From 1b740f27e43daaec1aa62fd2668f5862bff3e1c2 Mon Sep 17 00:00:00 2001
From: James <Jamestp19@gmail.com>
Date: Fri, 20 Sep 2024 16:18:12 -0400
Subject: [PATCH] [BUG] Visualization should not need tokens now in Open Access
 (#206)

* Don't care about auth header in open access

* More open access checks
---
 .../resource/visualization/service/HpdsService.java       | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/pic-sure-resources/pic-sure-visualization-resource/src/main/java/edu/harvard/hms/dbmi/avillach/resource/visualization/service/HpdsService.java b/pic-sure-resources/pic-sure-visualization-resource/src/main/java/edu/harvard/hms/dbmi/avillach/resource/visualization/service/HpdsService.java
index ff40e44f..da9dde03 100644
--- a/pic-sure-resources/pic-sure-visualization-resource/src/main/java/edu/harvard/hms/dbmi/avillach/resource/visualization/service/HpdsService.java
+++ b/pic-sure-resources/pic-sure-visualization-resource/src/main/java/edu/harvard/hms/dbmi/avillach/resource/visualization/service/HpdsService.java
@@ -92,9 +92,11 @@ public Map<String, Map<String, String>> getOpenCrossCountsMap(QueryRequest query
      */
     private HttpHeaders prepareQueryRequest(QueryRequest queryRequest, ResultType resultType, String accessType) {
         HttpHeaders headers = new HttpHeaders();
-        headers.add(AUTH_HEADER_NAME,
+        if (AUTHORIZED_ACCESS.getValue().equals(accessType)) {
+            headers.add(AUTH_HEADER_NAME,
                 queryRequest.getResourceCredentials().get(AUTH_HEADER_NAME)
-        );
+            );
+        }
 
         headers.add("request-source", accessType);
 
@@ -128,7 +130,7 @@ private void sanityCheck(QueryRequest queryRequest, ResultType requestType, Stri
         if (applicationProperties.getOrigin() == null) throw new IllegalArgumentException("picSureUrl is required");
         if (applicationProperties.getAuthHpdsResourceId() == null)
             throw new IllegalArgumentException("picSureUuid is required");
-        if (queryRequest.getResourceCredentials().get(AUTH_HEADER_NAME) == null)
+        if (AUTHORIZED_ACCESS.getValue().equals(accessType) && queryRequest.getResourceCredentials().get(AUTH_HEADER_NAME) == null)
             throw new IllegalArgumentException("No authorization token found in queryRequest");
         if (requestType == null) throw new IllegalArgumentException("ResultType is required");
         if (requestType != ResultType.CATEGORICAL_CROSS_COUNT && requestType != ResultType.CONTINUOUS_CROSS_COUNT)