You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ofbiz.apache.org by Jacques Le Roux <ja...@les7arts.com> on 2020/08/02 07:40:28 UTC
Re: REST implementation
Hi Girish,
I'm just starting to review so I may miss things. Just a question for now. We have an option at
https://demo-trunk.ofbiz.apache.org/webtools/control/ServiceList?sel_service_name=testScv
to (Show wsdl <https://demo-trunk.ofbiz.apache.org:443/webtools/control/ServiceList?sel_service_name=testScv&show_wsdl=true>)
Would it be possible to have the same for REST?
Thanks
Jacques
Le 31/07/2020 à 10:32, Girish Vasmatkar a écrit :
> Greetings!
>
> I have created a PR to add a REST component -
> https://github.com/apache/ofbiz-plugins/pull/35 . Please take a look
> and let me know what you think and let me know if you face any issues. I
> intend to merge it in a week from now.
>
> With the PR (https://github.com/apache/ofbiz-framework/pull/214) to add
> "action" attribute to the service definition now merged, this above
> component should be able to expose exportable (export=true) and
> actionable(action=GET|POST) services via REST.
>
> Once the changes for nested attributes (OFBIZ-11902
> <https://issues.apache.org/jira/browse/OFBIZ-11902>) are done, I will also
> be making corresponding changes in the GraphQL plugin to account for nested
> attributes. OFBIZ-11902
> <https://issues.apache.org/jira/browse/OFBIZ-11902> will
> help in defining complex GraphQL mutations.
>
> I am parallelly also working on designing an XML DSL for REST that should
> allow tying up REST resources with OFBiz services.
>
> Best,
> Girish
>
>
>
> On Thu, Jul 9, 2020 at 6:27 PM Shi Jinghai <hu...@hotmail.com> wrote:
>
>> Hi Girish,
>>
>> Yes, you got it.
>>
>> Web browser will popup a login dialog when response code is 401:
>> setResponseHeader("WWW-Authenticate", "Bearer realm=\"authentication
>> required\"");
>>
>> The popup is skipped and then react/vue/angular can handle the response:
>> setResponseHeader("WWW-Authenticate", "OFBiz realm=\"authentication
>> required\"");
>>
>>
>> 发件人: Girish Vasmatkar<ma...@hotwaxsystems.com>
>> 发送时间: 2020年7月9日 14:54
>> 收件人: dev@ofbiz.apache.org<ma...@ofbiz.apache.org>
>> 主题: Re: REST implementation
>>
>> Hi Shi
>>
>> Thanks for taking a look at it. I have a question on "WWW-Authenticate"
>> header so please clarify and I can make appropriate changes accordingly -
>>
>> All I am finding is that to prevent the pop-up, either return 403 (which I
>> do not want to do) or not include "WWW-Authenticate" header at all (not
>> inclined to do this as well because then we would be violating the spec).
>> Do you mean to NOT start the value of the header with "Bearer" ?
>> so instead of below
>>
>> *WWW-Authenticate: Bearer realm="Access to OFBiz", charset="UTF-8"*
>>
>> should we change it to
>>
>> *WWW-Authenticate: xBearer realm="Access to OFBiz", charset="UTF-8"*
>>
>> I did not test it, but I can just change it like this without testing if
>> you can please confirm it will prevent the browser dialog.
>>
>> Thanks again for the review.
>>
>> Best,
>> Girish
>>
>> On Wed, Jul 8, 2020 at 8:45 PM Shi Jinghai <hu...@hotmail.com> wrote:
>>
>>> Hi Girish,
>>>
>>> Excellent.
>>>
>>> Only one suggestion from my quick view, when response code is 401, the
>>> "WWW-Authenticate" header should be set to start with a word NOT “Bearer
>>> …”, this can prevent web browser from popping up a login dialog.
>>>
>>> Kind Regards,
>>>
>>> Shi Jinghai
>>>
>>> 发件人: Girish Vasmatkar<ma...@hotwaxsystems.com>
>>> 发送时间: 2020年7月8日 20:47
>>> 收件人: dev@ofbiz.apache.org<ma...@ofbiz.apache.org>
>>> 主题: Re: REST implementation
>>>
>>> Hi Folks
>>>
>>> I have added support for OpenApi Integration. The updated code can be
>> found
>>> here : https://github.com/girishvasmatkar/ofbiz-rest-impl. Please go
>>> through the changes and test at your end and let me know your thoughts.
