Skip to content

P6Rest

Platform 6 representational state transfer Consumer are HTTP endpoints that can be defined and dynamically deployed to capture any number of requests.

For more information about the Camel REST DSL: https://camel.apache.org/rest-dsl.html

Example

This example demonstrates how several routes can be included in the same event definition script. By adding a P6Rest component to Camel, we extend the standard Camel REST API syntax allowing restful routes to be hosted by Platform 6.

Warning

Any incoming REST headers which clash with what is defined in the to endpoint IE: p6cmb://scripts?platform6.request.action=execute&id=RestHello will be prepended by a _. So if a header comes in to a rest route, with the aforementioned final endpoint, titled as id it will be renamed _id

Template: Dev_BaseRestRoute.groovy

${addRoutes} :=

// Simple endpoint that calls a script without authentication
rest("/public/say")
    .get("/hello")
    .to("p6cmb://scripts?platform6.request.action=execute&id=RestHello")
    .routeId("RestOne")

// An endpoint that calls another route
rest("/public/say")
    .get("/bye")
    .to("direct:bye")
    .routeId("RestTwo")

// Authenticated endpoint because published under /apis
rest("/apis/say")
    .post("/tankalert")
    .consumes("application/json")
    .produces("application/json")
    .to("p6cmb://scripts?platform6.request.action=execute&id=RestTank")
    .routeId("RestThree")

from("direct:bye")
    .transform()
    .constant("Bye World")
    .routeId("RestFour")

${destroyRoutes} :=

p6.camel.destroyRoute('RestOne')
p6.camel.destroyRoute('RestTwo')
p6.camel.destroyRoute('RestThree')
p6.camel.destroyRoute('RestFour')

Warning

The context path REST endpoints defined with a root of /apis/ will be inspected for a valid access-token by the instance issued by P6 Auth otherwise the endpoints are un-authenticated.

A Platform 6 service called via this component can return a p6rest.body variable that will be mapped to the Exchange Message Out body so enabling any REST response content to be returned:

p6.pipeline.put("body","{ success: true }")

Other response headers used to create a REST response

  • Content-Type
  • CamelHttpResponseCode
  • p6rest.* (any header prefixed will be added without the prefix)
  • body-uri ( Since 6.10.3) to send the reference of the body using a file URI

Warn

( Since 6.10.5) After consumption the source file define in the body-uri is deleted

Body reference

p6.pipeline.put('CamelHttpResponseCode', '200')
p6.pipeline.put('Content-Type', 'application/octet-stream')
p6.pipeline.put('body-uri', 'file:///opt/p6core.data/path/to/file.pdf')

When an authenticated user makes a call to a REST endpoint, additional information is added to the response headers:

  • platform6.request.user
  • platform6.request.user.permissions

A practical way of checking permissions prior to executing the script called by the endpoint is to call the hasPermissionsUsingPipelineRequest() DSL function as follows:

def canReadInvoices = p6.permissions.hasPermissionsUsingPipelineRequest("invoices", "read")
if (!canReadInvoices) {
    p6.pipeline.put("CamelHttpResponseCode", "401")
    p6.pipeline.put("body", "The user doesn't have the permission 'invoices=read' to call this endpoint")
    return
}

// Rest of the processing ...

When the REST endpoint is public, the user information added to the request headers is:

Testing the endpoint through P6 Proxy

Say you want to test an endpoint, that is /public/invoices/single_pdf?invoice=XXX, where XXX should be replaced by the invoice ID. Calling this endpoint, when deployed on an instance behind the P6 Proxy, is done as follows:

https://stagingproxy.amalto.io/public/invoices/single_pdf?baseUrl=https://sidetrade-eu.platform6.io/p6&invoice=XXX&p6proxyNoToken

Where:

  • stagingproxy.amalto.io is the address of the P6 Proxy in staging
  • https://sidetrade-eu.platform6.io/p6 is the base context of the Sidetrade EU instance
  • p6proxyNoToken is an additional query parameter to bypass the JWT token validation of P6 Proxy. You could equally pass a header X-P6Proxy-NoToken: <any value> to have the same effect, The header will be removed before forwarding the request to its destination.