Using Camunda HTTP-Connector

Hi there!

We can use the HTTP Connector in Camunda to call the relevant REST Endpoint from service tasks in the bpmn diagram. According to the below diagram, "Dummy Service 1 and 2"  are service tasks which will invoke the Rest endpoints.

A generic API exists to set parameters of a request. The following parameters are available.

In order to pass the Authorization key as a http header to the REST Endpoint, we have to check whether the auth key has more than 4000 characters. If so, the camunda engine will throw a jdbc exception. https://stackoverflow.com/questions/53471783/how-to-alter-camunda-database-to-accept-long-string-variables

To avoid the exception, you have to use java serialization for persisting the long string value.

RuntimeService runtimeService = processEngine.getRuntimeService();

VariableMap variables = Variables.createVariables();
variables.putValueTyped("var", Variables
          .objectValue(aLongStringValue)
              // tells the engine to use java serialization for persisting the value 
          .serializationDataFormat(SerializationDataFormats.JAVA)  
          .create());

// Start a process instance
ProcessInstance processInstance = runtimeService.startProcessInstanceByKey("testProcess", variables);

Limitations of this approach are:

1. You cannot use this variable in queries, for example runtimeService.createVariableInstanceQuery().variableValueEquals("var", aLongStringValue).list() would not find the variable
2. Whenever you fetch the variable, you will have to use the API that returns deserialized values (e.g. RuntimeService.getVariable("name") or RuntimeService.getVariableTyped("name", true)) to get the actual value. This can be a problem if you rely on the feature that the engine can serve variables in their serialized format (which is for a regular String variable just the plain String value; for a Java-serialized Object value, it is a base64-encoded String of the byte representation).

Ashen Jayasinghe

Software Developer 

DMS

OAuth 2.0 Simplified with Node.js

Hi there!

OAuth 2.0 is an authentication protocol that is used to authenticate and authorize users in an application by using another service provider. 

In this post, we will authenticate using GitHubs Auth2 API and build a sample node application running on the local port 8080 with a web interface.

You can get the source code from here.

 OAuth2 flow

There are 3 parties in any OAuth flow:

1. Client  - The person or user who is logging in

2. Consumer - The application that the client wants to log in to

3. Service Provider - The external application through which the user authenticates

So in our use-case, the client would be the web interface, the consumer would be the application running on localhost:8080 and the service provider would be GitHub. 

Below diagram explains the flow of the application.

Once we start the application, we will be directed to a page as below.

<body>
        <a href="https://github.com/login/oauth/authorize?client_id=*****&redirect_uri=http://localhost:8080/oauth/redirect">
                Login with github</a>
</body>

The above link has three key parts

1. https://github.com/login/oauth/authorize is the OAuth Gateway for GitHub's OAuth flow. All OAuth providers have a gateway URL that you have to send the user in order to proceed.

2.  client_id=***** this specifies the client id of the application. This ID will tell GitHub about the identity of the consumer who is trying to use their OAuth service. OAuth service providers have a portal where you can register your consumer. I registered my sample node application using the GitHub registration portal found here https://github.com/settings/applications/new.

On registration, you will receive a client id and a client secret which is used in the above URL.

3. redirect_uri=http://localhost:8080/oauth/redirect specifies the URL to redirect to with the request token once the user has been authenticated by the service provider. This URL has also been set when registering the application at GitHub Registration portal (see above screenshot).

Once you click the "Login with GitHub" link, you will be redirected to the familiar OAuth Page to register with GitHub.

Once the user authenticates with GitHub, they get redirected to the redirect URL that was specified earlier, along with the request token appended to the redirect url, by the service provider (GitHub). GitHub adds this as a code parameter so the redirect url will be something like http:localhost:8080/oauth/redirect?code=<request token>.