>>>
>>> I am planning to do some refactoring and then raise initial PR for the
>>> plug-in if the changes look good to everyone.
>>>
>>> Best,
>>> Girish
>>>
>>>
>>> On Wed, Jun 17, 2020 at 4:54 PM Carsten Schinzer <
>>> carsten@dcs-verkaufssysteme.de> wrote:
>>>
>>>> Hi Girish,
>>>>
>>>> Thanks to clarify :)
>>>> What caught me on the OpenAPI integration is the snippet quoted below
>> and
>>>> I realize I should have read it in context. Actually then it is aligned
>>>> with my view.
>>>>
>>>> Warm regards
>>>>
>>>> Carsten
>>>>
>>>>>>>>> Initial implementation does not contain OpenApi integration yet.
>>> And
>>>>
>>>
>>
Re: REST implementation
Posted by Jacques Le Roux <ja...@les7arts.com>.
Not a big deal, saw that when applying as a patch:
git apply 35.patch
35.patch:364: trailing whitespace.
* GET /rest/services/{serviceName}?inParams=<URLEncodedJSON>
35.patch:765: trailing whitespace.
xmlns:xl="http://www.w3.org/1999/xlink"
35.patch:2813: trailing whitespace.
35.patch:486: new blank line at EOF.
+
35.patch:772: new blank line at EOF.
+
warning: 5 lines add whitespace errors.
Jacques
Le 02/08/2020 à 09:40, Jacques Le Roux a écrit :
> Hi Girish,
>
> I'm just starting to review so I may miss things. Just a question for now. We have an option at
>
> https://demo-trunk.ofbiz.apache.org/webtools/control/ServiceList?sel_service_name=testScv
>
> to (Show wsdl <https://demo-trunk.ofbiz.apache.org:443/webtools/control/ServiceList?sel_service_name=testScv&show_wsdl=true>)
>
> Would it be possible to have the same for REST?
>
> Thanks
>
> Jacques
>
> Le 31/07/2020 à 10:32, Girish Vasmatkar a écrit :
>> Greetings!
>>
>> I have created a PR to add a REST component -
>> https://github.com/apache/ofbiz-plugins/pull/35 . Please take a look
>> and let me know what you think and let me know if you face any issues. I
>> intend to merge it in a week from now.
>>
>> With the PR (https://github.com/apache/ofbiz-framework/pull/214) to add
>> "action" attribute to the service definition now merged, this above
>> component should be able to expose exportable (export=true) and
>> actionable(action=GET|POST) services via REST.
>>
>> Once the changes for nested attributes (OFBIZ-11902
>> <https://issues.apache.org/jira/browse/OFBIZ-11902>) are done, I will also
>> be making corresponding changes in the GraphQL plugin to account for nested
>> attributes. OFBIZ-11902
>> <https://issues.apache.org/jira/browse/OFBIZ-11902> will
>> help in defining complex GraphQL mutations.
>>
>> I am parallelly also working on designing an XML DSL for REST that should
>> allow tying up REST resources with OFBiz services.
>>
>> Best,
>> Girish
>>
>>
>>
>> On Thu, Jul 9, 2020 at 6:27 PM Shi Jinghai <hu...@hotmail.com> wrote:
>>
>>> Hi Girish,
>>>
>>> Yes, you got it.
>>>
>>> Web browser will popup a login dialog when response code is 401:
>>> setResponseHeader("WWW-Authenticate", "Bearer realm=\"authentication
>>> required\"");
>>>
>>> The popup is skipped and then react/vue/angular can handle the response:
>>> setResponseHeader("WWW-Authenticate", "OFBiz realm=\"authentication
>>> required\"");
>>>
>>>
>>> 发件人: Girish Vasmatkar<ma...@hotwaxsystems.com>
>>> 发送时间: 2020年7月9日 14:54
>>> 收件人: dev@ofbiz.apache.org<ma...@ofbiz.apache.org>
>>> 主题: Re: REST implementation
>>>
>>> Hi Shi
>>>
>>> Thanks for taking a look at it. I have a question on "WWW-Authenticate"
>>> header so please clarify and I can make appropriate changes accordingly -
>>>
>>> All I am finding is that to prevent the pop-up, either return 403 (which I
>>> do not want to do) or not include "WWW-Authenticate" header at all (not
>>> inclined to do this as well because then we would be violating the spec).
