Download of SVF derivatives through forge-apis not authorized

Question

Following a recent post which has been addressed using the extract.autodesk.io module (SVF model derivative downloaded as an (almost) empty ZIP file (Autodesk Forge)), I still have difficulties in downloading the SVF model derivative using simply the official forge-apis module, in a 2-legged context.

Here is a minimal sample of what I'm attempting to achieve:

var ForgeSDK = require("forge-apis");

/* The next four lines are filled with my credentials and URN values 
 * (this shouldn't be the problem, since getting the manifest for the URN
 * is performed successfully) */
var client_id = "...";
var client_secret = "...";
var urn = "...";
var derivative_urn = "...";

var derivatives = new ForgeSDK.DerivativesApi();
var autoRefresh = true;
var oAuth2TwoLegged = new ForgeSDK.AuthClientTwoLegged(client_id, 
    client_secret, [
        "data:read", "data:write", "bucket:read", "bucket:write"
    ], autoRefresh);

oAuth2TwoLegged.authenticate().then(function(credentials) {
    derivatives.getDerivativeManifest(urn, derivative_urn, {}, credentials, oAuth2TwoLegged).then(function(content) {
        console.log(content);
    }).catch(function(err) {
        if (err) {
            console.log(err);
        }
    })
});

I get the following error: { statusCode: 401, statusMessage: 'Unauthorized' }. Is it a scope issue?

Thanks a lot in advance!

P.S.: I know the extract.autodesk.io offers a nice way to do that, but I feel that using the bubble object is not so straightforward to transpose in another context. The forge-apis module should do the job seamlessly (or I'm missing something).

Update: Following Augusto's suggestion, I have used the most basic commands (i.e. cUrl) to download information from an IFC file. The first two commands below work successfully (donwload of the manifest and of a PNG screenshot file). The download of the SVF seems to work fine too, except that the ZIP file only contains two JSON files (manifest.json and metadata.json), as well as three empty directories (geometry, material, scene).

Here is the code:

# Get manifest for the IFC file
curl -X "GET" -H "Authorization: Bearer $TOKEN" -v "https://developer.api.autodesk.com/modelderivative/v2/designdata/$URN_IFC/manifest" > manifest.json

# Get a PNG related to the IFC file
curl -X "GET" -H "Authorization: Bearer $TOKEN" -v "https://developer.api.autodesk.com/modelderivative/v2/designdata/$URN_IFC/manifest/$URN_PNG" > image.png

# Get the SVF converted from the IFC file
curl -X "GET" -H "Authorization: Bearer $TOKEN" -v "https://developer.api.autodesk.com/modelderivative/v2/designdata/$URN_IFC/manifest/$URN_SVF" > output.zip

Any idea?

Answer 1

Looking at the implementation for npm forge-apis@0.4.1, the signature is:

this.getDerivativeManifest = function(urn, derivativeUrn, opts, oauth2client, credentials)

But it seems your code is using oauth2client and credentials in the opposite order. After this change, it works fine here.

var derivatives = new ForgeSDK.DerivativesApi();
var autoRefresh = true;
var oAuth2TwoLegged = new ForgeSDK.AuthClientTwoLegged(client_id, 
    client_secret, [
        "viewables:read"
    ], autoRefresh);

oAuth2TwoLegged.authenticate().then(function(credentials) {
    derivatives.getDerivativeManifest(urn, derivative_urn, {}, oAuth2TwoLegged, credentials).then(function(content) {
        console.log(content);
    }).catch(function(err) {
        if (err) {
            console.log(err);
        }
    })
});

Would suggest use only viewables:read scope as you don't need all those extra permissions (for this code, at least).

Answer 2

After having updated the forge-apis NPM package to its latest version (0.4.1), I gave a new try to the bubble.js function from extract.autodesk.io, and it works fine now: I'm able to download the SVF file(s) effortlessly.

Thanks @Augusto for your help. Still curious to know why the "basic" cUrl method doesn't work as expected...