Supporting custom contentTypes for service invoker

merge-requests/7/head
Rasika Perera 8 years ago
parent 036ed6fe41
commit b8f623e04a

@ -27,6 +27,12 @@ var devicemgtProps = require("/app/modules/conf-reader/main.js")["conf"];
var serviceInvokers = require("/app/modules/oauth/token-protected-service-invokers.js")["invokers"];
if (uriMatcher.match("/{context}/api/invoker/execute/")) {
//NOTE: We are only interested in Content-Type headers. Appending all request headers to the back-end call
// will cause unforeseen security issues.
var contentType = request.getHeader(constants.CONTENT_TYPE_IDENTIFIER);
var requestHeaders = [];
requestHeaders.push({"name": constants.CONTENT_TYPE_IDENTIFIER, "value" : contentType});
var restAPIRequestDetails = request.getContent();
var requestMethod = restAPIRequestDetails["requestMethod"];
@ -57,7 +63,8 @@ if (uriMatcher.match("/{context}/api/invoker/execute/")) {
if (restAPIResponse["responseText"]) {
response["content"] = restAPIResponse["responseText"];
}
}
},
requestHeaders
);
break;
case constants["HTTP_POST"]:
@ -69,7 +76,8 @@ if (uriMatcher.match("/{context}/api/invoker/execute/")) {
if (restAPIResponse["responseText"]) {
response["content"] = restAPIResponse["responseText"];
}
}
},
requestHeaders
);
break;
case constants["HTTP_PUT"]:
@ -81,7 +89,8 @@ if (uriMatcher.match("/{context}/api/invoker/execute/")) {
if (restAPIResponse["responseText"]) {
response["content"] = restAPIResponse["responseText"];
}
}
},
requestHeaders
);
break;
case constants["HTTP_DELETE"]:
@ -92,11 +101,15 @@ if (uriMatcher.match("/{context}/api/invoker/execute/")) {
if (restAPIResponse["responseText"]) {
response["content"] = restAPIResponse["responseText"];
}
}
},
requestHeaders
);
break;
}
} catch (e) {
//Since this is an API we'll log the error message.
log.error(e.message); // JavaScript error message
log.error(e.stack); // Executed JavaScript file stack
throw new Error("Exception occurred while trying to access " +
"backend REST API services from Jaggery API invoker layer", e);
}

@ -73,11 +73,26 @@ var invokers = function () {
var xmlHttpRequest = new XMLHttpRequest();
xmlHttpRequest.open(httpMethod, endpoint);
var contentTypeFound = false;
var acceptTypeFound = false;
for (var i in headers) {
xmlHttpRequest.setRequestHeader(headers[i].name, headers[i].value);
if(constants["CONTENT_TYPE_IDENTIFIER"] == headers[i].name){
contentTypeFound = true;
}
if(constants["ACCEPT_IDENTIFIER"] == headers[i].name){
acceptTypeFound = true;
}
}
if (!contentTypeFound) {
xmlHttpRequest.setRequestHeader(constants["CONTENT_TYPE_IDENTIFIER"], constants["APPLICATION_JSON"]);
}
if (!acceptTypeFound) {
xmlHttpRequest.setRequestHeader(constants["ACCEPT_IDENTIFIER"], constants["APPLICATION_JSON"]);
}
if (devicemgtProps["isOAuthEnabled"]) {
var accessToken = privateMethods.getAccessToken();
@ -284,23 +299,37 @@ var invokers = function () {
//noinspection JSUnresolvedVariable
var Header = Packages.org.apache.commons.httpclient.Header;
var contentTypeFound = false;
var acceptTypeFound = false;
for (var i in headers) {
var header = new Header();
header.setName(headers[i].name);
header.setValue(headers[i].value);
httpMethodObject.addRequestHeader(header);
if(constants["CONTENT_TYPE_IDENTIFIER"] == headers[i].name){
contentTypeFound = true;
}
if(constants["ACCEPT_IDENTIFIER"] == headers[i].name){
acceptTypeFound = true;
}
}
var header = new Header();
if(!contentTypeFound){
header.setName(constants["CONTENT_TYPE_IDENTIFIER"]);
header.setValue(constants["APPLICATION_JSON"]);
//noinspection JSUnresolvedFunction
httpMethodObject.addRequestHeader(header);
}
if(!acceptTypeFound) {
header = new Header();
header.setName(constants["ACCEPT_IDENTIFIER"]);
header.setValue(constants["APPLICATION_JSON"]);
//noinspection JSUnresolvedFunction
httpMethodObject.addRequestHeader(header);
}
if (devicemgtProps["isOAuthEnabled"]) {
var accessToken = privateMethods.getAccessToken();

Loading…
Cancel
Save