>>> Do you mean to NOT start the value of the header with "Bearer" ?
>>> so instead of below
>>>
>>> *WWW-Authenticate: Bearer realm="Access to OFBiz", charset="UTF-8"*
>>>
>>> should we change it to
>>>
>>> *WWW-Authenticate: xBearer realm="Access to OFBiz", charset="UTF-8"*
>>>
>>> I did not test it, but I can just change it like this without testing if
>>> you can please confirm it will prevent the browser dialog.
>>>
>>> Thanks again for the review.
>>>
>>> Best,
>>> Girish
>>>
>>> On Wed, Jul 8, 2020 at 8:45 PM Shi Jinghai <hu...@hotmail.com> wrote:
>>>
>>>> Hi Girish,
>>>>
>>>> Excellent.
>>>>
>>>> Only one suggestion from my quick view, when response code is 401, the
>>>> "WWW-Authenticate" header should be set to start with a word NOT “Bearer
>>>> …”, this can prevent web browser from popping up a login dialog.
>>>>
>>>> Kind Regards,
>>>>
>>>> Shi Jinghai
>>>>
>>>> 发件人: Girish Vasmatkar<ma...@hotwaxsystems.com>
>>>> 发送时间: 2020年7月8日 20:47
>>>> 收件人: dev@ofbiz.apache.org<ma...@ofbiz.apache.org>
>>>> 主题: Re: REST implementation
>>>>
>>>> Hi Folks
>>>>
>>>> I have added support for OpenApi Integration. The updated code can be
>>> found
>>>> here : https://github.com/girishvasmatkar/ofbiz-rest-impl. Please go
>>>> through the changes and test at your end and let me know your thoughts.
>>>>
>>>> I am planning to do some refactoring and then raise initial PR for the
>>>> plug-in if the changes look good to everyone.
>>>>
>>>> Best,
>>>> Girish
>>>>
>>>>
>>>> On Wed, Jun 17, 2020 at 4:54 PM Carsten Schinzer <
>>>> carsten@dcs-verkaufssysteme.de> wrote:
>>>>
>>>>> Hi Girish,
>>>>>
>>>>> Thanks to clarify :)
>>>>> What caught me on the OpenAPI integration is the snippet quoted below
>>> and
>>>>> I realize I should have read it in context. Actually then it is aligned
>>>>> with my view.
>>>>>
>>>>> Warm regards
>>>>>
>>>>> Carsten
>>>>>
>>>>>>>>>> Initial implementation does not contain OpenApi integration yet.
>>>> And
>>>>>
>>>>
>>>
Re: REST implementation
Posted by Girish Vasmatkar <gi...@hotwaxsystems.com>.
Hi Jacques
Thanks for taking a look at this. Since, REST does not define any WSDL,
rather WADL, we can try to show it, however, since it is a component as a
starting point, it would probably be good if we can show WADL, if and when
it gets included in the framework. Because request coming to webtools
(show_wadl=true) will eventually be handled by the REST component to fetch
WADL. Also, as you figured out, Swagger is there too to describe the
service details.
Also, I will make the changes as you suggested in the OpenAPI
configuration. On 404, yes, that's normal because there is no resource at
the ROOT at the moment. This can however be a good addition if this URL can
return all resource definitions. I will make note of it and try to
implement it.
Best Regards,
Girish
On Sun, Aug 2, 2020 at 2:47 PM Jacques Le Roux <ja...@les7arts.com>
wrote:
> At https://localhost:8443/rest/ I get a 404 and in log
>
> javax.ws.rs.NotFoundException: HTTP 404 Not Found
> at
> org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:250)
> at org.glassfish.jersey.internal.Errors$1.call(Errors.java:248)
> at org.glassfish.jersey.internal.Errors$1.call(Errors.java:244)
> at org.glassfish.jersey.internal.Errors.process(Errors.java:292)
> at org.glassfish.jersey.internal.Errors.process(Errors.java:274)
> at org.glassfish.jersey.internal.Errors.process(Errors.java:244)
> at
> org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:265)
> at
> org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:232)
> at
> org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:680)
> at
> org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:394)
> at
> org.glassfish.jersey.servlet.ServletContainer.serviceImpl(ServletContainer.java:386)
> at
> org.glassfish.jersey.servlet.ServletContainer.doFilter(ServletContainer.java:561)
> at
> org.glassfish.jersey.servlet.ServletContainer.doFilter(ServletContainer.java:502)
> at
> org.glassfish.jersey.servlet.ServletContainer.doFilter(ServletContainer.java:439)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> at
> org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
> at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
> at
> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
> at
> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:373)
> at
> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
> at
> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
> at org.apache.tomcat.util.net
> .NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1589)
> at org.apache.tomcat.util.net
> .SocketProcessorBase.run(SocketProcessorBase.java:49)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> at
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
> at java.lang.Thread.run(Thread.java:748)
>
> Normal?