We need the request token and client secret to get the access token , which is the token that is actually used to get the information about the user. We get this access token by making a POST HTTP call to https://github.com/login/oauth/access_token?client_id=${CLIENTID}&client_secret=${CLIENTSECRET}&code=${REQTOKEN}

Once the redirect URL execute a POST request to get the access token as explained above, if the access token is received, the user will be redirected to the welcome page. The welcome page is the page we show after the user has logged in. Now that we have the users access token, we can obtain their account information on their behalf as authorized GitHub users.

There are many API's available in GitHub's API Documentation, however we will be using the /user API to get basic information about the user. In the welcome page, first we extract the access token from the browser's query param since we redirected to welcome page with the access token (http://localhost:8080/welcome.html?access_token=<accessToken>), then we call https://api.github.com/user and include the access token as a header. 

The response from the above GET request will have many fields which is shown below through Postman.

Finally, the welcome page will display a greeting which includes the login username extracted from the above JSON payload as ${ res.login }. 

Ashen Jayasinghe
Full Stack Developer
DMS

JAVA-JSON Serialization & Deserialization Using JACKSON

Converting JSON String to MAP

try {
   ObjectMapper mapper = new ObjectMapper();
   String json = "{\"JSON\":{\"type\":\"ID\",\"value\":\"vvv\"},\"info\": \"Yes\"}";
   Map<String, Object> map = new HashMap<String, Object>();
   // convert JSON string to Map
   map = mapper.readValue(json, new TypeReference<Map<String, Object>>(){});
   System.out.println("CONVERTING JSON STRING TO MAP--="+map);

  } catch (JsonGenerationException e) {
   e.printStackTrace();
  } catch (JsonMappingException e) {
   e.printStackTrace();
  } catch (IOException e) {
   e.printStackTrace();
  }

Converting MAP to JSON String

ObjectMapper mapper2 = new ObjectMapper();
  Map<String, Object> carMap = new HashMap<String, Object>();
  carMap.put("car", "Audi");
  carMap.put("price", "30000");
  carMap.put("model", "2010");
  List<String> colors = new ArrayList<String>();
  colors.add("Grey");
  colors.add("White");
  colors.add("Black");
  carMap.put("colors", colors);
  try {
   String jsonString = new ObjectMapper().writeValueAsString(carMap);
   System.out.println("Convert Map to JSON String=="+jsonString);
  } catch (JsonProcessingException e) {
   e.printStackTrace();
  }

Converting MAP to JSON Object

try {
   JSONObject jsonObject = new JSONObject(carMap);
   System.out.println("Convert Map to JSON Object=="+jsonObject);
  } catch (Exception e) {
   e.printStackTrace();
  }

Converting JSON Object to MAP

try {
   String jsonjsonString = "{\"JSON\":{\"type\":\"ID\",\"value\":\"vvv\"},\"info\": \"Yes\"}";
   ObjectMapper mapper12 = new ObjectMapper();
   JsonNode jsonNode = mapper12.readTree(jsonjsonString);
   Map<String, Object> mapp = new HashMap<String, Object>();
   mapp = convertJSONObjectToMap(jsonNode);
   System.out.println("Convert JSON Object to Map =="+mapp);
  } catch (Exception e) {
   e.printStackTrace();
  }

Output :

Xamarin.Forms - Social Media Application

Hi there!

In this blog post, I have created a Android application using Xamarin Forms that will show a list of posts, comments of each post and the user profile of the author of the post. I have used the  JSON Placeholder service to get the required information.

The application consist of three main screens.

1. Posts List
2. Comments for a post
3. User Profile

The projects are seperately created for data retrieval and the entities (data model).When the application starts, it shows the posts list page. Data fetching happens automatically in the background.

The below video shows a walk through of the Mobile Application developed using Xamarin Forms.

The source code of this application will be shared soon!!!

Ashen Jayasinghe
Software Developer
DMS

Implementing Cross-Site Request Forgery (CSRF) Protection

Hi there!
In this blog post, I will explain how to implement CSRF protection in web applications. But first, 

What is CSRF?

Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data, since the attacker has no way to see the response to the forged request. With a little help of social engineering (such as sending a link via email or chat), an attacker may trick the users of a web application into executing actions of the attacker's choosing. If the victim is a normal user, a successful CSRF attack can force the user to perform state changing requests like transferring funds, changing their email address, and so forth. If the victim is an administrative account, CSRF can compromise the entire web application.

How we can defend against CSRF?

There are numerous patterns to defend against CSRF. In this post, I will explain only two recommended patterns using a sample web application for each pattern implemented in JavaScript.

• Synchronizer Token Pattern

• Double Submit Cookies Pattern

Synchronizer Token Pattern

You can find the link to Synchronizer token pattern Web application GitHub repository here. For demonstration purposes, a user login with hard coded credentials are implemented in the web application.  The Synchronizer token pattern is explained using following criteria's.

1.  User login - I have used hard coded login credentials for simplicity.

2. Upon login, generate session identifier and set as a cookie in the browser.

The following code will generate a session identifier and set a session cookie in the browser upon login as show in the chrome developer tool screenshot.

I have used a session middleware called "express-session" and UUID library for defining session id as a best practice.

3. At the same time, generate the CSRF token and store it in the server side.

The CSRF token is stored in memory and mapped to the session identifier. I have not used a CSRF middleware like csurf for creation and validation of a token, instead I have done the csrf implementation step by step.

Note that the console log is for testing purposes.

4. Implement an endpoint that accepts HTTP POST requests and respond with the CSRF token.

The endpoint '/middleware' receives the session cookie and it is validated with the session id stored  in the server side memory store. This session validation process is handled by the session middleware 'express-session' explained in the second step.
If the session id's are matching, the csrf token is returned to the front-end.

5. Implement a webpage that has a HTML form. The method should be POST and action should be another URL ( '/login' ) in the website. When this page loads, execute an Ajax call ( onLoadPage() ) via a javascript, which invokes the endpoint ( '/middleware' ) for obtaining the CSRF token created for the session.

I have used Fetch API to invoke the endpoint '/middleware' and obtain the csrf token when the page loads.

 <htmllang="en">  
  <head>  
   <meta charset="UTF-8">  
   <meta name="viewport" content="width=device-width, initial-scale=1.0">  
   <meta http-equiv="X-UA-Compatible" content="ie=edge">  
   <script>  

    //AJAX CALL

    function onloadPage() {  
     fetch('/middleware', {  
      credentials: 'same-origin',  
      method: 'POST', // or 'PUT'  
      body: {}, // data can be `string` or {object}!  
      headers: {  
       'Content-Type': 'application/json'  
      }  
     }).then((resp) => resp.json()) // Transform the data into json  
      .then(function (data) {  
       console.log(JSON.stringify(data));  
       var form = document.getElementById("form");  
       var input = document.createElement("input");  
       input.type = "hidden";  
       input.name = "_csrf";  
       input.value = data.csrfToken;  
       form.appendChild(input);  
      })  
    }  
   </script>  
  </head>  
  <body onload="onloadPage()">  
   <div class="login">  
    <div class="login-triangle"></div>  
    <h2 class="login-header">Log in</h2>  
    <form id="form" action="/login" method="POST" class="login-container">  
     <p>  
      <input type="email" placeholder="Email" name="email" value="jayasinghe.ashen@gmail.com">  
     </p>  
     <p>  
      <input type="password" placeholder="Password" password="password" value="123456">  
     </p>  
     <p>  
      <input type="submit" value="Log in">  
     </p>  
    </form>  
   </div>  
  </body>  
  </html>  

6. Once the page is loaded, modify the HTML form’s document object model (DOM) and add a new hidden field that has the value of the received CSRF token.

