Zip Download
When using zip download to download many small files, the download speed is extremely slow (~500B/s), but it is much faster when downloading them one by one, or downloading fewer but larger files, using both the UI and API. Is this the expected behaviour? Also, does the download speed differ across account types (e.g. do Enterprise users have higher download speeds than Business accounts)?
Last thing, does the zip download endpoint only allow user Access Tokens to be used to create a zip download, or can enterprise Access Tokens be used as well? I didn't get my enterprise-level Access Tokens to work, but using user Access Tokens did.
-
Hello,
The slower speed for many small files occurs due to the number of permissions checks that happen on the back end.
The download speed does not vary due to account or license type.
In terms of token... the token you are using will be based off a user or service account's collaborations - so if the token you created is from a user that doesn't have access to content you are looking for, it won't work.
Thanks,
Alex, Box Developer Advocate
-
Hi Alex, thanks for answering my question about the download speed of zip archives and number of files. I would like to ask as a followup, does Box have mirrors, and would downloading from different regions affect the download speeds (for both single file downloads and zip archive downloads)?
With regards to the token, I tried using the service account's Access Token and the correct "As-User" header to create a zip download, which should theoretically work, but I got an error 401 instead. Is this supposed to be this way? Thanks!
-
Thanks for your answer about download speeds.
My code is modified from the Python sample code found at https://github.com/box-community/samples-docs-authenticate-with-jwt-api/blob/master/sample.3.py. The full code is as below:
import json
import os
import time
import secrets
import json
import requests
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.serialization import load_pem_private_key
import jwt
config = json.load(open('config.json'))
appAuth = config["boxAppSettings"]["appAuth"]
privateKey = appAuth["privateKey"]
passphrase = appAuth["passphrase"]
# To decrypt the private key we use the cryptography library
# (https://cryptography.io/en/latest/)
key = load_pem_private_key(
data=privateKey.encode('utf8'),
password=passphrase.encode('utf8'),
backend=default_backend(),
)
# We will need the authentication_url again later,
# so it is handy to define here
authentication_url = 'https://api.box.com/oauth2/token'
claims = {
'iss': config['boxAppSettings']['clientID'],
'sub': config['enterpriseID'],
'box_sub_type': 'enterprise',
'aud': authentication_url,
# This is an identifier that helps protect against
# replay attacks
'jti': secrets.token_hex(64),
# We give the assertion a lifetime of 45 seconds
# before it expires
'exp': round(time.time()) + 45
}
keyId = config['boxAppSettings']['appAuth']['publicKeyID']
# Rather than constructing the JWT assertion manually, we are
# using the pyjwt library.
assertion = jwt.encode(
claims,
key,
# The API support "RS256", "RS384", and "RS512" encryption
algorithm='RS512',
headers={
'kid': keyId
}
)
params = {
# This specifies that we are using a JWT assertion
# to authenticate
'grant_type': 'urn:ietf:params:oauth:grant-type:jwt-bearer',
# Our JWT assertion
'assertion': assertion,
# The OAuth 2 client ID and secret
'client_id': config['boxAppSettings']['clientID'],
'client_secret': config['boxAppSettings']['clientSecret']
}
# Make the request, parse the JSON,
# and extract the access token
response = requests.post(authentication_url, params)
access_token = response.json()['access_token']
user_id = some_number
headers = { 'Authorization': "Bearer %s" % access_token, 'As-User': user_id}
body = {"download_file_name": "Test", "items": [{"id": some_file, "type": "file"}]}
response = requests.post('https://api.box.com/2.0/zip_downloads', headers=headers, json=body)
print(response)
I get a status 401 with no body in the response. However, changing the "sub" in the claim to the user ID and "box_sub_type" to "user" and using that Access Token successfully creates the zip archive and I can download it. The client ID of the application is zak1rwbgjvxdbpi2uof9emlp046rkz97. Thanks!
投稿コメントは受け付けていません。
コメント
4件のコメント