>
> Le 02/08/2020 à 11:14, Jacques Le Roux a écrit :
> > I get that we have this information at
> >
> > https://localhost:8443/docs/swagger-ui.html
> >
> > like with
> >
> >
> https://localhost:8443/docs/swagger-ui.html#/Exported%20Services/findProductById
> >
> > So I guess we can put a link to that, rigth?
> >
> > Also there is no ofbiz@apache.org (at
> OpenApiResource::buildOpenApiContact) I'd suggest dev@ofbiz.apache.org
> >
> > For "Terms of service" I suggest a link to ASL2 and to remove the below
> direct link to it.
> >
> > BTW thanks Girish, this is really a great step forward :)
> >
> > Jacques
> >
> >
> > Le 02/08/2020 à 09:40, Jacques Le Roux a écrit :
> >> Hi Girish,
> >>
> >> I'm just starting to review so I may miss things. Just a question for
> now. We have an option at
> >>
> >>
> https://demo-trunk.ofbiz.apache.org/webtools/control/ServiceList?sel_service_name=testScv
> >>
> >> to (Show wsdl <
> https://demo-trunk.ofbiz.apache.org:443/webtools/control/ServiceList?sel_service_name=testScv&show_wsdl=true
> >)
> >>
> >> Would it be possible to have the same for REST?
> >>
> >> Thanks
> >>
> >> Jacques
> >>
> >> Le 31/07/2020 à 10:32, Girish Vasmatkar a écrit :
> >>> Greetings!
> >>>
> >>> I have created a PR to add a REST component -
> >>> https://github.com/apache/ofbiz-plugins/pull/35 . Please take a look
> >>> and let me know what you think and let me know if you face any issues.
> I
> >>> intend to merge it in a week from now.
> >>>
> >>> With the PR (https://github.com/apache/ofbiz-framework/pull/214) to
> add
> >>> "action" attribute to the service definition now merged, this above
> >>> component should be able to expose exportable (export=true) and
> >>> actionable(action=GET|POST) services via REST.
> >>>
> >>> Once the changes for nested attributes (OFBIZ-11902
> >>> <https://issues.apache.org/jira/browse/OFBIZ-11902>) are done, I will
> also
> >>> be making corresponding changes in the GraphQL plugin to account for
> nested
> >>> attributes. OFBIZ-11902
> >>> <https://issues.apache.org/jira/browse/OFBIZ-11902> will
> >>> help in defining complex GraphQL mutations.
> >>>
> >>> I am parallelly also working on designing an XML DSL for REST that
> should
> >>> allow tying up REST resources with OFBiz services.
> >>>
> >>> Best,
> >>> Girish
> >>>
> >>>
> >>>
> >>> On Thu, Jul 9, 2020 at 6:27 PM Shi Jinghai <hu...@hotmail.com>
> wrote:
> >>>
> >>>> Hi Girish,
> >>>>
> >>>> Yes, you got it.
> >>>>
> >>>> Web browser will popup a login dialog when response code is 401:
> >>>> setResponseHeader("WWW-Authenticate", "Bearer realm=\"authentication
> >>>> required\"");
> >>>>
> >>>> The popup is skipped and then react/vue/angular can handle the
> response:
> >>>> setResponseHeader("WWW-Authenticate", "OFBiz realm=\"authentication
> >>>> required\"");
> >>>>
> >>>>
> >>>> 发件人: Girish Vasmatkar<ma...@hotwaxsystems.com>
> >>>> 发送时间: 2020年7月9日 14:54
> >>>> 收件人: dev@ofbiz.apache.org<ma...@ofbiz.apache.org>
> >>>> 主题: Re: REST implementation
> >>>>
> >>>> Hi Shi
> >>>>
> >>>> Thanks for taking a look at it. I have a question on
> "WWW-Authenticate"
> >>>> header so please clarify and I can make appropriate changes
> accordingly -
> >>>>
> >>>> All I am finding is that to prevent the pop-up, either return 403
> (which I
> >>>> do not want to do) or not include "WWW-Authenticate" header at all
> (not
> >>>> inclined to do this as well because then we would be violating the
> spec).
