Together with the REST Service features, you can use the normal security interceptor features as described on Security Model pp.

BRIDGE > REST Service Authentication > security_model.png

The authentication headers can be accessed via the Bridge REST Test Tool, to e.g. set them for testing purposes.

BRIDGE > REST Service Authentication > swagger_authorization.png

Click Authorize in the top right corner to enter the credentials.

Enabling Authentication

If you want to use authentication with a REST service, set the tags tokenType, tokenHeaderName, and useBasicAuth on the REST service component in the component diagram.

Setting these tagged values does not implement anything yet. The authorization headers have to be inspected in a security interceptor preprocessor to implement authentication and authorization.

Implementing Authentication

In the preprocessor of you security interceptor, you can implement the authentication process.

Read the authentication headers (see Reading the REST HTTP Headers further below), which are
- Authorization for basic authentication
  The basic authentication headers are base64 encoded. You have to decode them before usage.
- <name of token header> in component diagram for token authentication
Decode the basic authentication if necessary (see Decoding Basic Authentication further below).
Implement your security settings depending on the header values.
In case of the REST Support Manager example, this is a very simplified role assignment based on hard coded header values.

Reading the REST HTTP Headers

To read the REST HTTP headers, use getRestHttpRequest().

Figure: getRestHttpRequest()

BRIDGE > REST Service Authentication > get_rest_http_request.png

Receive the result in an object of type Request and get all request headers in an array object of type HeaderField.
HeaderField is a type containing a key value pair (see Request and Response Types).

Getting the API Key from the Request Headers

To get the API key value pair from the request headers array, look for the API key name you defined in the component diagram. In our example, this is "API-Key".

Figure: Lookup API Key

BRIDGE > REST Service Authentication > lookup_api_key.png

Getting the Authorization Headers from the Request Headers

To get the Authorization key value pair from the request headers array, look for "Authorization".

Figure: Lookup Authorization Header

BRIDGE > REST Service Authentication > lookup_basic_authentication.png

Decoding Basic Authentication

To decode the base64 encoded basic authentication header value, use operations convertBase64ToBlob() and transcodeToString().
BRIDGE > REST Service Authentication > decode_basic_athentication.png

Remove string "Basic " from the beginning of the header value, e.g.

local cred = "";
set cred = authHeader.value.substringAfter("Basic ");

Convert the base64 string to a Blob object using convertBase64ToBlob(), e.g.
set credentials = cred.convertBase64ToBlob();
Convert the Blob object to a readable string using transcodeToString(), e.g.
set cred = credentials.transcodeToString("UTF-8");

Split user and password from the credentials string, e.g.

set user     = cred.substringBefore(":");
set password = cred.substringAfter(":");