 <script>  
  //AJAX CALL  
    function onloadPage() {  
     fetch('/middleware', {  
      credentials: 'same-origin',  
      method: 'POST', // or 'PUT'  
      body: {}, // data can be `string` or {object}!  
      headers: {  
       'Content-Type': 'application/json'  
      }  
     }).then((resp) => resp.json()) // Transform the data into json  
      .then(function (data) {  
       console.log(JSON.stringify(data));  
       var form = document.getElementById("form");  
       var input = document.createElement("input");  
       input.type = "hidden";  
       input.name = "_csrf";  
       input.value = data.csrfToken;  
       form.appendChild(input);  
      })  
    }  
   </script>  

Once we obtain the csrf token returned from '/middleware' endpoint, we obtain the form id and assign it to a variable called 'form' and then, create a input type element and assign it to a variable called 'input'. 
Thereafter, we set input type, name and value as hidden, '_csrf' and the csrf token value obtained from the ajax call when the page loads and then we append the updated input element as one of the child elements to the html form element.

7. Once the HTML form is submitted to the action, in the server side, extract the received CSRF token value and check if it is the correct token issued for the particular session.

In the above code, we check if the session csrf token and the csrf token passed from the hidden input field or body is the same. if it is same, then we show a success message shown in the screenshot. If it is not same, we show 'Invalid CSRF Token' error message.

Double Submit Cookies Pattern

You can find the link to Double Submit Cookies Pattern Web application GitHub repository here.

Step 1 and 2 is same as the Synchronzier pattern.  But in step 3, we generate a csrf token for the session and set a csrf cookie in the browser.

3. At the same time, generate the CSRF token for the session and set a csrf cookie in the browser.

Note that we don't store the csrf token in the server side. The reason we set httpOnly flag to false is to allow JavaScript to access the csrf cookie when the page loads. 

4. Implement a webpage that has a HTML form. The method should be POST and action should be another URL in the website.

5. When the html form is loaded, run a javascript which reads the csrf token cookie value in the browser and add a hidden field to the html form modifying the DOM.

Since we have set the httpOnly flag to false, we can access the csrf cookie in the browser. We obtain all the cookies using document.cookie and split the key value pairs using ' ; '. After splitting, we pass the key value pairs to a array. Using a for loop, we identify the csrf cookie by using the csrf cookie name we set in the server side. Then we extract the csrf token value and create a input element and append the input element to the html form element with the csrf token.

If we have set httpOnly flag to true,  we would get the below error response.

When the form is submitted to the action, the CSRF token cookie will be submitted and also in the form body, the CSRF token value will be submitted. 

6. In the web page that accepts the form submission ('/login'), obtain the CSRF token received in the cookie and also in the message body.

req.cookies._csrf is the csrf cookie with the csrf token value which was passed to the server side after submitting the form. req.body._csrf contains the csrf token value in the hidden field inpu
t explained in step 5. . if both values are matching we get a success message as below.

IMPORTANT: Note that all the console logs in the implementation are for testing purposes. 

Ashen Jayasinghe
Full Stack Developer
DMS

GETTING STARTED WITH JAVA, TRAVIS CI AND HEROKU.

Hi there!

This post will drive you into a basic application in Spring Boot, building through Travis CI and finally deploying to Heroku.
First of all , Lets clone the sample Hello World Spring Boot project through eclipse, which I have already integrated from Travis CI and deployed to Heroku, from here. The project structure will look like below.

After cloning the project through eclipse, you can simply commit the project to your Github Repository.

TRAVIS-CI

Travis CI is a continuous integration service used to build and test software projects. It will be listening to our commits on Github and make all the deploy process for us. You can sign in with your Github account.



Once logged in , click in the + button (besides "My repositories" text) sync your account and enable the repository of our project.

Now we have to instruct Travis how to build the project. These instructions are already in the .travis.yml file which is in the Project directory.

Since this is a Java project we have to set the language as Java and the relevant jdk.

