I am a newbie in JavaScript or GatewayScript. I have a requirement where I need to convert the content of a .pem (which is in DataPower under local:///cert or can be added into a crypto object) to JWK.
Could anyone help me with the starting point on how to develop a javascript to
refer the crypto key object from DataPower (example crypto key
object JWKCryptoCertObj)
Decrypt the crypto key object (example
JWKCryptoCertObj.pem)
Convert the content of the key to JSON Web Key (jwk.readCertificate())
So far I have got to know that jwk.readCertificate() can help me to convert a key object to a JWK.
I have tried the below piece of code to fetch it:
var jwk = require('jwk');
var myJWK = jwk.readCertificate('cerjwk');
console.log(myJWK);
However, I get the below error in DataPower:
3:13:17 AM mpgw error 1277869681 error 0x00d30003 mpgw (PortTest): Rejected by filter; SOAP fault sent
3:13:17 AM multistep error 1277869681 request 0x80c00009 mpgw (PortTest): request PortTest_Policy_rule_1 #2 gatewayscript: Transforming the content of INPUT. The transformation local:///jwk.js is applied. The results are stored in testop. failed: Internal Error
3:13:17 AM gatewayscript error 1277869681 request 0x85800007 mpgw (PortTest): GatewayScript processing Error 'Error: Named certificate 'cerjwk' not found In file 'gatewayscript:///modules/jwk.js' line:428, stack:Error: Named certificate 'cerjwk' not found at Object.readCertificate (gatewayscript:///modules/jwk.js:428:18) at Object. (local:///jwk.js:5:17) at Script.execute (gatewayscript:///datapower.js:155:24) at Object. (gatewayscript:///datapower.js:582:55)'
3:13:17 AM crypto error 1277869681 request 0x8580005c mpgw (PortTest): Named certificate 'cerjwk' not found
Could anyone help me with the issue here? Thanks in advance!!
There is no need to convert the certificate. Just add it into a Crypto Key object and use the name (e.g. "crykey-my-key") of the object in the call, e.g.:
const jwk = require('jwk');
const myKeyJWK = jwk.readCertificate('crykey-my-key');
It finally worked, the thing that was needed to be changed was the cert, instead of the key.
Here is the working code:
var ctx = session.name('INPUT')|| session.createContext('INPUT');
var hm = require('header-metadata');
//var headers = hm.current;
var sm = require('service-metadata');
var uriIn=sm.getVar("var://service/URI");
var jwk = require('jwk');
var myJWK = jwk.readCertificate('qa.developer.citigroup.net');
//headers.set('X-new-header', myJWK);
//headers.set('Content-Type','application/json');
console.log(myJWK);
ctx.setVariable('yourjwk',myJWK);
session.output.write(myJWK);
Related
I'm trying some basic API Connect tutorials on IBM's platform (running locally using loopback) and have got completely stuck at an early point.
I've built a basic API service with some in-memory data and setter / getter functions. I've then built a separate API which takes two GET parameters and uses one of my getter functions to perform a search based on two criteria. When I run it, I successfully get a response with the following JSON object:
[{"itemId":1,"charge":9,"itemSize":2,"id":2}]
I've then tried to add a piece of server logic that modifies the response data - at this point, I'm just trying to add an extra field. I've added a Javascript component in the Assemble view and included the following code (taken from a tutorial), which I thought should modify the message body returned by the API while still passing it through:
//APIC: get the payload
var json = apim.getvariable('message.body');
//console.error("json %s", JSON.stringify(json));
//same: code to inject new attribute
json.platform = 'Powered by IBM API Connect';
//APIC: set the payload
//message.body = json;
apim.setvariable('message.body', json);
Instead of getting an extra JSON parameter ("platform"), all I get is a 500 error when I call the service. I'm guessing that I'm doing something fundamentally wrong, but all the docs suggest these are the right variable names to use.
You can't access json.platform but at that point json variable is json type. Are you sure that you can add a property to a json type variable if your json object lacks of that property? I mean: What if you first parse the json variable of json type to a normal object, then add new property, and finally stringify to json type again for body assigning purposes?
var json = JSON.parse(apim.getvariable('message.body')); //convert to normal object
json.platform = 'Powered by IBM API Connect'; //add new property
apim.setvariable('message.body', JSON.stringify(json)); //convert to json again before setting as body value
You need to get the context in some determined format, and in this function do your logic. For example if your message is in json you need to do:
apim.readInputAsJSON(function (error, json) {
if (error)
{
// handle error
apim.error('MyError', 500, 'Internal Error', 'Some error message');
}
else
{
//APIC: get the payload
var json = apim.getvariable('message.body');
//console.error("json %s", JSON.stringify(json));
if(json){
//same: code to inject new attribute
json.platform = 'Powered by IBM API Connect';
//APIC: set the payload
//message.body = json;
apim.setvariable('message.body', json);
}
}
});
Reference:
IBM Reference
You have the message.body empty, put a invoke/proxy policy before your gateway/javascript policy for example.
