It seems that when we use Swagger (SpringDoc) UI for the gateway, when a request is sent through it, the request is made directly to the service and not through the gateway. For example, in this example (linked from SpringDoc documentation), the swagger ui address is 158.101.191.70 while the request is being made to 172.17.0.9.
Isn't an important point of using swagger to let API users know what APIs we have and be able to test them? Thus, shouldn't the requests be made through the gateway and not directly? Maybe, they don't even have access to the services directly. Is there a solution?
Related
An ex-employee planned a Microservice Architecture which is being implemented now. I've few question regarding the design and I'd highly appreciate your feedbacks.
Explanation
Dematerialized UI has a matching dematerialized API.
Dematerailized API validates the user and generates token via SSO Library.
Flight API does the I/O validation & validate the request via validate request microservice
Flight API calls Booking API to get some bookings based on the UserId
Flight API calls Print Booking API to generate Messages using Generate Message Microservice
Print Booking API must call Data Access API to get data and then call Generate PDF microservices.
Data Access API calls the database for data.
My Project Structure
FlightBookingsMicroserice.V1 //solution
ApiGatways //folder
DMZ.API/DMZ.API.csproj //Folder/project
BuildingBlocks
EventBus/EventBus.csproj
EventBus/EventBusRabbitMQ
Services
SSO
SSO.API/SSO.csproj
SSO.UnitTests
Flight
Flight.API/Flight.API.csproj
Flight.UnitTets
//Similar for all
ValidationRequest
Booking
PrintBooking
PrintBooking.API.csproj
DataAccess
DataAccess.API.csproj
GeneratePDF
GenerateMessage
UI
UI
Docker-compose
Questions
Should I be using ocelot in DMZ.API.csproj, Flight API and Print Booking API.
Is my project structure a Microservice way of development
Should I continue to use ASP.NET Core Web API with .NET 6 for Dematerialized API in orange, Function API in blue and Microservice in purple projects.
For validation, since the SSO is passed from Dematerialized UI what if the token expires while CRUD operations
is already performed for some stages [rolling back changes is a hassle].
Should each API access to an identidy server and validate the user passed and generate its own token for its
services in purple.
Thank you in advance.
The core question is if you really need all those services and if you perhaps are making things too complicated. I think the important thing is to really consider and really make sure you justify why you want to go through this route.
If you do synchronous API calls between the services, that creates coupling and in the long run a distributed monolith.
For question #4, you typically use one access token for the user to access the public service, and then you use a different set of internal tokens (machine-to-machine also called client credentials in OpenID Connect parlor) between services that have a totally different lifetime.
q1: ocelot is an API GATEWAY which is the entry point for your requests. so it should be the first layer/service meet by user request in front of your services and it forwards the request to the service according to its configuration. so it is lay in the front for all services you have. some arch provide another api gateway for different reasons like specific api gateway for mobiles request for example.
q2: as looking separate services (i cant understand function api but i assume they are services also ) yes but the microservices development is not just about separating things, its about design and identifying the services from business context (Domain Driven Design).its very challenging to identify services and their size and the way they are communicate to each other (asynchronous communication and synchronous communication).
q3: microservices is not about languages and frameworks.one of benefits of microservices architecture is its not language or framework dependent. the may be multiple languages used in microservices. choosing languages it depends on organization policy or your own reasons. if you are .net developer then go for .net.
q4: all the services are registered with identity server and they validate the given token by it. the identity server generate token (there may be multiple tokens) with scopes . the request from identified users always has the token in the headers and the services validate incoming token by referring identity server. this tokens has lifetime and also identity server generates refresh tokens in case of expiry of current token. please look at Oauth docs and rfc. also this https://www.youtube.com/watch?v=Fhfvbl_KbWo&list=PLOeFnOV9YBa7dnrjpOG6lMpcyd7Wn7E8V may helped. you can skip the basic topics. i learned a lot from this series.
I'm using Swagger w/ AWS API Gateway. In order to fully support CORS, I have several OPTIONS methods in my swagger file; they exist only to tell API Gateway to return CORS headers so that preflight requests from my Angular app succeed.
