changeset 117:968042b7df4c

fix dicomWeb auth
author Alain Mazy <am@osimis.io>
date Tue, 12 Sep 2023 11:46:53 +0200
parents 89eddd4b2f6a
children 6fa53f624e1c
files Plugin/Plugin.cpp
diffstat 1 files changed, 15 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/Plugin/Plugin.cpp	Sat Sep 09 13:17:38 2023 +0200
+++ b/Plugin/Plugin.cpp	Tue Sep 12 11:46:53 2023 +0200
@@ -617,7 +617,7 @@
         // If anonymous user profile, it might be a resource token e.g accessing /dicom-web/studies/.../metadata 
         // -> extract the StudyInstanceUID from the query and send the token for validation to the auth-service
         // If there is no StudyInstanceUID, then, return a 403 because we don't know what resource it relates to
-        if (!body.isMember("Query") || !body["Query"].isMember("StudyInstanceUID"))
+        if (!body.isMember("Query") || !(body["Query"].isMember("StudyInstanceUID") || body["Query"].isMember("0020,000d") || body["Query"].isMember("0020,000D")))
         {
           throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: unable to call tools/find when the user does not have access to any labels and if there is no StudyInstanceUID in the query.");
         }
@@ -626,7 +626,20 @@
         GetAuthTokens(authTokens, request->headersCount, request->headersKeys, request->headersValues, request->getCount, request->getKeys, request->getValues);
 
 
-        std::string studyInstanceUID = body["Query"]["StudyInstanceUID"].asString();
+        std::string studyInstanceUID;
+        if (body["Query"].isMember("StudyInstanceUID"))
+        {
+          studyInstanceUID = body["Query"]["StudyInstanceUID"].asString();
+        }
+        else if (body["Query"].isMember("0020,000d"))
+        {
+          studyInstanceUID = body["Query"]["0020,000d"].asString();
+        }
+        else if (body["Query"].isMember("0020,000D"))
+        {
+          studyInstanceUID = body["Query"]["0020,000D"].asString();
+        }
+        
         Json::Value studyOrhtancIds;
         if (!OrthancPlugins::RestApiPost(studyOrhtancIds, "/tools/lookup", studyInstanceUID, false) || studyOrhtancIds.size() != 1)
         {