.travis.yml

language: java
jdk:
 - oraclejdk8
deploy:
 provider: heroku
 api-key: 
  secure: $HEROKU_API_KEY
 app: traviscitestashen

You can also set the build phase as <script: ./mvnw clean install> inside yaml file. This will bypass the default phase.
./mvnw install -DskipTests=true -Dmaven.javadoc.skip=true -B -V

HEROKU

Heroku is a Paas cloud computing service that supports several programming languages.
To get started, first we have to create an account, then create an app.
We have to give instructions how to correctly deploy our app.  For that we have to create a Procfile which is already created in the project root directory.

Procfile 

web: java $JAVA_OPTS -Dserver.port=$PORT -jar target/*.jar -Dspring.profiles.active=prod

Make sure packaging in pom.xml is set to jar file.

Next we have to teach Travis CI to deploy the project on Heroku after integration services are passed.
First we have to copy HEROKU API KEY from account settings.

After that, go to your repository settings in Travis CI and add a new variable called "HEROKU_API_KEY" and for the value, paste the copied Heroku Api Key.



Next you have to enable automatic deploy and tick 'wait for CI to pass" checkbox in your Heroku app deploy section.



Thats it! The configurations that is required to deploy the app are already in the .travis.yml file as

deploy:
 provider: heroku
 api-key: 
  secure: $HEROKU_API_KEY
 app: traviscitestashen

Note that the app name in yaml file should be the same as the app name in Heroku.

Now it's time to test the continuous integration and continuous deployment. Add a change to the project and commit it to your Github repo. Travis Ci will start the integration and if all goes well (excited with 0 in console) you should get a output as below and if not, app will not be deployed to Heroku.













After all the integration services are passed , Travis Ci will deploy the app to Heroku.



Alright That's it folks, now you can open the app from Heroku dashboard and you should be able to  see a output as shown below.



Links
https://docs.travis-ci.com/user/languages/java
https://blog.frankel.ch/travis-ci-tutorial-for-java-projects/
https://blog.javabien.net/2015/08/21/travis-ci-on-a-java-project-with-docker-support/

Happy Coding! :)

~ Ashen Jayasinghe ~

REST WS using Apache Camel CXFRS Component

Hi there!
In this post, I will try to explain how to write a web service using Apache Camel CXFRS component.
It will be a simple web service that will accept a GET and a POST request and returns a plain text output for the GET request and a JSON object for the POST request.

1. Start by creating a simple Maven Project , Choose the archetype of webapp. The final project structure will appear as follows.

2. Include the below dependencies in the pom.xml file.

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <groupId>ExampleRestAPI</groupId>
  <artifactId>com.restapi</artifactId>
  <version>0.0.1-SNAPSHOT</version>
  <packaging>war</packaging>
  <name>Rest Api Camel </name>
  <description>Rest API Camel project</description>
 
<properties>
<camel-web>2.5.0</camel-web>
<camel-version>2.12.0</camel-version>
<xbean-spring-version>3.5</xbean-spring-version>
</properties>
 
<dependencies>
 
<!-- Spring + Camel jars -->
 
<dependency>
<groupId>org.apache.xbean</groupId>
<artifactId>xbean-spring</artifactId>
<version>${xbean-spring-version}</version>
</dependency>
 
<dependency>
<groupId>org.apache.camel</groupId>
<artifactId>camel-spring</artifactId>
<version>${camel-version}</version>
</dependency>
<dependency>
<groupId>org.apache.camel</groupId>
<artifactId>camel-jms</artifactId>
<version>${camel-version}</version>
</dependency>
 
<dependency>
<groupId>org.apache.camel</groupId>
<artifactId>camel-stream</artifactId>
<version>${camel-version}</version>
</dependency>
 
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>3.2.4.RELEASE</version>
</dependency>
 
<dependency>
<groupId>org.apache.camel</groupId>
<artifactId>camel-cxf</artifactId>
<version>${camel-version}</version>
</dependency>
 
<dependency>
<groupId>org.apache.camel</groupId>
<artifactId>camel-cxf-transport</artifactId>
<version>${camel-version}</version>
</dependency>
 
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-http-jetty</artifactId>
<version>2.7.6</version>
</dependency>
 
<!-- Other jars (logging, io etc) -->
 
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-io</artifactId>
<version>1.3.2</version>
</dependency>
 
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>1.7.5</version>
</dependency>
 
</dependencies>
</project>

We have used Apache Camel cxf jars , SLF4J jars , Apache common IO , Spring jars. Spring jars are used to load the Application Contexts automatically.

