Hi @Gopinath_Radhakrishn!
I’m integrating with IBM Rational Team Concert. Up until now, it was running in company intranet. So they will expose it to the internet now, and for security reasons, they want to allow requests from internet only when made by the APP in developing.
The IBM RTC provides OSLC APIs:
https://www.ibm.com/docs/en/rational-change/5.3.0?topic=change-using-oslc-cm-rest-api
To make calls to any endpoint, I need to make a post for login first:
You can see that it returns a cookie.
I need to pass it along on the next calls:
If I was going to use Request Method from SDK, I don’t know if I would be able to just capture it from the login header and pass it along in the next call. Since I need to send files, I didn’t even tried.
So for requests I’m using the lib: “postman-request”: “2.88.1-postman.28”.
On serverless, I have a class with methods to authenticate and to call others endpoints.
It works just fine.
Example:
var cookies;
var baseRequest;
class RTC {
constructor(serverURI, userName, userPassword, _cookies) {
try {
this.serverURI = "https://" + serverURI + "/ccm";
this.userName = userName;
this.userPassword = userPassword;
if (_cookies) {
if (this.serverURI.includes("localhost")) {
cookies = new tough.CookieJar(undefined, [{ rejectPublicSuffixes: false }]);
} else {
cookies = new tough.CookieJar();
}
for (const cookie of _cookies.cookies) {
cookies.setCookieSync(tough.fromJSON(cookie), this.serverURI);
}
} else {
cookies = new tough.CookieJar();
}
baseRequest = request.defaults({
headers: {
"OSLC-Core-Version": "2.0",
"Content-Type": "application/json",
Accept: "application/json",
},
strictSSL: false,
jar: cookies,
followAllRedirects: true,
});
} catch (error) {
console.error("Erro em RTC > constructor().", error);
}
}
authenticate() {
return new Promise((resolve, reject) => {
try {
var options = {
headers: {
"Content-Type": "application/x-www-form-urlencoded",
},
url: this.serverURI + "/j_security_check",
method: "POST",
form: { j_username: this.userName, j_password: this.userPassword },
resolveWithFullResponse: true,
};
baseRequest(options, function (error, response) {
try {
if (error) {
reject({ status: response.statusCode, message: JSON.stringify(error) });
return;
}
if (response.headers["x-com-ibm-team-repository-web-auth-msg"]) {
reject({
status: response.statusCode,
message: response.headers["x-com-ibm-team-repository-web-auth-msg"],
});
return;
}
resolve(cookies);
} catch (error) {
reject({ message: error.message });
}
});
} catch (error) {
reject({ message: error.message });
}
});
}
getResourceName(resourceURL) {
return new Promise((resolve, reject) => {
try {
var options = {
method: "GET",
url: resourceURL,
};
baseRequest(options, function (error, response) {
try {
if (error) {
reject(error);
return;
}
var body = JSON.parse(response.body);
if (body["dcterms:title"]) {
resolve(body["dcterms:title"]);
} else {
reject("Não foi encontrado o nome do recurso.");
}
} catch (error) {
reject(error);
}
});
} catch (error) {
reject(error);
}
});
}
}
So the question is… how can the customer on their end, allow requests just from my APP?