Node-Red HTTP Input verify json - rest

this might be a stupid question but I was unable to find a solution, also no luck with search.
My Node-Red flow gets triggered by a HTTP Input because I want to create a REST Webservice. It works fine so far but I wonder how to verify the content someone send to me.
As I see right now, I can pass any kind of content. There is no verification if the content matches to the content I want as input.
If I set content-type to application/json, it only accepts json data. That's great but I also want to ensure, users can post only a specific json string.
If someone sends data I'm unable to proceed (not the json object I expected), I want to send HTTP 400 as response.
I'm pretty new to Node-Red and also to json. I'm more an old-school programmer using classic webservices and soap. What I'm missing is some kind of WSDL (not sure if it exists when using REST) and some kind of payload validation.
It would be great if someone can point me the way to go.
Best regards
Patrick

There are some nodes available for doing schema validation on JSON objects.
For example, node-red-contrib-json-schema-validator - which uses ajv as the validation engine under the covers. Unfortunately this node doesn't come with much in the way of help. Essentially it lets you provide your schema and if a message fails to validate, it logs an error which can be handled with a Catch node if you want.

I found the issue. It was too bad.
I just forgotten to set HTTP Header content-type to application/json.
node-red-contrib-json-schema-validator works like a charm if content type is set corret

Related

API Client testing tool for capturing requests

I need a tool which gives me a URL to make a HTTP request that will be recorded and it shows me what body was sent, which headers, which parameters, the method...
It's like something kind of opposite of Postman.
I tried to find such type of tool/service but didn't find any. If someone knows something similar, please let me know, thank you.
Actually, Postman has a feature which captures the request:
Enable it and just make the call to the set port (localhost:5555 by default) and it will be saved under the request history.

What should be returned when an invalid Web API uri is called?

What should be done if an invalid uri is provided when calling a REST Web API (asp.net mvc)? I'm getting
HTTP Error 404.4 - Not Found
The resource you are looking for does not have a handler associated with it.
When I provide an invalid controller, I get the following:
No HTTP resource was found that matches the request URI
'http://localhost:51929/api/usera'.
No type was found that matches the controller named 'usera'.
I thought 1) was the default and ok, but I've been asked to return a custom html page for both of the above and some others errors but it doesn't feel right to return a web page when dealing with an Web API?
1) Is this common practise?
2) Is there a best practice/standard?
Is there a best practice/standard?
One of the important points in HTTP is that the meta data of the response gives general purpose components the hints to support a coarse understanding of what is going on.
One significant piece of meta data is the response code, which communicates when the response body contains a representation of a resource, and when instead it contains a representation of "an explanation of the error situation".
Does it have to be a "web page"? No, of course not. Instead it could be text/plain, or application/problem+json, or any other representation that you would expect a general purpose client to be able to interpret.
The design of the message should be motivated by its use case, which is to say it is a document intended to be read by a human being trying to figure out what has gone wrong (we don't expect general purpose components to understand how to automatically fix a bad URL; instead, we describe the problem for a person, who will sort it out).

HTTP GET request with body for RESTful API [duplicate]

This question already has answers here:
HTTP GET with request body
(23 answers)
Closed 2 years ago.
I've been looking at how to implement the following:
I am developing a RESTful Web API (using .Net Core 2.2). I need to create an endpoint where the consuming client can send some text to the API, the API replaces some tokens in this text, and returns the text back to the consuming client.
I thought that the client should simply do a GET request, with the text in the body. The reply would then be the new text after the token replacements. However, from my research, it appears one should not stick anything with semantics in the body of a GET request. I'm not sure if arbitrary text with certain tokens that need to be replaced by the API qualifies as semantic? I've also seen it stated at "you should not be able to use the body of a GET request to alter the response". I guess I'm in trouble there, as depending what goes into he body, will affect the response.
So then, I've been struggling to figure out what is the correct way to do this. If anyone has an pointers I'd greatly appreciate it.
Thank you.
I thought that the client should simply do a GET request, with the text in the body. The reply would then be the new text after the token replacements. However, from my research, it appears one should not stick anything with semantics in the body of a GET request.
Right - RFC 7231
A payload within a GET request message has no defined semantics; sending a payload body on a GET request might cause some existing implementations to reject the request.
In basic HTTP, you've got choices. One is to include a representation of your document in the URI itself
/?your_document_as_a_query_string
/your/document/as/path/segments
For short documents, that approach can be fine; but implementations are not required to support infinitely long identifiers, so you may discover that intermediate components reject your request, or crop the URI in transit.
A safe mechanism for achieving your goal is to use POST, rather than GET. POST supports a message body, so you can send the blank form to the server, and receive back the edited version in the response.
POST is the wildcard method of HTTP, it can mean anything. In the spec, the body of the response includes "a representation of the status of, or results obtained from, the action".
You might also consider that the response duplicates a lot of the content of the body of the request, and consider instead the possibilities of fetching a map of your template values from the server, and then applying the template on the client.

Using JSON Search Queries with a GET request in JMeter

My org is trying to use JMeter as part of a test automation suite to test some back end REST APIs. Currently one of them supports using JSON queries as a way to get filtered results back from a GET request.
We are using the JMeter UI to create these tests and since all the other API calls work under the HttpClient3.1 HTTP Request implementation that is the implementation that I am currently using to get this to work. With this implementation I get the following when looking at the failure in the results tree (response data portion) I have made the error slightly more generic to protect some IP:
java.lang.IllegalArgumentException: Invalid uri 'https://server:port/restservice/v1/users?firstname_query={"in":["User1FirstName","User2FirstName"]}': Invalid query
at org.apache.commons.httpclient.HttpMethodBase.(HttpMethodBase.java:222)
at org.apache.commons.httpclient.methods.GetMethod.(GetMethod.java:89)
at org.apache.jmeter.protocol.http.sampler.HTTPHC3Impl.sample(HTTPHC3Impl.java:229)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:74)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1146)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1135)
at org.apache.jmeter.threads.JMeterThread.process_sampler(JMeterThread.java:434)
at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:261)
at java.lang.Thread.run(Unknown Source)
I have also tried the same request using the Java implementation and get a similar result.
If anyone has any ideas or if you need more information let me know and thank you again in advance for any help you may be able to provide.
Your HTTP Request configuration is a little bit incorrect. JSON entities contain braces {} which are not allowed in URLs so you need to encode them.
Configure your HTTP Request sampler like:
Make sure "Encode" box is ticked.
And this way you will be able to send JSON with HTTP GET Requests. You can use View Results Tree listener to inspect request and response details:
You might also need to add HTTP Header Manager to your Test Plan and configure it to send Content-Type header with the value of application/json. See Testing SOAP/REST Web Services Using JMeter article for more details on properly configuring JMeter for testing REST APIs.

RESTful post in Oracle Service Bus

Does anyone know how to create a proxy service that will handle this sort of thing?
What I'm looking for is a path parameter and a post body being formatted similar to this:
POST www.myurl.com/{123}
Post body:
myId=1&myOtherId=2
I am currently passing in an XML document and I'm doing an insert on the http:relative-URI element in the transport. This seems to work.
I am also currently doing an insert on the http:query-parameters for my post body name/value pairs.
I am inserting these on the outbound variable. When I debug, both are showing up and I'm contacting the REST service. I am getting a 400 -- Bad Request error. This happens when the post body is not configured correctly.
Any ideas how to do this?
If you are just Posting an XML, then while creating Proxy Service, Select Service Type as Any XML.