From 904db340e91c474fa122f2e5b53e2c863268cb17 Mon Sep 17 00:00:00 2001 From: Aasim Malladi Date: Wed, 4 Dec 2019 10:44:24 -0800 Subject: [PATCH] Updated auth token filter to skip sending auth headers for blobstore and AFD (#11896) --- Tasks/DownloadPackageV1/connections.ts | 33 +++++++------------------- Tasks/DownloadPackageV1/package.json | 2 +- Tasks/DownloadPackageV1/task.json | 2 +- Tasks/DownloadPackageV1/task.loc.json | 2 +- 4 files changed, 11 insertions(+), 28 deletions(-) diff --git a/Tasks/DownloadPackageV1/connections.ts b/Tasks/DownloadPackageV1/connections.ts index da23dc792bf7..83df7113ae71 100644 --- a/Tasks/DownloadPackageV1/connections.ts +++ b/Tasks/DownloadPackageV1/connections.ts @@ -5,40 +5,23 @@ import { IRequestOptions } from "azure-devops-node-api/interfaces/common/VsoBase import * as tl from 'vsts-task-lib/task'; import * as locationUtility from "packaging-common/locationUtilities"; -// TODO Remove this once this bug is resolved: https://github.com/Microsoft/typed-rest-client/issues/126 -export class BearerHandlerForPresignedUrls extends BearerCredentialHandler { - prepareRequest(options) { - // If we have a presigned blobstore url, don't add auth header - if (this.isPreSignedUrl(options)) { - delete options.headers["Authorization"]; - delete options.headers["X-TFS-FedAuthRedirect"]; - } else { - options.headers["Authorization"] = "Bearer " + this.token; - options.headers["X-TFS-FedAuthRedirect"] = "Suppress"; - } - } - - isPreSignedUrl(options: any): boolean { - return ( - options.host && - options.host.endsWith("blob.core.windows.net") && - options.path && - options.path.includes("&sig=") - ); - } -} - export function getConnection(areaId: string, collectionUrl: string): Promise { var accessToken = locationUtility.getSystemAccessToken(); + var presignedUrlPatterns: RegExp[] = [ + new RegExp('.*blob\.core\.windows\.net.*'), // blobstore redirect + new RegExp('.*vsblob\.vsassets\.io.*') // edge caching enabled blob + ]; + return locationUtility .getServiceUriFromAreaId(collectionUrl, accessToken, areaId) .then(url => { const options: IRequestOptions = { proxy: tl.getHttpProxyConfiguration(url), maxRetries: 5, - allowRetries: true + allowRetries: true, + presignedUrlPatterns: presignedUrlPatterns }; - return new WebApi(url, new BearerHandlerForPresignedUrls(accessToken), options); + return new WebApi(url, new BearerCredentialHandler(accessToken), options); }) .catch(error => { throw error; diff --git a/Tasks/DownloadPackageV1/package.json b/Tasks/DownloadPackageV1/package.json index 967796e93454..2ed240c9644a 100644 --- a/Tasks/DownloadPackageV1/package.json +++ b/Tasks/DownloadPackageV1/package.json @@ -19,7 +19,7 @@ "dependencies": { "@types/mocha": "^2.2.5", "@types/node": "^6.14.2", - "azure-devops-node-api": "8.0.0", + "azure-devops-node-api": "9.0.1", "azure-pipelines-task-lib": "2.8.0", "decompress-zip": "0.3.0", "packaging-common": "file:../../_build/Tasks/Common/packaging-common-1.0.1.tgz", diff --git a/Tasks/DownloadPackageV1/task.json b/Tasks/DownloadPackageV1/task.json index 38ec8523bf1b..182a696a125a 100644 --- a/Tasks/DownloadPackageV1/task.json +++ b/Tasks/DownloadPackageV1/task.json @@ -10,7 +10,7 @@ "version": { "Major": 1, "Minor": 161, - "Patch": 1 + "Patch": 2 }, "demands": [], "releaseNotes": "Adds support to download Maven, Python, Universal and Npm packages.", diff --git a/Tasks/DownloadPackageV1/task.loc.json b/Tasks/DownloadPackageV1/task.loc.json index d8e672bbd143..de222ab1f27d 100644 --- a/Tasks/DownloadPackageV1/task.loc.json +++ b/Tasks/DownloadPackageV1/task.loc.json @@ -10,7 +10,7 @@ "version": { "Major": 1, "Minor": 161, - "Patch": 1 + "Patch": 2 }, "demands": [], "releaseNotes": "ms-resource:loc.releaseNotes",