2. After adding the dependencies, start creating the required resources. First we will start creating the servlet which listens to the input html requests. The contents of the  WEB-INF/web.xml file will look as below.

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xmlns:web="http://xmlns.jcp.org/xml/ns/javaee"
 xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
 <context-param>
 <param-name>test</param-name>
 <param-value>true</param-value>
 </context-param>
 <context-param>
 <param-name>contextConfigLocation</param-name>
 <param-value>/WEB-INF/applicationContext.xml</param-value>
 </context-param>
 <listener>
 <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
 </listener>
</web-app>

Here we have added the applicationContext.xml as the contextConfigLocation and the listener class.
In the applicationContext.xml file, we have to set the route for all implementation classes.

3. Add the below configurations to the WEB-INF/applicationContext.xml file.

<?xml version="1.0" encoding="UTF-8"?>
<!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor
 license agreements. See the NOTICE file distributed with this work for additional
 information regarding copyright ownership. The ASF licenses this file to
 You under the Apache License, Version 2.0 (the "License"); you may not use
 this file except in compliance with the License. You may obtain a copy of
 the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required
 by applicable law or agreed to in writing, software distributed under the
 License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
 OF ANY KIND, either express or implied. See the License for the specific
 language governing permissions and limitations under the License. -->
 
<beans xmlns="http://www.springframework.org/schema/beans"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
 xmlns:camel="http://camel.apache.org/schema/spring" xmlns:p="http://www.springframework.org/schema/p"
 xsi:schemaLocation="
 http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
 http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
 http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
 ">
 
<bean id="contextApplicationContextProvider" class="conf.ApplicationCtxProvider"></bean>
 
 <camelContext xmlns="http://camel.apache.org/schema/spring"
 id="Demo-Camel">
 
 <!-- All the Routes should be created within below Package -->
 <camel:package>camel.route</camel:package>
 
 </camelContext>
 
</beans>

In here we have added the route for all implementation classes under camelContext/camel:package as  camel.route which has the DemoRouteBuilder class that contains the REST endpoint URI.

4. Add the applicationContexts classes. These classes are loaded during spring initializing.

ApplicationCtx.java

package conf;
 
import org.springframework.context.ApplicationContext;
 
public class ApplicationCtx {
 
private static ApplicationContext ctx;
 
// Injected from the class "ApplicationCtxProvider" which is automatically loaded during Spring-Initialization.
 
public static void setApplicationContext(
ApplicationContext applicationContext) {
ctx = applicationContext;
}
 
// Get access to the Spring ApplicationContext from everywhere in your Application.
 
public static ApplicationContext getApplicationContext() {
return ctx;
}
}

ApplicationCtxProvider.java

package conf;
 
import org.springframework.beans.BeansException;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
 
public class ApplicationCtxProvider implements ApplicationContextAware {
 

public void setApplicationContext(ApplicationContext ctx)
throws BeansException {
ApplicationCtx.setApplicationContext(ctx);
}
}

5. Add the camel router implementation to DemoRouteBuilder.java file. This class handles all the REST calls to the REST service. It will run automatically when the server starts since the location is mentioned in the applicationContect.xml file as camel.route. It consist of cxfrs endpoint URI and resourceClasses which points to the request service classes in camel.rs.