> >>>> Do you mean to NOT start the value of the header with "Bearer" ?
> >>>> so instead of below
> >>>>
> >>>> *WWW-Authenticate: Bearer realm="Access to OFBiz", charset="UTF-8"*
> >>>>
> >>>> should we change it to
> >>>>
> >>>> *WWW-Authenticate: xBearer realm="Access to OFBiz", charset="UTF-8"*
> >>>>
> >>>> I did not test it, but I can just change it like this without testing
> if
> >>>> you can please confirm it will prevent the browser dialog.
> >>>>
> >>>> Thanks again for the review.
> >>>>
> >>>> Best,
> >>>> Girish
> >>>>
> >>>> On Wed, Jul 8, 2020 at 8:45 PM Shi Jinghai <hu...@hotmail.com>
> wrote:
> >>>>
> >>>>> Hi Girish,
> >>>>>
> >>>>> Excellent.
> >>>>>
> >>>>> Only one suggestion from my quick view, when response code is 401,
> the
> >>>>> "WWW-Authenticate" header should be set to start with a word NOT
> “Bearer
> >>>>> …”, this can prevent web browser from popping up a login dialog.
> >>>>>
> >>>>> Kind Regards,
> >>>>>
> >>>>> Shi Jinghai
> >>>>>
> >>>>> 发件人: Girish Vasmatkar<ma...@hotwaxsystems.com>
> >>>>> 发送时间: 2020年7月8日 20:47
> >>>>> 收件人: dev@ofbiz.apache.org<ma...@ofbiz.apache.org>
> >>>>> 主题: Re: REST implementation
> >>>>>
> >>>>> Hi Folks
> >>>>>
> >>>>> I have added support for OpenApi Integration. The updated code can be
> >>>> found
> >>>>> here : https://github.com/girishvasmatkar/ofbiz-rest-impl. Please go
> >>>>> through the changes and test at your end and let me know your
> thoughts.
> >>>>>
> >>>>> I am planning to do some refactoring and then raise initial PR for
> the
> >>>>> plug-in if the changes look good to everyone.
> >>>>>
> >>>>> Best,
> >>>>> Girish
> >>>>>
> >>>>>
> >>>>> On Wed, Jun 17, 2020 at 4:54 PM Carsten Schinzer <
> >>>>> carsten@dcs-verkaufssysteme.de> wrote:
> >>>>>
> >>>>>> Hi Girish,
> >>>>>>
> >>>>>> Thanks to clarify :)
> >>>>>> What caught me on the OpenAPI integration is the snippet quoted
> below
> >>>> and
> >>>>>> I realize I should have read it in context. Actually then it is
> aligned
> >>>>>> with my view.
> >>>>>>
> >>>>>> Warm regards
> >>>>>>
> >>>>>> Carsten
> >>>>>>
> >>>>>>>>>>> Initial implementation does not contain OpenApi integration
> yet.
> >>>>> And
> >>>>>>
> >>>>>
> >>>>
>
Re: REST implementation
Posted by Jacques Le Roux <ja...@les7arts.com>.
At https://localhost:8443/rest/ I get a 404 and in log
javax.ws.rs.NotFoundException: HTTP 404 Not Found
at org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:250)
at org.glassfish.jersey.internal.Errors$1.call(Errors.java:248)
at org.glassfish.jersey.internal.Errors$1.call(Errors.java:244)
at org.glassfish.jersey.internal.Errors.process(Errors.java:292)
at org.glassfish.jersey.internal.Errors.process(Errors.java:274)
at org.glassfish.jersey.internal.Errors.process(Errors.java:244)
at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:265)
at org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:232)
at org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:680)
at org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:394)
at org.glassfish.jersey.servlet.ServletContainer.serviceImpl(ServletContainer.java:386)
at org.glassfish.jersey.servlet.ServletContainer.doFilter(ServletContainer.java:561)
at org.glassfish.jersey.servlet.ServletContainer.doFilter(ServletContainer.java:502)
at org.glassfish.jersey.servlet.ServletContainer.doFilter(ServletContainer.java:439)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:373)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1589)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
Normal?
