I want to invoke authenticated URL on server which is SSO authenticated. For this, I am coping cookies which are there in request to HTTPClient. Below code works fine.
def cookies = []
request.getCookies().each {
def cookie = new BasicClientCookie(it.name, it.value)
cookie['domain'] = it.domain
cookie['path'] = it.path
cookie.secure = true
cookies.add(cookie)
}
// **** Setting cookies using header *****
def output = withHttp(uri: "https://testserver.com") {
def builder = delegate;
def html = get(path : '/testactoin.do',
headers:['Cookie':cookies.collect{it.name+"="+it.value}.join("; ")],
contentType : ContentType.XML,
query :
[
query: params.query,
count: params.count,
cacheName: 'contentStoreCityState',
filterString: 'address.country=CA,GB,US'
]
)
return html
}
However, if I try to set cookies using api it does not work. See code snippet below:
def cookies = []
request.getCookies().each {
def cookie = new BasicClientCookie(it.name, it.value)
cookie['domain'] = it.domain
cookie['path'] = it.path
cookie.secure = true
cookies.add(cookie)
}
def output = withHttp(uri: "https://testserver.com") {
def builder = delegate;
// **** Setting cookies using api call *****
cookies.each {
builder.client.cookieStore.addCookie(it)
}
def html = get(path : '/testactoin.do',
contentType : ContentType.XML,
query :
[
query: params.query,
count: params.count,
cacheName: 'contentStoreCityState',
filterString: 'address.country=CA,GB,US'
]
)
return html
}
What is issue in setting cookies using addCookie method? Neither it generate any exception nor any warning message.
In your first code snippet you are setting Cookie, but the header is actually Set-Cookie.
Related
We are creating API documentation for an existing Grails 4 App. We are having difficulties in understanding how to use Swagger annotations.
Let's assume the following Controller:
class IntegratorController {
def maintenanceService
def saveMaintenance() {
def message = 'success'
def status = '200'
try {
def maintenanceJson = request.JSON.maintenances
def ret=maintenanceService.processMaintenanceJSON(maintenanceJson)
} catch (Exception e) {
log.error("Error to process restricions", e)
message = 'error : ${e.getMessage()}'
status = '500'
}
def result = ['message':message]
render(status: status, contentType: "application/json", text: result as JSON)
}
}
This controller expects you to send a request JSON like this example:
{ "job":42,
"maintenances": [
{"idPort":42, "idMaintenance":42, "shipName":"myship01", "obs":"asap"},
{"idPort":43, "idMaintenance":43, "shipName":"myship02", "obs":"asap"}]}
A basic annotation will be this:
#Controller("/")
class IntegratorController {
def maintenanceService
#Post(uri="/saveMaintenance", produces = MediaType.APPLICATION_JSON)
#Consumes(MediaType.APPLICATION_JSON)
#Operation(summary = "Create one or more ship maintenance")
#ApiResponse(responseCode = "500", description = "If internal service throws an Exception")
def saveMaintenance() {
def message = 'success'
def status = '200'
try {
def maintenanceJson = request.JSON.maintenances
def savedMaintenances=maintenanceService.processMaintenanceJSON(maintenanceJson)
} catch (Exception e) {
log.error("Error to process restricions", e)
message = 'error : ${e.getMessage()}'
status = '500'
}
def result = ['message':message]
render(status: status, contentType: "application/json", text: result as JSON)
}
}
Where and how to annotate the request JSON sent in the post operation?
Thank you!
The request object is "scoped" by Grails. So you need to use #RequestBody annotation to declare what it is outside the method declaration. You also need to create classes to describe what it is because the JSON deserialization is loosely typed.
This is an example:
#Post(uri="/saveMaintenance", produces = MediaType.APPLICATION_JSON)
#Operation(summary = "Summary here",
description = "Description here",
requestBody = #RequestBody(description = "Inside Operation"), tags = ["IntegratorWebController"])
#RequestBody(description = "Description here", required = true,
content = #Content(schema = #Schema(implementation = YourRequestDAO.class, anyOf = [YourRequestDAO.class, YourRequestDAODependency.class])))
#ApiResponses(value=[
#ApiResponse(responseCode="200", description = "Return status=OK in success", content = #Content(mediaType = "application/json", schema = #Schema(implementation = YourResponseDAO.class))),
#ApiResponse(responseCode="404", description = "Return status=BAD_REQUEST if you mess up", content = #Content(mediaType = "application/json", schema = #Schema(implementation = YourResponseDAO.class)))])
def saveOrUpdateActivity(){
(...)
Well Swagger and OpenAPI are 'schemas' that are preloaded at runtime to build the call structure; GraphQL also has a schema as well to load its call structure.
I did a video on it here to help you understand how this works: https://youtu.be/AJJVnwULbbc
The way Grails did this prior to 4.0 was with plugins like the 'swagger plugin' or with BeAPI plugin (which I maintain).