However, when I use Swagger codegen to generate the API, all of those OPTIONS methods come across in my service as real methods. I don't want this to be the case.
How can I tell Swagger Code Gen to skip over certain, specific methods; for instance, putting a tag on the OPTIONS methods so that Swagger CodeGen doesn't generate code for those particular HTTP verbs?
I use AWS Lambda as a backend service to authenticate users from my ios app. When learning about Lambda I was pointed to use the Amazon API Gateway to make the data over the network go over HTTPS:// and NOT HTTP://.
Someone recently pointed out that all calls to AWS Lambda, DynamoDB, S3, and Cognito directly from my app automatically go over HTTPS://. Is this true or not?
Unfortunately the docs are not explicit on the matter, that I could find, but inspecting the source on github:
AWSService, one of the base services used by the sdk, uses https by default, and will only switch to http if the AWSServiceConfiguration particular configuration is established with the parameter useUnsafeUrl set to true.
And AWSLambdaService, even if initialised with a configuration object, appears to set the useUnsafeUrl option to NO.
So - inspection of the source suggests that all access to the service is by default https.
This is consistent with AWS SDK defaults in other languages/frameworks as well.
-- Edited to note --
I had a thought after posting this - it's possible that the advice to use API Gateway for https was based on the common practice of exposing Lambda functions as API endpoints. If you want to do that, then API Gateway gives you a way, and if you are using API Gateway, then you do need to ensure it is configured to use https.
What is not clear from your question is - from your app, are you invoking the lambda functions via the API Gateway endpoint? Or directly via the AWS SDK? If invoking directly via the AWS SDK then there is no need to use API Gateway at all.
If you are already using the API Gateway, and issuing HTTPS web requests to invoke your lambda functions, I wouldn't necessarily stop, because it gives you a nice point of abstraction and decoupling - you could completely change your backend implementation and as long as you keep the API Gateway endpoint configuration the same, your clients will still work. Alternatively, you could start to implement other clients or expose your API to 3rd party clients who aren't in a position to use AWS SDK and they will still be able to interract with your backend via standard HTTP protocols.
I am trying to Expose a WSDL in WSO2 API Manager, by selecting WSDL Endpoint in the Implementation tab.
And providing the service name and Port respectively.
But while testing the same, from Api Store, the response is 0 - No response body. Also the WSDL is not being invoked.
Please help with this.
I have checked many blogs and videos, but can't find exact solution.
Ex WSDL that I am using is: https://ws.cdyne.com/phoneverify/phoneverify.asmx?wsdl
Used the same wsdl and expose the service using api manager and got the response from the web server. But as per the query posted above you are testing the soap service using api store. There may be mismatch the param you are posting to web service. Therefore use tool like soapUI to test the web service.
User the followings while exposing the SOAP Service
SOAP WSDL - https://ws.cdyne.com/phoneverify/phoneverify.asmx?wsdl
SOAP Endpoint - https://ws.cdyne.com/phoneverify/phoneverify.asmx
Reference -
[1] http://blog.rajkumarr.com/2015/08/how-to-expose-soap-services-as-soap-services-via-wso2-api-manager.html
[2] http://www.vitharana.org/2015/01/soap-web-service-as-rest-api-using-wso2.html
[3] https://docs.wso2.com/display/AM191/Invoke+an+API+using+a+SOAP+Client
I am new to web services even after watching a lot of videos and reading a large number of tutorials on WSDL I am unable to understand how to get URL for a method of web service from WSDL. the WSDL file I am provided with is this http://cons.epackagepro.com/m/Service.svc?wsdl I want to call a login method of this web service. Can somebody explain that how to extract exact url for a web service/web service method from a WSDL file and how to pass parameters to a web service (in this particular case I want to call login). All the tutorials I watched tells that service tag of WSDL file has an address tag which tells about the url of the service but this WSDL does not contains one.
One last thing, can I call this service with soap, even soap is not used in binding. And what if I want to call it using HTTP GET / HTTP POST method, how parameters will be provided.
My main concern is how to get url of a web service / web service method from WSDL? The platform for which I want to use it is IOS.
Thanks in advance.