Le 02/08/2020 à 11:14, Jacques Le Roux a écrit :
> I get that we have this information at
>
> https://localhost:8443/docs/swagger-ui.html
>
> like with
>
> https://localhost:8443/docs/swagger-ui.html#/Exported%20Services/findProductById
>
> So I guess we can put a link to that, rigth?
>
> Also there is no ofbiz@apache.org (at OpenApiResource::buildOpenApiContact) I'd suggest dev@ofbiz.apache.org
>
> For "Terms of service" I suggest a link to ASL2 and to remove the below direct link to it.
>
> BTW thanks Girish, this is really a great step forward :)
>
> Jacques
>
>
> Le 02/08/2020 à 09:40, Jacques Le Roux a écrit :
>> Hi Girish,
>>
>> I'm just starting to review so I may miss things. Just a question for now. We have an option at
>>
>> https://demo-trunk.ofbiz.apache.org/webtools/control/ServiceList?sel_service_name=testScv
>>
>> to (Show wsdl <https://demo-trunk.ofbiz.apache.org:443/webtools/control/ServiceList?sel_service_name=testScv&show_wsdl=true>)
>>
>> Would it be possible to have the same for REST?
>>
>> Thanks
>>
>> Jacques
>>
>> Le 31/07/2020 à 10:32, Girish Vasmatkar a écrit :
>>> Greetings!
>>>
>>> I have created a PR to add a REST component -
>>> https://github.com/apache/ofbiz-plugins/pull/35 . Please take a look
>>> and let me know what you think and let me know if you face any issues. I
>>> intend to merge it in a week from now.
>>>
>>> With the PR (https://github.com/apache/ofbiz-framework/pull/214) to add
>>> "action" attribute to the service definition now merged, this above
>>> component should be able to expose exportable (export=true) and
>>> actionable(action=GET|POST) services via REST.
>>>
>>> Once the changes for nested attributes (OFBIZ-11902
>>> <https://issues.apache.org/jira/browse/OFBIZ-11902>) are done, I will also
>>> be making corresponding changes in the GraphQL plugin to account for nested
>>> attributes. OFBIZ-11902
>>> <https://issues.apache.org/jira/browse/OFBIZ-11902> will
>>> help in defining complex GraphQL mutations.
>>>
>>> I am parallelly also working on designing an XML DSL for REST that should
>>> allow tying up REST resources with OFBiz services.
>>>
>>> Best,
>>> Girish
>>>
>>>
>>>
>>> On Thu, Jul 9, 2020 at 6:27 PM Shi Jinghai <hu...@hotmail.com> wrote:
>>>
>>>> Hi Girish,
>>>>
>>>> Yes, you got it.
>>>>
>>>> Web browser will popup a login dialog when response code is 401:
>>>> setResponseHeader("WWW-Authenticate", "Bearer realm=\"authentication
>>>> required\"");
>>>>
>>>> The popup is skipped and then react/vue/angular can handle the response:
>>>> setResponseHeader("WWW-Authenticate", "OFBiz realm=\"authentication
>>>> required\"");
>>>>
>>>>
>>>> 发件人: Girish Vasmatkar<ma...@hotwaxsystems.com>
>>>> 发送时间: 2020年7月9日 14:54
>>>> 收件人: dev@ofbiz.apache.org<ma...@ofbiz.apache.org>
>>>> 主题: Re: REST implementation
>>>>
>>>> Hi Shi
>>>>
>>>> Thanks for taking a look at it. I have a question on "WWW-Authenticate"
>>>> header so please clarify and I can make appropriate changes accordingly -
>>>>
>>>> All I am finding is that to prevent the pop-up, either return 403 (which I
>>>> do not want to do) or not include "WWW-Authenticate" header at all (not
>>>> inclined to do this as well because then we would be violating the spec).
>>>> Do you mean to NOT start the value of the header with "Bearer" ?
