I need to add a signature to my request before it is tested. Hence before Pact testing happens on provider side, i need to add a signature which is generated based on the entire request. Is there a way to get the request before Pact Verification happens, so i can generate and add the signature ?
PS: I already added some other headers using CustomHeaders. But i need the request itself to generate the signature. This is for C#
Related
RequestClients in my ApiGateway are injected (using default MS DI) in HTTP request handlers (in those handlers I have access to current request scope). What I want is to automatically, for each RequestClient, to add custom message header where I could put some data from request scope. Use case is to take JWT from request and add it to message as custom header. Then on consumer side I need, for each received request, check that custom header, verify JWT, and add some data from it to consumed request scope so I could access for example IUserContext or something like that. I want to avoid manually adding jwt to message contract for example.
How I can configure MassTransit on Client and Consumer side to achieve what I want? I already read docs about middleware and pipes and observers but still I can't figure it out...
Using RabbitMQ transport.
So, this is pretty complicated to put into a post, so I created a complete sample that shows how to use MassTransit Scoped Filters.
In this sample, an action filter is registered with the controllers to automatically extract the Token header and store it so that it can be used when publishing or sending messages from a controller. The MassTransit filters are configured on the bus, so they're available to all receive endpoints.
Provider side matching is not working if I add any thing or rename or remove any field in request body of provider which is not same as contract then its not failing.
Eg inside contract file request body contain name field and the same field if I remove or rename in request body of provider (not in response) only in request then pact is not validating that.
I want to confirm at provider side will the matching work on request body?
I can see matching rule for request body in pact file but its seems like not functioning.
Adding new fields into a provider response that is not required by a Pact contract is simply ignored.
Why is this the case? Pact follows Postel's Law. Unexpected elements in a response should not cause issues for a consumer. Other consumers may have different but overlapping needs, so failing a provider build on these grounds is problematic.
From our docs, what this translates to:
Be conservative in what you send - when the mock server in the consumer project compares the actual request with the expected request, the actual request body is not allowed to contain fields that are not defined in the expected request body. We don't want the situation where our real consumer is "leaking" data that we don't know about.
Be liberal in what you accept - when verifying a pact in the provider project, the response body and headers may contain fields that were not defined in the expectations, on the assumption that any extra field will be ignored by your consumer. This allows a provider to evolve without breaking existing consumers (unlike the bad old WSDL days).
To your second point:
I want to confirm at provider side will the matching work on request body?
It sounds like it is working. It's correctly identifying breaking changes if you change the datatype, or have an unexpected response code.
If you rename a field that is required by a consumer, then that sounds like a bug (a fatal one in terms of Pact features, so I'm skeptical).
I have an application which uses Apache Camel to build an API. It basically uses blueprint.xml to define routes and processing is done by a bean(please note its not any processor bean. Just a plain Java bean). It uses Jersey client to invoke the backend system Rest API.
My requirement is to get the http headers in the code to be able to send them to our custom logging system.
a) I tried #httpHeaders annotation but this does not inject the headers on my code.
b) Since its not using any BeanProcessor i dont have an Exchange object from where i can get the header values.
Please help with a way to get header values on the code.
Add the request context to your class
#Context
private HttpServletRequest request;
and get the headers in your endpoint using request.getHeader
Returns the value of the specified request header as a String.
I have to write sign on peoplecode to make a service call by passing token (sent from third party) to API and get the responce (if token is valid responce will have username) in json format to create a PS_TOKEN.
I am fresher to peoplecode. How can I run HTTP POST request by passing token and get the response using Peoplecode?
You would create a synchronous service operation in the Integration Broker. The Integration Broker works best if you are sending XML or JSON. If this is just a regular HTTP POST with fields then it can cause some issues with the Integration Broker. I had a similar case and could not get the basic HTTP Post to work but instead ended up using HTTP POST multipart/form-data and was able to get that to work.
Steps I had to do to make this work.
Create a Message (document based or rowset based are both possible)
Create Service Operation and related objects
Create Transform App Engine to convert the Message to a HTTP POST multipart/form-data
Create a routing and modify the connector properties to send the content type of multipart/form-data. Also call the Transform app engine as part of the routing.
The issue with a application/x-www-form-urlencoded POST is that it seems PeopleSoft does another url encoding after the Transform, which is the last time you can touch the output with code. This final url encoding was encoding the = sign in the form post which made the format invalid.
Your other option would be to write this is Java and call the Java class from within PeopleSoft (or mix the Java objects in with PeopleCode). If you choose to go this way then the App Server needs to have connectivity to your authentication server. My only experience with this is I had a client that used this approach and had issues under heavy load. It was never determined the cause of the performance issue, they switched to LDAP instead to resolve the issue.
I have a endpoint called get user data which accepts a token
I need to read this token in my apigee and send it to tokenVarificationExtUrl
which gets back to me with
a) valid 200
b) userid attached with that token
now what i have to do is i need to read the response header and then conditionally check it for 200 success and then extract the userid from the response.
Once its extracted i need to attach it with another request; which i need to send to getUserData external url
which will get back to me with required user details.
I am successful of extracting data and doing conditional check. I am seeking help for
how do i send another request to getUserData external url.
You need to use a few policies in your proxy.
For example
For checking a header and throwing an error, you may want to use rasie fault policy conditionally
For making an API call to external end-point you can use service callout policy or a standard target
For exrtacting response data from json or xml payload you can use json path of xpath policies
and so on.
I suppose you may want to take a look at a few sample proxies with these functions to be able to design your own.
Check this link out. http://apigee.com/docs/content/using-sample-api-proxies