Closed shral closed 5 years ago
Yes, this is a standard way.
A more secure implementation would be to pass it into the http header (with https the token cannot be intercepted).
Authorization: Bearer $token
Concerning the time, 5 min could be not enough is some situations when the exam to download is big and the connexion is over the Internet (as the wado URI service is requested sequentially by image).
Another small issue: would be possible to have a parameter to not open the URL in a new window because in our case the viewer will be open at system level. This will avoid to always open an empty page.
So far I know, I can not set the header (Authorization:Bearer $token) while redirecting the url.
The token should be valid only on request start, doesn't meter how large the file is, that should be downloaded.
Regarding the opening of the URL in a new window, I can provide the possibility to add the target
-attribute as parameter like:
...requestType=STUDY&studyUID={}&access_token={}&target=_self or
...requestType=STUDY&studyUID={}&access_token={}&target=_blank
It sounds good.
I've implemented the transmission of the token to the WADO request, see https://github.com/nroduit/weasis-pacs-connector/issues/23https://github.com/nroduit/weasis-pacs-connector/issues/23
@shral and @nroduit : Thank you for the fixes/improvements, I've tested and updated Weasis Viewer Integration
...requestType=STUDY&studyUID={}&access_token={}&target=_self
...requestType=PATIENT&patientID={}&access_token={}&target=_blank