Open alexwlchan opened 5 years ago
Archivematica Storage Service API: https://wiki.archivematica.org/Storage_Service_API - supports Authorization header. Could we support this in the code that invokes the callback?
i.e. AM storage service still stores this as part of the Wellcome storage plugin setup and would still need to make the credentials part of the ingest API call, but they wouldn't be included int he callback URL any more.
I’d be happier with that. Notifier could easily send an auth header.
So when you make the ingest request, you’d send something like:
"callback": {
"auth": "test:1234567890",
"type": "Callback",
"url": "https://workflow.wellcomecollection.org/callback?id={id}"
}
We wouldn't present that auth header again if you queried the state of the ingest, just hold it internally. And then maybe clean it up when we've made the callback?
Let's talk to Jonathan and Robert, because it adds a bit of messiness to the internal code.
That sounds sensible to me.
Alternative is to use a hash of some kind here, which I think is what Goobi does?
Witnes ingest d5ff7a8a-4d8b-48cd-80c5-d05ae1d2f8e5:
This is fragile and a bit dangerous.