Mercurial > hg > orthanc-stone

--- a/Applications/StoneWebViewer/NEWS	Tue May 04 11:02:24 2021 +0200
+++ b/Applications/StoneWebViewer/NEWS	Mon May 10 11:51:53 2021 +0200
@@ -1,6 +1,9 @@
 Pending changes in the mainline
 ===============================

+* New argument "token" to set HTTP header "Authorization: Bearer <token>"
+  for each request to the DICOMweb server
+* Fix issue #197 (Support for passing credentials with all HTTP requests)


 Version 1.0 (2020-12-02)
--- a/Applications/StoneWebViewer/NOTES.txt	Tue May 04 11:02:24 2021 +0200
+++ b/Applications/StoneWebViewer/NOTES.txt	Mon May 10 11:51:53 2021 +0200
@@ -92,6 +92,27 @@
   displayed at the startup.


+Authorization to the DICOMweb server (new in 2.0)
+====================================
+
+The function "stone.AddHttpHeader()" exposed in the WebAssembly API
+can be used to add custom HTTP headers to each XMLHttpRequest that is
+sent to the DICOMweb server. This notably gives the opportunity to
+provide an authentication token using the "Authorization" HTTP header.
+
+The Vue.js application will set the "Authorization" HTTP header to the
+value "Bearer <token>" where "<token>" is value of the GET argument
+"token" provided when opening "index.html". If the "token" GET
+argument is absent, the "Authorization" header is not altered.
+
+For instance, if the user opens the following URL:
+
+http://.../index.html?study=<StudyInstanceUID1>&token=Hello
+
+Then each request to the DICOMweb will set the HTTP header:
+"Authorization: Bearer Hello"
+
+
 Dynamic actions using messages
 ==============================
--- a/Applications/StoneWebViewer/WebApplication/app.js	Tue May 04 11:02:24 2021 +0200
+++ b/Applications/StoneWebViewer/WebApplication/app.js	Mon May 10 11:51:53 2021 +0200
@@ -1050,6 +1050,13 @@
   if ('DicomCacheSize' in app.globalConfiguration) {
     stone.SetDicomCacheSize(app.globalConfiguration.DicomCacheSize);
   }
+
+  // Bearer token is new in Stone Web viewer 2.0
+  var token = getParameterFromUrl('token');
+  if (token !== undefined)
+  {
+    stone.AddHttpHeader('Authorization', 'Bearer ' + token);
+  }

   console.warn('Stone properly initialized');
--- a/Applications/StoneWebViewer/WebAssembly/StoneWebViewer.cpp	Tue May 04 11:02:24 2021 +0200
+++ b/Applications/StoneWebViewer/WebAssembly/StoneWebViewer.cpp	Mon May 10 11:51:53 2021 +0200
@@ -2993,6 +2993,18 @@
     }
     EXTERN_CATCH_EXCEPTIONS;
   }
+
+
+  EMSCRIPTEN_KEEPALIVE
+  void AddHttpHeader(const char* header,
+                     const char* value)
+  {
+    try
+    {
+      source_.AddHttpHeader(header, value);
+    }
+    EXTERN_CATCH_EXCEPTIONS;
+  }


   EMSCRIPTEN_KEEPALIVE
--- a/OrthancStone/Sources/Loaders/DicomSource.cpp	Tue May 04 11:02:24 2021 +0200
+++ b/OrthancStone/Sources/Loaders/DicomSource.cpp	Mon May 10 11:51:53 2021 +0200
@@ -395,4 +395,20 @@
       throw Orthanc::OrthancException(Orthanc::ErrorCode_NotImplemented);
     }
   }
+
+
+  void DicomSource::AddHttpHeader(const std::string& header,
+                                  const std::string& value)
+  {
+    if (type_ == DicomSourceType_Orthanc ||
+        type_ == DicomSourceType_DicomWeb ||
+        type_ == DicomSourceType_DicomWebThroughOrthanc)
+    {
+      webService_.AddHttpHeader(header, value);
+    }
+    else
+    {
+      throw Orthanc::OrthancException(Orthanc::ErrorCode_BadParameterType);
+    }
+  }
 }
--- a/OrthancStone/Sources/Loaders/DicomSource.h	Tue May 04 11:02:24 2021 +0200
+++ b/OrthancStone/Sources/Loaders/DicomSource.h	Mon May 10 11:51:53 2021 +0200
@@ -125,5 +125,8 @@
     bool HasDicomWebRendered() const;

     unsigned int GetQualityCount() const;
+
+    void AddHttpHeader(const std::string& header,
+                       const std::string& value);
   };
 }