Together with the REST Service features, you can use the normal security interceptor features as described on Security Model pp.
The authentication headers can be accessed via the Bridge REST Test Tool, to e.g. set them for testing purposes.
Click Authorize in the top right corner to enter the credentials.
If you want to use authentication with a REST service, set the tags tokenType, tokenHeaderName, and useBasicAuth on the REST service component in the component diagram.
Setting these tagged values does not implement anything yet. The authorization headers have to be inspected in a security interceptor preprocessor to implement authentication and authorization.
In the preprocessor of you security interceptor, you can implement the authentication process.
To read the REST HTTP headers, use getRestHttpRequest()
.
Figure: getRestHttpRequest()
Receive the result in an object of type Request and get all request headers in an array object of type HeaderField.
HeaderField is a type containing a key value pair (see Request and Response Types).
To get the API key value pair from the request headers array, look for the API key name you defined in the component diagram. In our example, this is "API-Key".
Figure: Lookup API Key
To get the Authorization key value pair from the request headers array, look for "Authorization".
Figure: Lookup Authorization Header
To decode the base64 encoded basic authentication header value, use operations convertBase64ToBlob()
and transcodeToString()
.
Remove string "Basic " from the beginning of the header value, e.g.
local cred = ""; set cred = authHeader.value.substringAfter("Basic "); |
Convert the base64 string to a Blob object using convertBase64ToBlob()
, e.g.
set credentials = cred.convertBase64ToBlob(); |
Convert the Blob object to a readable string using transcodeToString()
, e.g.
set cred = credentials.transcodeToString("UTF-8"); |
Split user and password from the credentials string, e.g.
set user = cred.substringBefore(":"); set password = cred.substringAfter(":"); |