>>>> so instead of below
>>>>
>>>> *WWW-Authenticate: Bearer realm="Access to OFBiz", charset="UTF-8"*
>>>>
>>>> should we change it to
>>>>
>>>> *WWW-Authenticate: xBearer realm="Access to OFBiz", charset="UTF-8"*
>>>>
>>>> I did not test it, but I can just change it like this without testing if
>>>> you can please confirm it will prevent the browser dialog.
>>>>
>>>> Thanks again for the review.
>>>>
>>>> Best,
>>>> Girish
>>>>
>>>> On Wed, Jul 8, 2020 at 8:45 PM Shi Jinghai <hu...@hotmail.com> wrote:
>>>>
>>>>> Hi Girish,
>>>>>
>>>>> Excellent.
>>>>>
>>>>> Only one suggestion from my quick view, when response code is 401, the
>>>>> "WWW-Authenticate" header should be set to start with a word NOT “Bearer
>>>>> …”, this can prevent web browser from popping up a login dialog.
>>>>>
>>>>> Kind Regards,
>>>>>
>>>>> Shi Jinghai
>>>>>
>>>>> 发件人: Girish Vasmatkar<ma...@hotwaxsystems.com>
>>>>> 发送时间: 2020年7月8日 20:47
>>>>> 收件人: dev@ofbiz.apache.org<ma...@ofbiz.apache.org>
>>>>> 主题: Re: REST implementation
>>>>>
>>>>> Hi Folks
>>>>>
>>>>> I have added support for OpenApi Integration. The updated code can be
>>>> found
>>>>> here : https://github.com/girishvasmatkar/ofbiz-rest-impl. Please go
>>>>> through the changes and test at your end and let me know your thoughts.
>>>>>
>>>>> I am planning to do some refactoring and then raise initial PR for the
>>>>> plug-in if the changes look good to everyone.
>>>>>
>>>>> Best,
>>>>> Girish
>>>>>
>>>>>
>>>>> On Wed, Jun 17, 2020 at 4:54 PM Carsten Schinzer <
>>>>> carsten@dcs-verkaufssysteme.de> wrote:
>>>>>
>>>>>> Hi Girish,
>>>>>>
>>>>>> Thanks to clarify :)
>>>>>> What caught me on the OpenAPI integration is the snippet quoted below
>>>> and
>>>>>> I realize I should have read it in context. Actually then it is aligned
>>>>>> with my view.
>>>>>>
>>>>>> Warm regards
>>>>>>
>>>>>> Carsten
>>>>>>
>>>>>>>>>>> Initial implementation does not contain OpenApi integration yet.
>>>>> And
>>>>>>
>>>>>
>>>>
Re: REST implementation
Posted by Jacques Le Roux <ja...@les7arts.com>.
I get that we have this information at
https://localhost:8443/docs/swagger-ui.html
like with
https://localhost:8443/docs/swagger-ui.html#/Exported%20Services/findProductById
So I guess we can put a link to that, rigth?
Also there is no ofbiz@apache.org (at OpenApiResource::buildOpenApiContact) I'd suggest dev@ofbiz.apache.org
For "Terms of service" I suggest a link to ASL2 and to remove the below direct link to it.
BTW thanks Girish, this is really a great step forward :)
Jacques
Le 02/08/2020 à 09:40, Jacques Le Roux a écrit :
> Hi Girish,
>
> I'm just starting to review so I may miss things. Just a question for now. We have an option at
>
> https://demo-trunk.ofbiz.apache.org/webtools/control/ServiceList?sel_service_name=testScv
>
> to (Show wsdl <https://demo-trunk.ofbiz.apache.org:443/webtools/control/ServiceList?sel_service_name=testScv&show_wsdl=true>)
>
> Would it be possible to have the same for REST?
>
> Thanks
>
> Jacques
>
> Le 31/07/2020 à 10:32, Girish Vasmatkar a écrit :
>> Greetings!
>>
>> I have created a PR to add a REST component -
>> https://github.com/apache/ofbiz-plugins/pull/35 . Please take a look
>> and let me know what you think and let me know if you face any issues. I
>> intend to merge it in a week from now.
>>
>> With the PR (https://github.com/apache/ofbiz-framework/pull/214) to add
>> "action" attribute to the service definition now merged, this above
>> component should be able to expose exportable (export=true) and
>> actionable(action=GET|POST) services via REST.
