I have a react-native app that authenticates with Drupal via oAuth2 (simple_oauth, openidconnect) and do not use cookies. I use my access token for all rest calls, images and other files. Very randomly and consistently, the response for the files are html - the login form to be precise. Not all files but some of them and randomly. Sometime it works, sometimes it doesn't. If I logout and login again, it works for a few minutes and then it's gone after awhile. I do use a private file system. I've checked the directory permissions and they are all 755. I don't know what it is or how to resolve it.
Simple oauth settings:
Access token expiration time: 604800
Authorization code expiration time: 604800
Refresh token expiration time: 1209600
Filesystem:
Downloading images on RN:
export const downloadImage = (_uri, _path, _extension, _access_token) => {
const dirs = RNFetchBlob.fs.dirs;
const path = dirs.DocumentDir + '/' + _path + '.' + _extension;
// send http request in a new thread (using native code)
return RNFetchBlob.config({path: path}).fetch('GET', _uri, {
Authorization: 'Bearer ' + _access_token,
});
};
I enabled ForensicLog on apache2 to monitor the headers too and here is the result:
GET /system/files/styles/crop_1_1/private/2021-10/image-2.jpg?h=75dde18b&itok=KTg7ozUt HTTP/1.1|Host:example.co.uk|Accept:*/*|Connection:keep-alive|Cookie:SESScd3de411e6a4fa7f7d3a2b14dd1164d2=q7cGe3QFrHDFCceeaP3etssZOPxl6nhWmngykV9zKJo9wAPn|If-Modified-Since:Fri, 29 Oct 2021 16%3a39%3a29 GMT|Accept-Language:en-us|Authorization:Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6ImUzZTZlNjNjZTI0OGEyYzYyNTUzNDRkYzg5NTk3N2NhOTZiNGI5YWQ0ZTIwYjRiNWVmODI4OTc4OWRhODI1MDQ3MjNhNzIzNmYwZmQxZmZjIn0.eyJhdWQiOiJhNDIyNTg1Ni0wM2Y1LTQzYTctODkzNS1hZDdhYTFiMjJhNmUiLCJqdGkiOiJlM2U2ZTYzY2UyNDhhMmM2MjU1MzQ0ZGM4OTU5NzdjYTk2YjRiOWFkNGUyMGI0YjVlZjgyODk3ODlkYTgyNTA0NzIzYTcyMzZmMGZkMWZmYyIsImlhdCI6MTYzNjQ2ODU1NiwibmJmIjoxNjM2NDY4NTU2LCJleHAiOjE2MzcwNzMzNTYsInN1YiI6IjE0NDM2Iiwic2NvcGVzIjpbImF1dGhlbnRpY2F0ZWQiXX0.rt4h-eeNyXlw5HoR6KvFnP5iujh4Wkg_evuqQcEn7lrJt0wE2b7N8nUoRgdBEa-JA4c5SD3Euok3QwIzXuzJYB3brXaztuXC_TE-BkrscA7HB5-4jQ5JYbQI6U9WkJPH2WPCDYbyrIQTF1d4lQ76A1-61xL2G7K9scaGJ-nAZskTRJjsx7PGjv8FcDR1crI6M3fE_nTwSDW5KbwVHv4Tt7549YKR7sIlIzUHZ6aU4FPwF0FDekkqv3qw-xYD4TyfnTAI9-70edkq2QjI4uwixgb9zrn7XNl9zxOX7deIdG_TQ7Rc0arfbr-1ZABQa9UW72HVeA5IKvjjBZB4VST4DQ|Accept-Encoding:gzip, deflate, br|User-Agent:MY%2520APP/41 CFNetwork/1237 Darwin/20.5.0
GET /user/login?destination=system/files/styles/crop_1_1/private/2021-10/image-2.jpg%253Fh%253D75dde18b%2526itok%253DKTg7ozUt HTTP/1.1|Host:example.co.uk|Accept:*/*|Cookie:SESScd3de411e6a4fa7f7d3a2b14dd1164d2=q7cGe3QFrHDFCceeaP3etssZOPxl6nhWmngykV9zKJo9wAPn|User-Agent:MY%2520APP/41 CFNetwork/1237 Darwin/20.5.0|Accept-Language:en-us|Accept-Encoding:gzip, deflate, br|Connection:keep-alive
