Thursday, August 23, 2018

Mule 4 - Retrieve client id from an API with client ID enforcement policy


This article describes how one could retrieve the client_id that is consuming an API protected by client ID enforcement policy in API Manager.

Assumptions:
1. The API is exposed from Anypoint Runtime - API Manager
2. The API policy is applied - Client ID enforcement

3. The client is has requested access to the API via exchange
4. The client is using Basic Authentication to login to the API with client id and secret key.

How it works:
Since the client application is using Basic Authentication to access Mulesoft API, we will always have the header value as below. This value is in a fixed format, which is username:password encoded with Base64.



Note: this is not a very secure method as anyone with basic understanding of authentication would be able to decode and decipher the information. As such, this should always be used together with SSL to avoid unauthorized users from retrieving login information.

We can use Dataweave 2.0 to retrieve the header from attributes.headers.authorization.
Following that, Base64 decode the value and split the value to extract the client id.

Example of Dataweave which sets the payload to be the extracted client id:

%dw 2.0
import * from dw::core::Binaries
output application/java
---
(fromBase64((attributes.headers.authorization replace "Basic " with "")) splitBy(":"))[0] default ""

Monday, April 30, 2018

Using secure configuration properties in Mule 4

Overview

The enterprise edition of Mule runtime comes equipped with a Secure Configuration Properties module which is a very neat tool that allows you to hide your keys from prying eyes.
Here is an example of how you could:
  • encrypt strings or entire files
  • reference encrypted properties stored in a file
  • decrypt them with a master key;
  • and use those values to connect to Salesforce cloud to retrieve a list of Accounts.

This article assumes that you have a Salesforce developer account, and possess basic knowledge of Anypoint Studio 7 and various Mule concepts.

1. Get the tool ready, and prepare your encrypted values
Come up with your master key. For this demo I am using My$ecr3tK3y!!
Open DOS and change directory to the folder where your jar file is located.

Thursday, April 26, 2018

Create a domain project in Mule 4

A domain project comes in handy when you want to share resources across different Mule projects in your hosted on-premise Mule Runtime.

In Mule Runtime 4, the resources that can be shared are: 
  • VM
  • TLS Context
  • JMS and JMS Caching Connection
  • Database
  • WMQ
  • JBoss, Bitronix Transaction Manager

Tuesday, April 10, 2018

Invoke static custom Java methods in Mule 4


This example demonstrates how to use Mule 4's Java method to invoke a custom static method with 2 arguments. The custom class is reused from this post: Define and consume custom Java methods using Dataweave 2.0 in Mule 4.

Tips when working with custom java classes in Mule 4:
  1. Include your custom namespace in mule-artifact.json
  2. If you are making references to third party libraries, include them as maven dependencies in pom.xml

This is a simple example using a HTTP Listener to listen for POST requests to http://localhost:8081/list-files2



Define and consume custom Java methods with Dataweave 2.0 in Mule 4


With the introduction of a brand-new Java module in Mule 4, it is now possible to invoke Java classes in a more straightforward manner from the flow or in Dataweave 2.0 itself.

Here is a simple demonstration of file manipulation using custom Java classes and methods in Mule Anypoint Studio 7.1. This step-by-step tutorial shows how to:
1. Create a custom java class to list files recursively for a local or shared network path
2. Invoking this class from Mulesoft Dataweave 2.0 transformations, and filter information.

Pre-requisites:
There is a dependency on apache commons-io, log4j and joda-time as I will be reusing some methods for file manipulation.
You can find the jar file or maven references here:
https://mvnrepository.com/artifact/commons-io/commons-io/2.6
https://mvnrepository.com/artifact/joda-time/joda-time
https://mvnrepository.com/artifact/log4j/log4j


1. Create your Mule project and add maven dependency
Download the apache commons-io jar file, or alternatively include the reference in your maven pom.xml file.
For this example, I am going to include it as a maven dependency. Copy and paste the code below and include it between the dependencies node in pom.xml, before the closing node:

Tuesday, March 27, 2018

Mulesoft Flow to create Service Request in ServiceNow

This article describes how you could create a Mulesoft flow to create a Service Request in Service-Now.

First of all, you will need to have access to a Service-Now Development instance, for example:
* Replace with your company's development instance, if needed.

You will need a username and password to connect to this instance.
Go to https://developer.servicenow.com/ and register for a new account for testing purposes.

Once logged in, go to the MANAGE tab, and select Instance.
Create a new instance, and take note of the URL, admin username and password.
* The instance will be removed if there's no activity in 10 days.



For OOTB requests, there is typically one or more catalog items attached to a request.
Login to your service-now instance, in my case it's https://dev52286.service-now.com
Browse your service catalog and determine what kind of request you would like to make.

Wednesday, January 3, 2018

NodeJS httpServer make REST calls based on querystring parameter

Has dependencies on request, which you could install using the npm command.
In the example below it is a simple web application listening on localhost port 8080.
If the employeeId querystring parameter is detected, regardless of the path, it will make a call to a  RESTful service to retrieve a (fictional) worker information... you get the idea.

 // Include the request library for Node.js. This is not part of native libary.    
 var request = require('request');  
 var http = require('http');  
 var url = require('url');  
 http.createServer(function (req, res) {  
   res.writeHead(200, {'Content-Type': 'text/html'});  
      res.write('Start querying<br />');  
      var u = url.parse(req.url, true);  
      var queryData = u.query;  
      if (queryData.employeeId) {  
           console.log('employeeId: ' + queryData.employeeId);  
           // Sample URL call: http://localhost:8080/anything?employeeId=999  
           // Basic Authentication credentials    
           var username = "username";   
           var password = "password";  
           var authenticationHeader = "Basic " + new Buffer(username + ":" + password).toString("base64");  
           request.get(    
           {  
                uri : "https://service.domain.com/WorkerSnapshot?$format=JSONP&EmployeeID=" + queryData.wwid,  
                rejectUnauthorized: false,  
                json: true, // indicates the returning data is JSON, no need for JSON.parse()  
                headers : { "Authorization" : authenticationHeader }   
           },  
           function (error, response, body) {  
                res.write(body);  
           }  
           );            
      }  
 }).listen(8080);  

Powershell code (local) to list user AD memberships

Powershell code snippet which you could run using PowerShell ISE window. Do not need to install additional modules, unlike Get-ADUser

 # Create searcher object  
 $Domain = "sub.domain.com"  
 $ADsPath = [ADSI]"LDAP://$Domain"  
 $searcher = New-Object System.DirectoryServices.DirectorySearcher($ADsPath)  
 $searcher.SearchScope = "Subtree"  
 $searcher.PageSize = 1000  
 # Restrict properties to load  
 # $searcher.PropertiesToLoad.Add("name")  
 # $searcher.PropertiesToLoad.Add("sAMAccountName")  
 # $searcher.PropertiesToLoad.Add("employeeID")  
 # $searcher.PropertiesToLoad.Add("mail")  
 # $searcher.PropertiesToLoad.Add("userPrincipalName")  
 $searcher.PropertiesToLoad.Add("memberOf")  
 
 $searcher.Filter = "(&(objectClass=User)(samAccountName=username))"   
 $colResults = $searcher.FindOne()  
 
 $objItem = $colResults.Properties  
 $objItem.Item("memberOf") | foreach-object {  
   write-host $_  
 }  

Related Posts Plugin for WordPress, Blogger...