Hi all,
I am building an App to manage files within Teamleader Focus, currently I am buildig a module to download files (API docs: Teamleader API Documentation)
The documentation describes that a download link (a temporary url) must be requested, from where the file can be downloaded (no issue with this). This means that there are two requests, 1) to request the download url and 2) to download the file from the temporary location. I wanted to manage this by multiple requests in one module, see below.
[
{
"url": "/files.download",
"method": "POST",
"body": {
"{{...}}": "{{parameters}}"
},
"response": {
"temp": {
"downloadLocation": "{{body.data.location}}"
}
}
},
{
"url": "{{temp.downloadLocation}}",
"method": "GET",
"headers": {
"{{...}}": "{{omit(headers, 'Authorization')}}", // I tried this first
"Authorization": null // I also tried '"{{emptystring}}"', Authorzation in uppercase and lowercase start, etc..
},
"response": {
"output": "{{body}}"
}
}
]
The Authorization header is managed in the base, therefore all headers that are used for the initial "/files.download" request, are also sent to the temporary location url, which is Amazon S3. This results in the following error:
{
"Error": {
"Code": [
"InvalidArgument"
],
"Message": [
"Only one auth mechanism allowed; only the X-Amz-Algorithm query parameter, Signature query string parameter or the Authorization header should be specified"
],
"ArgumentName": [
"Authorization"
],
"ArgumentValue": [
"null"
],
"RequestId": [
"ZRN1P8ANSQ5KWJ40"
],
"HostId": [
"B9mMyMbtu7pw+q6zkPDnxx2nOZyZJbJIxZlNy2rD2PNhWHSAf8XGI7Rm8jFNDkizDfUimStHPJc="
]
}
}
This is an example of a download URL that is generated (but they expire fast):
https://teamleader.s3.eu-west-1.amazonaws.com/TL_uploaded_files/222100/sale/26452468/210481704_423747_1720439226_1TheX?response-content-disposition=attachment%3B%20filename%3D%22teamleader_files.png%22%3B%20filename%2A%3DUTF-8%27%27teamleader_files.png&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEE0aCWV1LXdlc3QtMSJHMEUCIDWZgoucd2WvUWIewQiiMrcIQakF4kBDNe%2F%2FyShOWBAXAiEAxo8b%2FpXUEJ%2FKd2Ay%2FlV3W0TKPoKA3EK%2F8pf7axWscr8q9QQIFhAAGgwzOTMyNzk5NDY3ODkiDD5%2FRTZAZcb4v4x1QyrSBMtsHG0IbHQi6tL35YAvFt%2Fy2JusMJ8Oa4UK0EDbju8zQqbXrtuVY02A6H3CDtK%2FaEkSnCHlS68jheSPv3GDR2E2LjrFnDi2McIuDELlH6Hz8eocpYJT24YEuWjdKEy6Gj2IK8xHKmqs9AfpedtRnQdhz3Oe%2F111KXV1CgpAu9Imj0KYX8Jgl0FdSg%2FmF%2FCFH8WqIw8eh4pwCZ0TuBtk8wHYMwDHVi2OIv8c5wsSjy4Zs9iY%2BjeoDnm%2BhuTcPaMyDvWn2qNwz8T0R4rlifl9CnHB9shCltJNYtXHr4WuvtIBYmp6HujGB78nuBU%2BezzZ9L%2FYhe6ykc7hc%2Bo1lMwUwgmQibR%2FvVmDIdcbac9AqhDVC%2B1HX7uMxmd1%2BzT1Hn8KawTD0ayHFHz7ZakUHZY5UK2hICYOGV6PV3kWu0i6fomVbOpir2g4TkoYKAtphjsk8i5P8M8UKc6uqIKBa9vcJg7ZIiQ9PUdZhGmKs4MhB03F9krsTHqdMNdoDsEv0o9Xf8x167LU8z%2Fmgj0X4MgS10uJbWxPyCgtng24A%2Fn%2BfrSKIOtGFUrWHGyGWWafrythplja0poL6or23DJ%2B98GKCnoWQtMxYoPh%2FJzti3Y4oGtBKVobzbHxUW0sV%2BgjViJNbjnzLcl%2Bf5GRPf8pH7DaUPp31qJkMSC%2FxbtOre5WPYMbSfc9CZDK%2BtBXkGIkgf2T40%2BEsfmTosU0Ikkynf2EBd3xLAy9YqOemNGsVaQJaRI4FJNPR1Zj8Zvm%2FQqud4G6OjA8y4LkuChTUaK1lFulseInVDC9u6%2B0BjqaAf1DHhm6sajL0CuhN5TZop%2Fy6cRQ7YTfRyymHltpOfBjTROlKely7hwCXJMZn91RpdQe4B%2Bs2rnNUzL44n4LrbXVUGAM%2FvnyRxGD8SK37rbqjBN1YYFiZrPocUI3kxpgsoFzJnc%2BDyFaUlHXXANy%2B2%2BLYudke1jRNian7Lfq8N0HB61l8bH8dPITGR%2F087HvFE%2FRbQUmTMa7t64%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIAVXEKPYASWZLTW5NU%2F20240708%2Feu-west-1%2Fs3%2Faws4_request&X-Amz-Date=20240708T123952Z&X-Amz-SignedHeaders=host&X-Amz-Expires=60&X-Amz-Signature=6239d961bdb27075b7d4446c3349dfc40c3ba986b0f25e475c99c029586b3200
As you can see in the Communication example, I tried a few things to remove the Authorization header from the second request. I also tried to remove the Authorization header from the base, there is no error message from Amazon in that case, but it is far from an ideal solution.
Is there a way to escape, override or omit headers that are set in the base?
Cheers,
Henk
