_key=...`).
  */
 export function shouldDownloadViaClient() {
-    return Boolean(OpenAPI.TOKEN);
+    return Boolean(OpenAPI.TOKEN || OpenAPI.HEADERS || OpenAPI.USERNAME);
 }
 export async function downloadViaClient(apiPath, filename) {
-    const token = await resolveToken();
     const url = `${OpenAPI.BASE}${apiPath}`;
-    const headers = {};
-    if (token)
-        headers['Authorization'] = `Bearer ${token}`;
     let response;
     try {
+        const headers = await getHeaders(OpenAPI, { method: 'GET', url: apiPath });
         response = await fetch(url, { headers, credentials: OpenAPI.CREDENTIALS });
     }
     catch (e) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "windmill-components",
-	"version": "1.700.1",
+	"version": "1.700.2",
 	"scripts": {
 		"dev": "vite dev",
 		"build": "vite build",