Search code examples
autodesk-forgeautodesk-viewerautodeskautodesk-model-derivative

Autodesk Viewer stopped working - returns 401 on /modeldata/manifest/

We've been working on an application for a couple of years now, featuring the Forge (Autodesk) Viewer.

Our approach is similar to the one described in https://tutorials.autodesk.io/, except we use three-legged authentication.

enter image description here

We store the access token received after a successful three-legged authentication in the database:

function getAutodeskClient(): AuthClientThreeLegged {
  if (oAuth2ThreeLegged) return oAuth2ThreeLegged;

  oAuth2ThreeLegged = new ForgeSDK.AuthClientThreeLegged(
    AUTODESK_CLIENT_ID,
    AUTODESK_CLIENT_SECRET,
    AUTODESK_REDIRECT_URL,
    [
      "data:read",
      "data:write",
      "bucket:read",
      "bucket:update",
      "bucket:create",
    ],
    autoRefresh,
  );

  return oAuth2ThreeLegged;
}

Then we use the access token obtained during this process on the client side to initialize the viewer:

const options: Autodesk.Viewing.InitializerOptions = {
  env: "AutodeskProduction2",
  api: "streamingV2",
  getAccessToken: getForgeToken,
};

function launchViewer(urn: string, container: HTMLElement) {
  Autodesk.Viewing.Initializer(options, () => {
    viewer.current = new Autodesk.Viewing.GuiViewer3D(container, {
      extensions: ["Autodesk.DocumentBrowser"],
    });
    viewer.current.start();
    const documentId = `urn:${urn}`;

    Autodesk.Viewing.Document.load(
      documentId,
      onDocumentLoadSuccess,
      onDocumentLoadFailure,
    );
  });
}

This code was working fine for 1+ years, but about a week ago we started receiving 401 errors when we tried to load model files.

While I can open https://viewer.autodesk.com/id/dXJuOmFkc2sub2JqZWN0czpvcy5vYmplY3Q6YTM2MHZpZXdlci1wcm90ZWN0ZWQvdDE2OTA0MzgxNDNfNGE1MjIzMTUtODI4Yy00ZjVkLWEzNzItNzgwZGEzM2U0YzRhLnJ2dA?sheetId=NTgzYjMzZDUtMmM1Mi1lMzBhLTA4ZTgtN2MwYTE3N2YzNjlh just fine, when I try to load the same file using the viewer API, I get a 401 error:

curl 'https://cdn.derivative.autodesk.com/modeldata/manifest/dXJuOmFkc2sub2JqZWN0czpvcy5vYmplY3Q6YTM2MHZpZXdlci1wcm90ZWN0ZWQvdDE2OTA0MzgxNDNfNGE1MjIzMTUtODI4Yy00ZjVkLWEzNzItNzgwZGEzM2U0YzRhLnJ2dA?domain=http%3A%2F%2Flocalhost%3A3000' \
  -H 'authority: cdn.derivative.autodesk.com' \
  -H 'accept: */*' \
  -H 'accept-language: en-GB,en-US;q=0.9,en;q=0.8,sr;q=0.7' \
  -H 'authorization: Bearer <our bearer token>' \
  -H 'origin: http://localhost:3000' \
  -H 'referer: http://localhost:3000/' \
  -H 'sec-ch-ua: "Not/A)Brand";v="99", "Brave";v="115", "Chromium";v="115"' \
  -H 'sec-ch-ua-mobile: ?0' \
  -H 'sec-ch-ua-platform: "macOS"' \
  -H 'sec-fetch-dest: empty' \
  -H 'sec-fetch-mode: cors' \
  -H 'sec-fetch-site: cross-site' \
  -H 'sec-gpc: 1' \
  -H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36' \
  --compressed

This request originatest from:

Autodesk.Viewing.Document.load(
  documentId,
  onDocumentLoadSuccess,
  onDocumentLoadFailure,
);

The response is {"diagnostic":"Unauthorized"} and here are the response headers:

enter image description here

My application has access to all APIs:

enter image description here

Solution

  • There was a change to the viewer itself or some other API endpoint, but from now on, you can only open the files you can access.

    Following the official docs, I also created a Next.js project that embeds the Autodesk Viewer, loads all models the account has permission to see, and can do some basic filtering on the viewer instance.

    https://github.com/innotekhq/autodesk-viewer-demo-1