>>
>> Once the changes for nested attributes (OFBIZ-11902
>> <https://issues.apache.org/jira/browse/OFBIZ-11902>) are done, I will also
>> be making corresponding changes in the GraphQL plugin to account for nested
>> attributes. OFBIZ-11902
>> <https://issues.apache.org/jira/browse/OFBIZ-11902> will
>> help in defining complex GraphQL mutations.
>>
>> I am parallelly also working on designing an XML DSL for REST that should
>> allow tying up REST resources with OFBiz services.
>>
>> Best,
>> Girish
>>
>>
>>
>> On Thu, Jul 9, 2020 at 6:27 PM Shi Jinghai <hu...@hotmail.com> wrote:
>>
>>> Hi Girish,
>>>
>>> Yes, you got it.
>>>
>>> Web browser will popup a login dialog when response code is 401:
>>> setResponseHeader("WWW-Authenticate", "Bearer realm=\"authentication
>>> required\"");
>>>
>>> The popup is skipped and then react/vue/angular can handle the response:
>>> setResponseHeader("WWW-Authenticate", "OFBiz realm=\"authentication
>>> required\"");
>>>
>>>
>>> 发件人: Girish Vasmatkar<ma...@hotwaxsystems.com>
>>> 发送时间: 2020年7月9日 14:54
>>> 收件人: dev@ofbiz.apache.org<ma...@ofbiz.apache.org>
>>> 主题: Re: REST implementation
>>>
>>> Hi Shi
>>>
>>> Thanks for taking a look at it. I have a question on "WWW-Authenticate"
>>> header so please clarify and I can make appropriate changes accordingly -
>>>
>>> All I am finding is that to prevent the pop-up, either return 403 (which I
>>> do not want to do) or not include "WWW-Authenticate" header at all (not
>>> inclined to do this as well because then we would be violating the spec).
>>> Do you mean to NOT start the value of the header with "Bearer" ?
>>> so instead of below
>>>
>>> *WWW-Authenticate: Bearer realm="Access to OFBiz", charset="UTF-8"*
>>>
>>> should we change it to
>>>
>>> *WWW-Authenticate: xBearer realm="Access to OFBiz", charset="UTF-8"*
>>>
>>> I did not test it, but I can just change it like this without testing if
>>> you can please confirm it will prevent the browser dialog.
>>>
>>> Thanks again for the review.
>>>
>>> Best,
>>> Girish
>>>
>>> On Wed, Jul 8, 2020 at 8:45 PM Shi Jinghai <hu...@hotmail.com> wrote:
>>>
>>>> Hi Girish,
>>>>
>>>> Excellent.
>>>>
>>>> Only one suggestion from my quick view, when response code is 401, the
>>>> "WWW-Authenticate" header should be set to start with a word NOT “Bearer
>>>> …”, this can prevent web browser from popping up a login dialog.
>>>>
>>>> Kind Regards,
>>>>
>>>> Shi Jinghai
>>>>
>>>> 发件人: Girish Vasmatkar<ma...@hotwaxsystems.com>
>>>> 发送时间: 2020年7月8日 20:47
>>>> 收件人: dev@ofbiz.apache.org<ma...@ofbiz.apache.org>
>>>> 主题: Re: REST implementation
>>>>
>>>> Hi Folks
>>>>
>>>> I have added support for OpenApi Integration. The updated code can be
>>> found
>>>> here : https://github.com/girishvasmatkar/ofbiz-rest-impl. Please go
>>>> through the changes and test at your end and let me know your thoughts.
>>>>
>>>> I am planning to do some refactoring and then raise initial PR for the
>>>> plug-in if the changes look good to everyone.
>>>>
>>>> Best,
>>>> Girish
>>>>
>>>>
>>>> On Wed, Jun 17, 2020 at 4:54 PM Carsten Schinzer <
>>>> carsten@dcs-verkaufssysteme.de> wrote:
>>>>
>>>>> Hi Girish,
>>>>>
>>>>> Thanks to clarify :)
>>>>> What caught me on the OpenAPI integration is the snippet quoted below
>>> and
>>>>> I realize I should have read it in context. Actually then it is aligned
>>>>> with my view.
>>>>>
>>>>> Warm regards
>>>>>
>>>>> Carsten
>>>>>
>>>>>>>>>> Initial implementation does not contain OpenApi integration yet.
>>>> And
>>>>>
>>>>
>>>