Do not attempt to generate URLToken for anonymous downloads (#5078)

This is a regression since last release - fixes #5076
7 years ago · f25bec6bf1
parent 75865efb0e
commit f25bec6bf1
3 changed files with 58 additions and 45 deletions
--- a/browser/app/js/components/Browse.js
+++ b/browser/app/js/components/Browse.js
@ -150,16 +150,21 @@ export default class Browse extends React.Component {
      if (prefix === currentPath) return
      browserHistory.push(utils.pathJoin(currentBucket, encPrefix))
    } else {
-      // Download the selected file.
+      if (!web.LoggedIn()) {
-      web.CreateURLToken()
+        let url = `${window.location.origin}/minio/download/${currentBucket}/${encPrefix}?token=''`
-        .then(res => {
+        window.location = url
-          let url = `${window.location.origin}/minio/download/${currentBucket}/${encPrefix}?token=${res.token}`
+      } else {
-          window.location = url
+        // Download the selected file.
-        })
+        web.CreateURLToken()
-        .catch(err => dispatch(actions.showAlert({
+          .then(res => {
-          type: 'danger',
+            let url = `${window.location.origin}/minio/download/${currentBucket}/${encPrefix}?token=${res.token}`
-          message: err.message
+            window.location = url
-        })))
+          })
          .catch(err => dispatch(actions.showAlert({
            type: 'danger',
            message: err.message
          })))
      }
    }
  }
@ -421,18 +426,23 @@ export default class Browse extends React.Component {
      objects: this.props.checkedObjects,
      prefix: this.props.currentPath
    }
    if (!web.LoggedIn()) {
      let requestUrl = location.origin + "/minio/zip?token=''"
      this.xhr = new XMLHttpRequest()
      dispatch(actions.downloadSelected(requestUrl, req, this.xhr))
    } else {
      web.CreateURLToken()
        .then(res => {
          let requestUrl = location.origin + "/minio/zip?token=" + res.token
-    web.CreateURLToken()
+          this.xhr = new XMLHttpRequest()
-      .then(res => {
+          dispatch(actions.downloadSelected(requestUrl, req, this.xhr))
-        let requestUrl = location.origin + "/minio/zip?token=" + res.token
+        })
-
+        .catch(err => dispatch(actions.showAlert({
-        this.xhr = new XMLHttpRequest()
+          type: 'danger',
-        dispatch(actions.downloadSelected(requestUrl, req, this.xhr))
+          message: err.message
-      })
+        })))
-      .catch(err => dispatch(actions.showAlert({
+    }
        type: 'danger',
        message: err.message
      })))
  }
  clearSelected() {
--- a/browser/ui-assets.go
+++ b/browser/ui-assets.go
--- a/cmd/jwt.go
+++ b/cmd/jwt.go
@ -93,6 +93,9 @@ func keyFuncCallback(jwtToken *jwtgo.Token) (interface{}, error) {
 }
 func isAuthTokenValid(tokenString string) bool {
 	if tokenString == "" {
 		return false
 	}
 	var claims jwtgo.StandardClaims
 	jwtToken, err := jwtgo.ParseWithClaims(tokenString, &claims, keyFuncCallback)
 	if err != nil {