DemoRouteBuilder.java 

package camel.route;
 
import org.apache.camel.builder.RouteBuilder;
 
import camel.process.MappingProcessor;
import rs.RequestServiceImpl;
 
public class DemoRouteBuilder extends RouteBuilder {
 
private static final String REST_ENDPOINT_URI = "cxfrs://http://localhost:9003/rest?resourceClasses=rs.RequestServiceImpl";
 
@Override
public void configure() {
errorHandler(noErrorHandler());
 
from(REST_ENDPOINT_URI)
.routeId("RestFulService")
.process(new MappingProcessor(new RequestServiceImpl()));
}
 
}

6. Content of camel process is implemented by MappingProcessor.java file.

package camel.process;
 
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
 
import org.apache.camel.Exchange;
import org.apache.camel.Processor;
import org.apache.camel.component.cxf.common.message.CxfConstants;
public class MappingProcessor implements Processor {
 
private Class<?> beanClass;
private Object instance;
 
public MappingProcessor(Object obj) {
beanClass = obj.getClass();
instance = obj;
}
 
public void process(Exchange exchange) throws Exception {
String operationName = exchange.getIn().getHeader(CxfConstants.OPERATION_NAME, String.class);
Method method = findMethod(operationName,exchange.getIn().getBody(Object[].class));
try {
Object response = method.invoke(instance, exchange.getIn().getBody(Object[].class));
exchange.getOut().setBody(response);
} catch (InvocationTargetException e) {
throw (Exception) e.getCause();
}
}
 
private Method findMethod(String operationName, Object[] parameters)throws SecurityException, NoSuchMethodException {
return beanClass.getMethod(operationName,getParameterTypes(parameters));
}
 
private Class<?>[] getParameterTypes(Object[] parameters) {
if (parameters == null) {
return new Class[0];
}
Class<?>[] answer = new Class[parameters.length];
int i = 0;
for (Object object : parameters) {
answer[i] = object.getClass();
i++;
}
return answer;
}
 
}

7. Now we will start by coding the java resource which will handle the rest request. It will consist of a interface and a implementation class. The interface class will contain the web service annotations where as the implementation class will respond to the client requests. Here the paths are defined by using the path annotation. The main path is /book.  Each method defined in this class must be called staring from http://localhost:9003/rest/book. The interface class will look as below.

RequestService.java

package rs;
 
import javax.jws.WebParam;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
 
@Path("/book")
@Consumes("application/json")
@Produces(MediaType.APPLICATION_JSON)
public interface RequestService {
 
 @GET
 @Path("/author/{id}")
 @Produces(MediaType.APPLICATION_JSON)
 Response getAvailabilityResults(@PathParam("id") Long id); 
 
 @POST
 @Path("/search")
 @Produces(MediaType.APPLICATION_JSON)
 String getSearhResults(@WebParam(name="request") String request); 
 
}

RequestServiceImpl.java

package rs;
 
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
 
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
 
public class RequestServiceImpl implements RequestService {
 
 final Logger logger = LoggerFactory.getLogger(RequestServiceImpl.class);
 
 public String getSearhResults(String request) {
 
 logger.info("getSearhResults().request : " + request);
 
 return "Hello request " + request;
 }
 
 public Response getAvailabilityResults(Long id){
 
 logger.info("getAvailabilityResults().Long : " + id);
 return Response.ok("Hello request ID :"+id).status(Status.OK).build();
 }
 
}

And that is all you require to write a REST web service with cxfrs component.

Build the project from Maven. I have used clean install package as the Maven goal in Eclipse.
Deploy the war file in a web container like Tomcat. I have used Tomcat 8 for this project.

Finally test the GET and POST methods using a rest client. I have used Postman.

GET 

POST


Also note that getSearhResults() method in RequestService class which accept POST requests only consumes json objects. If we remove the Consume annotation and send a XML input in the body, the
getSearhResults(0 will get invoked and you will be able to see the xml input. You can send any content type with the resource url and the method will get invoked as long as it doesn't contain consume annotation which consumes a specific content type. The example is below for your reference.



Happy Coding !!!

~ Ashen Jayasinghe ~