search

mendix / RestServices

REST service module for Mendix. Supports consuming and publishing REST based services and real-time data synchronization. Supports JSON, form-encoded, multipart and binary data transport.
Apache License 2.0
31 stars 46 forks source link

Need of getRequestBody Java Action #68

Closed Andries-Smit closed 8 years ago

Andries-Smit commented 8 years ago

Dear Mendix Developers,

For some incoming requests it is required to validated if the is not tempered, and comes from the expected source. A way of doing this is to sign the content with a key and add the signature to header.

In the authentication Microflow we need the create an MD5 hash of the secret key and full body payload and compare with signature.

However that is not possible at this time. If you read the stream it can not read again for reading the body to pars into Mendix object.

The solution to this is to read(on demand) the full body, store it in the RestServiceRequest. And the IRestServiceHandler implementation use the body from the RestServiceRequest inside the parseInputData.

Add a java action getRequestBody which lazy loads the body and stores it in the request. So It only done for request that uses this function.

Would this be an feature worth bringing to the standard?

With kind regards, Andries

mweststrate commented 8 years ago

Closed for now due to inactivity. But pull requests are always welcome ;)