Search code examples
apama

Credentials for HTTP requests from built-in Apama runtime in Cumulocity


I'm using Apama v10.3.1. I'm using the built-in Apama container of a Cumulocity installation, that is all I'm uploading is a monitor, not an entire Apama project. In my Apama monitor I'm executing an HTTP GET request against the Cumulocity REST API to obtain additional parameters I need for my monitor processing.

My problem is that when executing the HTTP request I need to provide a user and password, otherwise I get a 401 error. Since I do not want to hard code the user and password in my monitor, is there any way to use the credentials the built-in Apama container uses for communicating with Cumulocity? Since Apama communicates with Cumulocity under the hood for exchanging events, measurements and alike, I would assume that there are credentials available somewhere. Is that the case and if so, how can I tell my Apama monitor to use these credentials?

Here is an extract of the code:

monitor SampleAlarmRules {
    
    action onload() {
        
        monitor.subscribe(Alarm.CHANNEL);
        monitor.subscribe(FindManagedObjectResponse.CHANNEL);
        
        on all Alarm(type = "ax_UnavailabilityAlarm") as a {
        onAlarm(a.source);
        
        }
                
    }
    
    action onAlarm(string source) {
        
        integer reqId := integer.getUnique();
        send FindManagedObject(reqId, source, new dictionary<string,string>) to FindManagedObject.CHANNEL;
        on FindManagedObjectResponse(reqId = reqId) as resp
           and not FindManagedObjectResponseAck(reqId) {
            ManagedObject dev := resp.managedObject;
                
            dictionary<string, string> httpConfig := {
                HttpTransport.CONFIG_AUTH_TYPE:"HTTP_BASIC"
                //HttpTransport.CONFIG_USERNAME:"someUser",
                //HttpTransport.CONFIG_PASSWORD:"somePassword"
            };
            
            HttpTransport httpTransport := HttpTransport.getOrCreateWithConfigurations("someBaseUrl", 80, httpConfig);
            Request request := httpTransport.createGETRequest("/inventory/managedObjects/5706999?withParents=true");
            request.execute(handleResponse);
      
        }
    }
    
    action handleResponse(Response response) {
        JSONPlugin json := new JSONPlugin;
        if response.isSuccess(){
            switch (response.payload.data as payload) {
                case string: {                    
                }
                default: { 
                }
            }           
        }
        
        else {
            print "###Request failed. Response status is: " + response.statusCode.toString() + " | " + response.statusMessage;
        }
    }
}

With this configuration (user and password commented) I get the following print statement:

Request failed. Response status is: 401 | Unauthorized

When enabling the user and password, the request executes successfully. However, I do not want to hard code the user and password in here.

Also, is there a way to get the current tenant from an environment variable or anything like that so that I don't have to hard code the base URL?

Thanks Mathias


Solution

  • Yes, it is possible to do that because Cumulocity passes these as environment variables to all microservice including the Apama microservice.

    You should be able to use the com.apama.correlator.Component event to access the environment variables. Use Component.getInfo("envp") to get the dictionary of environment properties and then lookup the interested variables. You can see the list of environment variables at http://www.cumulocity.com/guides/reference/microservice-runtime/#environment-variables

    So for your use case something like following will work:

    using com.apama.correlator.Component;
    ...
    monitor test {
        action onload() {
            dictionary<string,string> envp := Component.getInfo("envp");
            dictionary<string, string> httpConfig := {
                HttpTransport.CONFIG_AUTH_TYPE:"HTTP_BASIC",
                HttpTransport.CONFIG_USERNAME:envp["C8Y_USER"],
                HttpTransport.CONFIG_PASSWORD:envp["C8Y_PASSWORD"]
            };
    
            HttpTransport httpTransport := HttpTransport.getOrCreateWithConfigurations("someBaseUrl", 80, httpConfig);
                Request request := httpTransport.createGETRequest("/inventory/managedObjects/5706999?withParents=true");
                request.execute(handleResponse);
        }
    }
    

    Similarly, you can access the tenant name using environment variable C8Y_TENANT.

    Please note that these environment variables are available only in the cloud. If you want to do the same or test the code locally when using it with Cumulocity transport added by yourself, without changing the code, you can manually define the same environment variables in the run configuration of the Designer so that they are available there as well.