I don't see a supported plugin in 4.0 so I don't see how they are doing this now.
I need to set a header in a post request: ["Authorization": request.token]
I have tried with wslite and with groovyx.net.http.HTTPBuilder but I always get a 401-Not authorized which means that I do cannot set the header right.
I have also thought of logging my request to debug it but I am not able to do that either.
With wslite this is what I do
Map<String, String> headers = new HashMap<String, String>(["Authorization": request.token])
TreeMap responseMap
def body = [amount: request.amount]
log.info(body)
try {
Response response = getRestClient().post(path: url, headers: headers) {
json body
}
responseMap = parseResponse(response)
} catch (RESTClientException e) {
log.error("Exception !: ${e.message}")
}
Regarding the groovyx.net.http.HTTPBuilder, I am reading this example https://github.com/jgritman/httpbuilder/wiki/POST-Examples but I do not see any header setting...
Can you please give me some advice on that?
I'm surprised that specifying the headers map in the post() method itself isn't working. However, here is how I've done this kind of thing in the past.
def username = ...
def password = ...
def questionId = ...
def responseText = ...
def client = new RestClient('https://myhost:1234/api/')
client.headers['Authorization'] = "Basic ${"$username:$password".bytes.encodeBase64()}"
def response = client.post(
path: "/question/$questionId/response/",
body: [text: responseText],
contentType: MediaType.APPLICATION_JSON_VALUE
)
...
Hope this helps.
Here is the method that uses Apache HTTPBuilder and that worked for me:
String encodedTokenString = "Basic " + base64EncodedCredentials
// build HTTP POST
def post = new HttpPost(bcTokenUrlString)
post.addHeader("Content-Type", "application/x-www-form-urlencoded")
post.addHeader("Authorization", encodedTokenString)
// execute
def client = HttpClientBuilder.create().build()
def response = client.execute(post)
def bufferedReader = new BufferedReader(new InputStreamReader(response.getEntity().getContent()))
def authResponse = new JsonSlurper().parseText(bufferedReader.getText())
I am writing Junit testcases for a Grails project.
Here I am using Spock framework to write testcases.
Here I am trying to test following method.
But I want to mock/stub the rest.post method. I don't want call the actual url passed.
def RestResponse restPost(String url, Map headerMap, Map jsonDataMap) {
RestBuilder rest = new RestBuilder()
RestResponse response = rest.post(url) {
headerMap.each { k, v -> header(k, v) }
header('contentType', 'application/json')
header('Accept-API-Version', 'resource=2.0,protocol=1.0')
if (jsonDataMap)
json(jsonDataMap)
}
response
}
I tried with MockFor. It is calling actual url.
void "test restPost"() {
setup:
RestResponse resMock = new RestResponse()
def httpBuildMock = new MockFor(RestBuilder)
httpBuildMock.demand.post(_) >> resMock
when:
def url = "http://testme"
def headerMap = [
'Authorization': 'Basic ' + 'encodedStr'
]
def dataMap = [
'operation': 'replace',
'field' : 'userPassword',
'value' : 'devicePassword'
]
RestResponse res = service.restPost(url, headerMap, dataMap)
then:
res
}
So how to mock/stub a particular method of class?
You could create a seperate method to create the RestBuilder so createRestBuilder and then return a mock everytime this method is called:
def RestResponse restPost(String url, Map headerMap, Map jsonDataMap) {
RestBuilder rest = createRestBuilder()
RestResponse response = rest.post(url) {
headerMap.each { k, v -> header(k, v) }
header('contentType', 'application/json')
header('Accept-API-Version', 'resource=2.0,protocol=1.0')
if (jsonDataMap)
json(jsonDataMap)
}
response
}
then define service with
def service = Spy(ServiceClass) {
// stub a call on the same object
createRestBuilder() >> Mock(RestBuilder)
}
I am trying to connect with Google using the grails oauth plugin. Following is my code
Config.groovy
oauth {
providers {
google {
api = org.scribe.builder.api.GoogleApi
key = 'XXX.apps.googleusercontent.com'
secret = 'XXXXXXX'
scope = 'https://www.googleapis.com/auth/userinfo.profile'
callback = "${grails.serverURL}/oauth/google/callback"
successUri = "${grails.serverURL}/oauthCallBack/google"
}
}
}
grails.google.api.url = "https://accounts.google.com/o/oauth2/auth"
OauthCallBackController.groovy
class OauthCallBackController {
def oauthService
def google() {
Token googleAccessToken = (Token) session[oauthService.findSessionKeyForAccessToken('google')]
def googleResource = oauthService.getGoogleResource(googleAccessToken, grailsApplication.config.grails.google.api.url)
def googleResponse = JSON.parse(googleResource?.getBody())
log.info "googleAccessToken = ${googleAccessToken}"
log.info "googleResponse = ${googleResponse}"
log.info "accesstoken = ${googleAccessToken.token}"
def googleResourceDetailed = oauthService.getGoogleResource(googleAccessToken, "https://www.googleapis.com/oauth2/v1/userinfo?access_token=${googleAccessToken.token}")
def googleResponseDetailed = JSON.parse(googleResourceDetailed?.getBody())
log.info "googleResourceDetailed = ${googleResourceDetailed}"
log.info "googleResponseDetailed = ${googleResponseDetailed}"
render params
}
}
When I trying to connect, google ask me to allow the application to access my credentials. After allowing my call back action executed(oauthCallBack/google) but I am not getting the data of my account.