Facing an issue while creating SHA1 from javascript and java. The problem is both are different. It is used for validating the client request to web server. That means client send a based64 encoded security key to server and server regenerate the same key and equate both are same. Please find below code for generating secret keys in client and server.
Server
MessageDigest mDigest = null;
try {
mDigest = MessageDigest.getInstance("SHA1");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
String input = value1 + value1 + server_key;
byte[] result = mDigest.digest(input.getBytes());
String secret = Base64.encodeToString(result, Base64.NO_WRAP);
...
//comparison logic goes here
...
Client (java script)
var input = value1 + value2 + server_key;
//http://code.google.com/p/crypto-js/
var hash = CryptoJS.SHA1(input);
var encoded = base64Encode(hash.toString());
//WEB SERVICE INVOCATION FROM JAVASCRIPT GIES HERE.
The values value1, value1, server_key will be available in both client and server. The issue we are facing is, the SHA1 generated in both client and server is not matching. I understand the issue is in java its using getBytes() and in javascript using string value for generating SHA1. The CryptoJS.SHA1 does not support bytearray as parameter. We cannot change the server code as it is used by many client applications. Any help will be much appreciated.
In Java ->
byte[] result = mDigest.digest(input.getBytes());
and in JavaScript ->
var hash = CryptoJS.SHA1(input);.
I belief this is the problem. In java the parameter is a bytearray and output is also a bytearray. But in javascript the parameter is var (string) and return is also var (string). I 've also compared the output of CryptoJS.SHA1 with some online SHA1 generating tools. The comparison is true. I am not an expert in this area. If you can explain more, it will be more helpful.
I managed it to do in another way. My application is a cordova based application. So generated the sha1 and encoded it from java and objC and invoked it using cordova plugins.
using https://www.npmjs.com/package/slack-client
expects you to make an extra file just for the token and to get it you must do
process.env.SLACK_API_TOKEN
I don't like this approach of creating a file just for the sake of a token!
My code is server side, already in a directory that users cannot see so I would like to just write the token into the javascript as an object/string/array
I have so far failed with array
var token=[
'SLACK_TOKEN=xxxx'
, 'SLACK_CLIENT_ID=xxxx'
, 'SLACK_CLIENT_SECRET=xxxx'
];
and string
var token=
'SLACK_TOKEN=xxxx\n'
+ 'SLACK_CLIENT_ID=xxxx\n'
+ 'SLACK_CLIENT_SECRET=xxxx'
;
and object
var token={
SLACK_TOKEN:'xxxx'
, SLACK_CLIENT_ID:'xxxx'
, SLACK_CLIENT_SECRET:'xxxx'
};
Everyone else's apis just get you to put things like secret keys inside srings or objects like normal! How can I do this the normal way?
process.env.SLACK_API_TOKEN isn't a file, it's an environment variable. The advantage of keeping your API key there is that you can't accidentally commit it to version control. That said, the page you linked to makes it pretty clear that you don't have to use it:
var RtmClient = require('slack-client').RtmClient;
var token = process.env.SLACK_API_TOKEN || '';
var rtm = new RtmClient(token, {logLevel: 'debug'});
rtm.start();
Just set the token variable to your API token, then pass it as the first parameter to new RtmClient():
var RtmClient = require('slack-client').RtmClient;
var token = 'YOUR SLACK API TOKEN';
var rtm = new RtmClient(token, {logLevel: 'debug'});
rtm.start();
We are trying to create an entity that has date attributes via an odata service. Backend is an sap system. This entity has only 3 key attributes plus a bunch of other attributes. We have identified that dates in the keys are the root cause of the problem.
Keys:
Pernr type string,
begda type datetime
endda type datetime.
The code below, (which does not work), has been severely simplified when trying to troubleshoot the issue. At the moment, it reads an entity from an entity set and immediately tries to create one with exactly the same data.
Code:
var oODataModel = new sap.ui.model.odata.ODataModel("/sap/opu/odata/sap/Z_PERSONAL_DATA_SRV/");
//Test entity to be saved
var entity = null;
//Handler for read error
var handleReadE = function (oEvent){
alert("error");
};
//Handler for read success
var handleRead = function (oEvent){
//Get the data read from backend
entity = oEvent.results[0];
//Try to create a new entity with same data
oODataModel.create('/PersDataSet', entity, null, function(){
alert("Create successful");
},function(oError){
alert("Create failed", oError);
});
};
oODataModel.read("/PersDataSet", null, [], true, handleRead, handleReadE);
In the gateway error log, an xml parsing error appears. In this log, we can see the request data and it can be seen that the dates are transported with String types. These dates are defined in the service as DateTimes so the request is rejected.
