When using a remote blobstore, such as AWS, the response is a redirect to the actual location of the bits. If the client is automatically following redirects, then the OAuth token that was used to communicate with Cloud Controller will be replayed on the new redirect request. Some blobstores may reject the request in that case. Clients may need to follow the redirect without including the OAuth token.
POST /v3/packages/guid-01e194bb-87c3-4f74-8f53-29f6c1bf046b/upload
bits_name=application.zip&bits_path=%2Ftmp%2Fd20151007-23074-o2qbio%2Fapplication.zip
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoidWFhLWlkLTQyNiIsImVtYWlsIjoiZW1haWwtMjk0QHNvbWVkb21haW4uY29tIiwic2NvcGUiOlsiY2xvdWRfY29udHJvbGxlci5yZWFkIiwiY2xvdWRfY29udHJvbGxlci53cml0ZSJdLCJhdWQiOlsiY2xvdWRfY29udHJvbGxlciJdLCJleHAiOjE0NDQ3ODI5NDZ9.LuRdXKT0tThkPIWnjLyagUPvP3_pOLRTrROqNMIB4oQ Host: example.org Content-Type: application/x-www-form-urlencoded Cookie:
curl "https://api.[your-domain.com]/v3/packages/guid-01e194bb-87c3-4f74-8f53-29f6c1bf046b/upload" -d 'bits_name=application.zip&bits_path=%2Ftmp%2Fd20151007-23074-o2qbio%2Fapplication.zip' -X POST \ -H "Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoidWFhLWlkLTQyNiIsImVtYWlsIjoiZW1haWwtMjk0QHNvbWVkb21haW4uY29tIiwic2NvcGUiOlsiY2xvdWRfY29udHJvbGxlci5yZWFkIiwiY2xvdWRfY29udHJvbGxlci53cml0ZSJdLCJhdWQiOlsiY2xvdWRfY29udHJvbGxlciJdLCJleHAiOjE0NDQ3ODI5NDZ9.LuRdXKT0tThkPIWnjLyagUPvP3_pOLRTrROqNMIB4oQ" \ -H "Host: example.org" \ -H "Content-Type: application/x-www-form-urlencoded" \ -H "Cookie: "
200 OK
{
"guid": "guid-01e194bb-87c3-4f74-8f53-29f6c1bf046b",
"type": "bits",
"hash": {
"type": "sha1",
"value": null
},
"url": null,
"state": "PROCESSING_UPLOAD",
"error": null,
"created_at": "2015-10-07T00:35:45Z",
"updated_at": "2015-10-07T00:35:46Z",
"links": {
"self": {
"href": "/v3/packages/guid-01e194bb-87c3-4f74-8f53-29f6c1bf046b"
},
"upload": {
"href": "/v3/packages/guid-01e194bb-87c3-4f74-8f53-29f6c1bf046b/upload",
"method": "POST"
},
"download": {
"href": "/v3/packages/guid-01e194bb-87c3-4f74-8f53-29f6c1bf046b/download",
"method": "GET"
},
"stage": {
"href": "/v3/packages/guid-01e194bb-87c3-4f74-8f53-29f6c1bf046b/droplets",
"method": "POST"
},
"app": {
"href": "/v3/apps/guid-85093c21-11e3-4207-b37c-548e7b000e6f"
}
}
}
Content-Type: application/json;charset=utf-8 X-VCAP-Request-ID: c00cfe56-1800-4b13-b641-6259ea492f4f Content-Length: 849 X-Content-Type-Options: nosniff
GET /v3/packages/guid-01e194bb-87c3-4f74-8f53-29f6c1bf046b
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoidWFhLWlkLTQyNiIsImVtYWlsIjoiZW1haWwtMjk0QHNvbWVkb21haW4uY29tIiwic2NvcGUiOlsiY2xvdWRfY29udHJvbGxlci5yZWFkIiwiY2xvdWRfY29udHJvbGxlci53cml0ZSJdLCJhdWQiOlsiY2xvdWRfY29udHJvbGxlciJdLCJleHAiOjE0NDQ3ODI5NDZ9.LuRdXKT0tThkPIWnjLyagUPvP3_pOLRTrROqNMIB4oQ Host: example.org Cookie:
curl "https://api.[your-domain.com]/v3/packages/guid-01e194bb-87c3-4f74-8f53-29f6c1bf046b" -X GET \ -H "Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoidWFhLWlkLTQyNiIsImVtYWlsIjoiZW1haWwtMjk0QHNvbWVkb21haW4uY29tIiwic2NvcGUiOlsiY2xvdWRfY29udHJvbGxlci5yZWFkIiwiY2xvdWRfY29udHJvbGxlci53cml0ZSJdLCJhdWQiOlsiY2xvdWRfY29udHJvbGxlciJdLCJleHAiOjE0NDQ3ODI5NDZ9.LuRdXKT0tThkPIWnjLyagUPvP3_pOLRTrROqNMIB4oQ" \ -H "Host: example.org" \ -H "Cookie: "
200 OK
{
"guid": "guid-01e194bb-87c3-4f74-8f53-29f6c1bf046b",
"type": "bits",
"hash": {
"type": "sha1",
"value": "bca36ef82b0fa3d4a1ecd15b91a23ac8e9cc67a4"
},
"url": null,
"state": "READY",
"error": null,
"created_at": "2015-10-07T00:35:45Z",
"updated_at": "2015-10-07T00:35:45Z",
"links": {
"self": {
"href": "/v3/packages/guid-01e194bb-87c3-4f74-8f53-29f6c1bf046b"
},
"upload": {
"href": "/v3/packages/guid-01e194bb-87c3-4f74-8f53-29f6c1bf046b/upload",
"method": "POST"
},
"download": {
"href": "/v3/packages/guid-01e194bb-87c3-4f74-8f53-29f6c1bf046b/download",
"method": "GET"
},
"stage": {
"href": "/v3/packages/guid-01e194bb-87c3-4f74-8f53-29f6c1bf046b/droplets",
"method": "POST"
},
"app": {
"href": "/v3/apps/guid-85093c21-11e3-4207-b37c-548e7b000e6f"
}
}
}
Content-Type: application/json;charset=utf-8 X-VCAP-Request-ID: de83de79-4cc4-489e-90f0-e247b83960b4 Content-Length: 875 X-Content-Type-Options: nosniff
GET /v3/packages/guid-01e194bb-87c3-4f74-8f53-29f6c1bf046b/download
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoidWFhLWlkLTQyNiIsImVtYWlsIjoiZW1haWwtMjk0QHNvbWVkb21haW4uY29tIiwic2NvcGUiOlsiY2xvdWRfY29udHJvbGxlci5yZWFkIiwiY2xvdWRfY29udHJvbGxlci53cml0ZSJdLCJhdWQiOlsiY2xvdWRfY29udHJvbGxlciJdLCJleHAiOjE0NDQ3ODI5NDZ9.LuRdXKT0tThkPIWnjLyagUPvP3_pOLRTrROqNMIB4oQ Host: example.org Cookie:
curl "https://api.[your-domain.com]/v3/packages/guid-01e194bb-87c3-4f74-8f53-29f6c1bf046b/download" -X GET \ -H "Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoidWFhLWlkLTQyNiIsImVtYWlsIjoiZW1haWwtMjk0QHNvbWVkb21haW4uY29tIiwic2NvcGUiOlsiY2xvdWRfY29udHJvbGxlci5yZWFkIiwiY2xvdWRfY29udHJvbGxlci53cml0ZSJdLCJhdWQiOlsiY2xvdWRfY29udHJvbGxlciJdLCJleHAiOjE0NDQ3ODI5NDZ9.LuRdXKT0tThkPIWnjLyagUPvP3_pOLRTrROqNMIB4oQ" \ -H "Host: example.org" \ -H "Cookie: "
302 Found
Content-Type: application/json;charset=utf-8 Location: https://cc-packages.s3.amazonaws.com/gu/id/guid-01e194bb-87c3-4f74-8f53-29f6c1bf046b?X-Amz-Expires=3600&X-Amz-Date=20151007T003546Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=fake_aws_key_id/20151007/us-east-1/s3/aws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=a90dfcf3475e4f9d549d61ac4c945c1082c2eec1e37f8b04a8564528470241be X-VCAP-Request-ID: 16d4a2e2-29f6-4b80-ab53-c757eeaec4c5 Content-Length: 0 X-Content-Type-Options: nosniff