Following is my output in my logs
INFO example.OauthCallBackController - googleAccessToken = Token[1/xxx , yyy]
INFO example.OauthCallBackController - googleResponse = [:]
INFO example.OauthCallBackController - accesstoken = 1/xxx
INFO example.OauthCallBackController - googleResourceDetailed = org.scribe.model.Response#2a088ca
INFO example.OauthCallBackController - googleResponseDetailed = [error:[message:Invalid Credentials, errors:[[message:Invalid Credentials, location:Authorization, reason:authError, locationType:header, domain:global]], code:401]]
I have no idea where I am wrong and why I am getting the error as response.
How can I get data from google?
Finally..,.
After lots of google search I finally figure out my problem and successfully got data from google.
The problem is in my grails.google.api.url entry in my config file.
Correct value is
grails.google.api.url = "https://www.googleapis.com/oauth2/v1/userinfo"
Now my code is
Config.groovy
oauth {
providers {
google {
api = org.scribe.builder.api.GoogleApi
key = 'XXX.apps.googleusercontent.com'
secret = 'XXXXXXX'
scope = 'https://www.googleapis.com/auth/userinfo.profile'
callback = "${grails.serverURL}/oauth/google/callback"
successUri = "${grails.serverURL}/oauthCallBack/google"
}
}
}
grails.google.api.url = "https://www.googleapis.com/oauth2/v1/userinfo"
OauthCallBackController.groovy
def google() {
Token googleAccessToken = (Token) session[oauthService.findSessionKeyForAccessToken('google')]
def googleResource = oauthService.getGoogleResource(googleAccessToken, grailsApplication.config.grails.google.api.url)
def googleResponse = JSON.parse(googleResource?.getBody())
log.info "googleAccessToken = ${googleAccessToken}"
log.info "googleResponse = ${googleResponse}"
log.info "accesstoken = ${googleAccessToken.token}"
log.info "id = ${googleResponse.id}"
log.info "name = ${googleResponse.name}"
render params
}
And my log out put is
INFO example.OauthCallBackController - googleAccessToken = Token[1/xxx , yyy]
INFO example.OauthCallBackController - googleResponse = [id:xxxxx, locale:en, link:yyyyy, name:MKB, gender:male, family_name:B, given_name:M]
INFO example.OauthCallBackController - accesstoken = 1/xxx
INFO example.OauthCallBackController - id = xxxxx
INFO example.OauthCallBackController - name = MKB
Grails Oauth Plugin Demo
My site has urls like 'http://someRandomUsername.mysite.com'.
Sometimes users will try urls like
'http://www.someRandomeUsername.mysite.com'. I'd like to have some
logic in my url mappings to deal with this.
With the mappings below when I hit the page , with or without the
unneeded www, I get:
2012-03-01 14:52:16,014 [http-8080-5] ERROR [localhost].[/ambit] -
Unhandled exception occurred whilst decorating page
java.lang.IllegalArgumentException: URL mapping must either provide a
controller or view name to map to!
Any idea how to accomplish this? The mapping is below.
Thanks!
Jason
static mappings = {
name publicMap: "/$action?/$id?" {
def ret = UrlMappings.check(request)
controller = ret.controller
userName = ret.userName
}
}
static check =
{ request ->
def tokens = request?.serverName?.split(/\./) as List ?: []
def ret = [controller:'info']
if(tokens.size() > 3 && token[0] == 'www')
{
ret.userName = tokens[1]
ret.controller = 'redirect'
ret.action = 'removeWWW'
}
else if(tokens.size() == 3)
{
ret.userName = tokens[0]
ret.controller = 'info'
}
return ret
}
Honestly, like DmitryB said, the best way to do this is via the web server, whether it's IIS, Apache, or Tomcat.
Having said that, I feel the best way to accomplish this in Grails would be using filters.
You could create something like this in your ~/conf directory:
public class StripFilters {
def filters = {
stripWWWFilter(controller: '*', action: '*') {
before = {
def tokens = request.serverName.tokenize(/\./) ?: []
if(tokens.size() > 3 && tokens[0] == 'www') {
def url = request.request.requestURL.toString().replace('www.', '')
redirect([url:url, params: [userName: tokens[1]], permanent: true])
return false
}
}
}
}
}
This should do the trick.