Example:
<m:properties>
<d:Pernr m:type="Edm.String">00000001</d:Pernr>
<d:Endda m:type="Edm.String">9999-12-31T00:00:00</d:Endda>
<d:Begda m:type="Edm.String">1979-05-23T00:00:00</d:Begda>
When the entity is read, the backend does not send any type information. It sends like the following example:
<m:properties>
<d:Pernr>72010459</d:Pernr>
<d:Endda>9999-12-31T00:00:00</d:Endda>
<d:Begda>1876-07-21T00:00:00</d:Begda>
And, indeed, if we try to save the same info without the type=".." it works. So the problem are the incorrect types ODataModel.create adds to the xml.
My question is:
Can I tell ODataModel.create to not add this type info? It is not doing a good job inferring the types.
Can anyone share an example reading and writing dates through odata?
Thank you very much in advance.
the data returned from oODataModel.read is raw, before you post you need to parse it
var handleRead = function (oEvent){
//Get the data read from backend
entity = oEvent.results[0];
var newEntity = jQuery.extend({},entity);
delete newEntity.__metadata;
newEntity.Begda = new Date(entity.Begda);
newEntity.Endda = new Date(entity.Endda);
//Try to create a new entity with same data
oODataModel.create('/PersDataSet', newEntity, null, function(){
why not use json instead of xml?
Thanks all for the help.
We got this working accounting for the following:
The problem of the wrong types appended to the attributes comes from the read itself. The object returned by read has a __metadata attribute which describes the values. In this object the dates are set with type=edm.string, even when the service says they are DateTime. To me this is a bug of the .read function.
When trying to use the same object to save, create sees the __metatada on the entry and uses those values, producing type edm.string type for the dates. This caused the request to be rejected. Manually changing these __metadata.properties...type to Edm.DateTime makes it work.
In the end, we did the following:
Dates are parsed manually from the Odata response, creating a js Date
object from the strings in format "yyyy-mm-ddT00:00:00", to make it work with control bindings. When we want to save, the reverse is done.
The object to be created is a new object with
only the attributes we care (no __metadata)
I'm trying to implement a REST interface under IIS5.1/ASP-classic (XP-Pro development box). So far, I cannot find the incantation required to retrieve request content variables under the PUT HTTP method.
With a request like:
PUT http://localhost/rest/default.asp?/record/1336
Department=Sales&Name=Jonathan%20Doe%203548
how do I read Department and Name values into my ASP code?
Request.Form appears to only support POST requests. Request.ServerVariables only gets me to header information. Request.QueryString doesn't get me to the content either...
Based on the replies from AnthonyWJones and ars I went down the BinaryRead path and came up with the first attempt below:
var byteCount = Request.TotalBytes;
var binContent = Request.BinaryRead(byteCount);
var myBinary = '';
var rst = Server.CreateObject('ADODB.Recordset');
rst.Fields.Append('myBinary', 201, byteCount);
rst.Open();
rst.AddNew();
rst('myBinary').AppendChunk(binContent);
rst.update();
var binaryString = rst('myBinary');
var contentString = binaryString.Value;
var parameters = {};
var pairs = HtmlDecode(contentString).split(/&/);
for(var pair in pairs) {
var param = pairs[pair].split(/=/);
parameters[param[0]] = decodeURI(param[1]);
}
This blog post by David Wang, and an HtmlDecode() function taken from Andy Oakley at blogs.msdn.com, also helped a lot.
Doing this splitting and escaping by hand, I'm sure there are a 1001 bugs in here but at least I'm moving again. Thanks.
Unfortunately ASP predates the REST concept by quite some years.
If you are going RESTFull then I would consider not using url encoded form data. Use XML instead. You will be able to accept an XML entity body with:-
Dim xml : Set xml = CreateObject("MSXML2.DOMDocument.3.0")
xml.async = false
xml.Load Request
Otherwise you will need to use BinaryRead on the Request object and then laboriously convert the byte array to text then parse the url encoding yourself along with decoding the escape sequences.
Try using the BinaryRead method in the Request object:
http://www.w3schools.com/ASP/met_binaryread.asp
Other options are to write an ASP server component or ISAPI filter:
http://www.codeproject.com/KB/asp/cookie.aspx