Skip to Content

Changes for page Groovy Script

Last modified by Erik Bakker on 2024/09/05 13:53
From version 11.1
edited by Erik Bakker
on 2022/07/26 13:40
Change comment: There is no comment for this version
To version 8.1
edited by Erik Bakker
on 2022/07/26 12:49
Change comment: There is no comment for this version

Summary

Details

Page properties
Title
... ... @@ -1,1 +1,1 @@
1 -API Gateway Security - External IDP
1 +Image Transformations
Default language
... ... @@ -1,1 +1,0 @@
1 -en
Content
... ... @@ -1,5 +1,5 @@
1 1  {{container}}{{container layoutStyle="columns"}}(((
2 -In the crash course on the API Gateway we discussed the various options available to [[secure>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course API Gateway.crashcourse-api-gateway-security.WebHome||target="blank"]] your API Gateway properly. In this microlearning, we will expand our knowledge on that topic by looking at a special case of securing your API Gateway. That case is special as you use an external identity provider (IDP) to govern the roles and users that have rights on your API Gateway.
2 +In most cases, you will transform XML messages to other XML messages, or you will transform JSON or EDI messages in another of these formats. However, sometimes you want to perform an image transformation. With this image transformation you can transform images in certain formats to another format (i.e. png). This can come in handy when you want to standardize the image format before using it further downstream in your business application(s).
3 3  
4 4  Should you have any questions, please get in touch with [[academy@emagiz.com>>mailto:academy@emagiz.com]].
5 5  
... ... @@ -9,51 +9,51 @@
9 9  
10 10  == 2. Key concepts ==
11 11  
12 -This microlearning focuses on using an external IDP to validate whether a user is authorized to execute a certain action on your API Gateway and what configuration is needed in eMagiz to make this work.
12 +This microlearning focuses on performing image transformations in eMagiz.
13 13  
14 -* The Token and Issuer URL of the external IDP need to be known
15 -* Users and Roles under User Management need to be manually configured and maintained to keep them in sync with the external IDP
14 +With image transformation, we mean transforming the raw data that represents an image to another image format.
16 16  
17 -== 3. External IDP ==
16 +* Read the helptext of the component to understand which formats are supported
17 +* Ensure the input image is supplied in the correct format
18 +* Ensure you wrap the output image in something if you want to do additional transformations on the data further downstream
18 18  
19 -In the crash course on the API Gateway we discussed the various options available to [[secure>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course API Gateway.crashcourse-api-gateway-security.WebHome||target="blank"]] your API Gateway properly. In this microlearning, we will expand our knowledge on that topic by looking at a special case of securing your API Gateway. That case is special as you use an external identity provider (IDP) to govern the roles and users that have rights on your API Gateway.
20 +== 3. Image Transformation ==
20 20  
21 -When selecting the option OAuth2.0 (or OpenID Connect) you have the option to use the IDP provided by eMagiz which makes the configuration easy or you could use an external IDP which you have control over and want to use for this purposes.
22 +In most cases, you will transform XML messages to other XML messages, or you will transform JSON or EDI messages in another of these formats. However, sometimes you want to perform an image transformation. With this image transformation you can transform images in certain formats to another format (i.e. png). This can come in handy when you want to standardize the image format before using it further downstream in your business application(s).
22 22  
23 -In this microlearning we will highlight what you need to configure in Design and Deploy to make this work within the tooling of eMagiz.
24 +Before we dive into the specifics of how to configure this let us first consider the following:
24 24  
25 -=== 3.1 Design ===
26 +* Read the helptext of the component to understand which formats are supported
27 +* Ensure the input image is supplied in the correct format
28 +* Ensure you wrap the output image in something if you want to do additional transformations on the data further downstream
26 26  
27 -On the security level of the API Gateway in Design you need to select the desired option, for example OAuth2.0. Instead of not filling in the token and issuer URL, indicating that you want to use the eMagiz IDP, you need to fill these in to reference the IDP of your choice. Below you see an example of how this could be configured.
30 +{{warning}}The focus of this microlearning lies on the image transformer component. Ensuring that the input is useful and the output fits the remainder of the process is highly depending on the use case and will therefore not be discussed in this microlearning{{/warning}}
28 28  
29 -[[image:Main.Images.Microlearning.WebHome@expert-securing-data-traffic-api-gw-security-external-idp-security-config-design.png]]
32 +When turning to the Create phase of eMagiz, we need to open the flow and enter "Start Editing" mode to add the component we need. For example, in the left panel, you can search for "Image". This will yield the following result.
30 30  
31 -Note that the environmentID in this example should be replaced with an actual environmentID that references your environment.
34 +[[image:Main.Images.Microlearning.WebHome@expert-create-your-transformations-image-transformation-image-transformation-component.png]]
32 32  
33 -=== 3.2 Deploy ===
34 -
35 -Normally, eMagiz will automatically update the User Management information based on the configuration in Design. However, because the identity check is not done by eMagiz but by an external party you need to manually enter the roles and users and configure the scope correctly on role level.
36 -
37 -To do so navigate to User Management in Deploy and add the users you want manually by pressing the New button and providing them with a name. Do subsequently the same for the roles. On role level do not forget to correctly enter the scope to make the call work. Note that the help text on the scope level gently reminds you what you need to do to make this work.
38 -
39 -[[image:Main.Images.Microlearning.WebHome@expert-securing-data-traffic-api-gw-security-external-idp-scope-configuration.png]]
40 -
41 -{{warning}}When implementing this you would be the first to do so with this setup. This means there might be some unexpected behavior when configuring this.{{/warning}}
42 -
43 43  == 4. Assignment ==
44 44  
45 -No assignment
38 +Check out which of the XPaths we have discussed today can be found within your project.
39 +This assignment can be completed within the (Academy) project you created/used in the previous assignment.
46 46  
47 47  == 5. Key takeaways ==
48 48  
49 -* The Token and Issuer URL of the external IDP need to be known
50 -* Users and Roles under User Management need to be manually configured and maintained to keep them in sync with the external IDP
51 -* When implementing this you would be the first to do so with this setup.
43 +Some of the very complex XPath options are:
52 52  
45 +* matches
46 +* replace
47 +* tokenize
48 +
53 53  == 6. Suggested Additional Readings ==
54 54  
55 -If you are interested in this topic and want more information, please read the help text provided by eMagiz.
51 +If you are interested in this topic and want more information on it, please read the help text provided by eMagiz and read more information on the following links:
56 56  
53 +* http://www.xsltfunctions.com/xsl/fn_matches.html
54 +* http://www.xsltfunctions.com/xsl/fn_replace.html
55 +* http://www.xsltfunctions.com/xsl/fn_tokenize.html
56 +
57 57  == 7. Silent demonstration video ==
58 58  
59 59  As this is more of theoretical microlearning, there is no video accompanying the microlearning.)))((({{toc/}}))){{/container}}{{/container}}