[Bug] Authorization header not included when calling specific endpoints

[hgrgic]

When OIDC is enabled on the OHIF viewer and I try calling endpoints such as searchImageSets or getImageSetMetadata Authorization header is not included. However, when I try to open an image and getImageFrame is called then the Authorization header is included.

I would like to always have Authorization header present so I could enable authorization flow on my proxy. I suspect the behaviour between endpoints is different as getImageFrame is using xhr while other two endpoints are using fetch.

Could you please confirm if this is actually the case?

[mateusfreira]

Hey @hgrgic thanks for your report, it may be a case that we have not faced yet ... in our case, we don't have yet any using OIDC with health imaging.

I double-checked the code in the file src/imageLoader/loadImageSets.ts:49 we are not checking for the OIDC (AuthService headers), which would be an interesting improvement for sure.

I will keep this issue open to implement that in the next releases. The implementation would be around the loadImageSets and check the auth service header before adding the headers from the aws signature.

PRs are welcome too