-
Sub-task
-
Resolution: Done
-
Medium
-
None
-
None
-
SIMPLY S10 April 28 - May 12, SIMPLY S11 May 12 - May 26, SIMPLY S12 May 26 - June 9, SIMPLY S13 June 9 - June 23, SIMPLY S14 June 23 - July 7, SIMPLY S15 July 7 - July 21, SIMPLY S16 July 21 - August 4, SIMPLY S17 August 4 - 18
When a patron asks to download an Overdrive audiobook they have on loan, "fulfilling" the loan by hitting the rel="acquisition" link will give you two pieces of information:
- A link to the manifest file (hosted by Overdrive)
- An "X-Overdrive-Scope" response header containing information about the library's relationship with Overdrive.
You can't download the manifest file as-is. You must use Overdrive Patron Auth to create a bearer token, and provide that when you download the file. The details are in the Overdrive API documentation, but to summarize, you need these pieces of information:
- The username and password (if any) the patron used to authenticate with the library.
- A "clientkey" and "clientsecret" (to be provided to NYPL by Overdrive). These keys identify the mobile app called "SimplyE", not any particular library that uses SimplyE.
- A scope string – the value you got as X-Overdrive-Scope.
Once you have a bearer token, send a GET request to the the manifest URL and pass the bearer token in the Authorization header: "Authorization: Bearer [token]".
For reference, here's the Python implementation of the Overdrive Patron Auth algorithm we use in the circulation manager.
Some extra things to watch for:
- If the library doesn't use passwords, pass "password_required=false" rather than leaving the password empty.
- Patron Auth tokens expire after an hour, so you'll need to be prepared to refresh them.
- The content links inside a manifest file are also only good for one hour, so you should be prepared to refresh the manifest.
- clones
-
-
- Done
-