REST API Redirected Query Forwarding Headers

💬 App Building
21

Ah yeah I wasn't thinking about that. :thinking: It's natively stripped when executing fetch in the browser environment, I believe. The use case that we previously discussed with RoseRey was specific to workflows, where we ultimately ended up with something like this:

import requests

url = "https://www.base-url.com/api/"
headers = {"Authorization": "Bearer <TOKEN>"}
response = requests.get(url, headers=headers, allow_redirects=False)
location = response.headers.get("Location")
response2 = requests.get(location, headers=headers)
return response2.text

Unfortunately, I think the only official option is to put this logic in a workflow. We're getting pretty close to releasing backend functions, though, which will enable this!

image
image1260×702 43 KB

It might be worth reaching out to Andrew. :slightly_smiling_face:

22

OK, @Darren , Thanks for this(My forum notifications seem to sometimes not notify me when someone responds). Currently most pressing for me is implementation within a workflow anyways so, this is good! :hugs:

1 Like
23

For anyone interested, I was able to capture my data at the end of the redirected url with authentication in a workflow function like this

const fetch = require("node-fetch");

const apiKey = retoolContext.configVars.myKey;
const apiSecret = retoolContext.configVars.mySecret;

const authKey = Basic ${btoa(${apiKey}:${apiSecret})};
const url = myUrl;

const response = await fetch(url, {
  method: 'GET',
  headers: {
    'Authorization': authKey,
    'Content-Type': 'application/json'
  },
  redirect: 'manual'
});

//just capturing the redirect url here
const locationUrl = response.headers.get('location');

if(!locationUrl) return null;

const fileResponse = await fetch(locationUrl, {
  method: 'GET',
  headers: {
    'Authorization': authKey,
    'Content-Type': 'application/json'
  }
});

//in my case, the file came in as binary so converting to base64 for transporting to other workflow blocks
const buffer = await fileResponse.arrayBuffer();

return {
  base64Data: Buffer.from(buffer).toString('base64'),
  fileName: fileName,
  type: fileType
};
1 Like
24

Just to close the loop on everything in this thread - the initial ask has been resolved. Authorization headers are no longer forwarded when automatically following redirects. :+1:

We are looking into adding toggles that give builders more granular control, but you can still do something like this if you need to maintain the original functionality.