以编程方式提供 NiFi InvokeHTTP 不同的证书 [英] Programmatically provide NiFi InvokeHTTP different certificates
问题描述
我在 Nifi 中有一个要求,我在不同的 HTTPS REST 端点之间循环并为某些端点提供不同的证书,并为其他一些端点提供不同的用户名/密码.
我使用 InvokeHTTP 处理器发送请求,虽然 URL 采用表达式语言,但我无法使用表达式设置 SSLContextService.
或者,我想使用 ExecuteScript 来调用这些端点,但是作为
现在是脚本:
@Grab(group='acme.groovy', module='acmehttp', version='20180301',transitive=false)导入 groovyx.acme.net.AcmeHTTP导入 org.apache.nifi.ssl.SSLContextService.ClientAuthdef ff=session.get()如果(!ff)返回定义 httpff.write{ffIn, ffOut->http = AcmeHTTP.post(url: "https://httpbin.org/post",//基本网址query: [aaa:"hello", bbb:"world!"],//查询参数//将流文件内容(流)作为正文发送身体:ffIn,标题:[//从流文件`mime.type`属性分配内容类型内容类型":ff.'mime.type'],//你可以声明`CTX.ssl1`、`CTX、.ssl2`、...处理器属性并将它们映射到SSLContextService//然后根据某些条件创建不同的 SSLContext//在这种情况下,让我们使用 `CTL.ssl1` 服务来创建上下文ssl: CTL["ssl"+1].createSSLContext(ClientAuth.WANT),//下一个注释行创建信任所有 ssl 上下文://ssl: AcmeHTTP.getNaiveSSLContext(),//将 url 响应流传输到流文件流的接收器接收器:{respStream,httpCtx->ff输出<<响应流 })}//使用'http.header.'将响应hesders设置为流文件属性.字首http.response.headers.each{k,v->ff['http.header.'+k]=v }//状态码和消息ff.'http.status.code' = http.response.codeff.'http.status.message' = http.response.message如果(http.response.code < 400){//如果响应正常则转移到成功REL_SUCCESS <<ff}别的{//响应码为400+时转为失败REL_FAILURE<I have a requirement in Nifi where I have cycle through different HTTPS REST Endpoints and provide different certificates for some endpoints and different username / password for some other endpoints.
I used InvokeHTTP processor to send the requests, although URL takes an expression language, I cannot setup SSLContextService with an expression.
Alternatively, I thought on using ExecuteScript to call those Endpoints, however as listed here in StackOverflow post; I still don't know how to programmatically call an external service through a script.
Any help appreciated.
just for fun created the groovy script that calls http.
for sure you can avoid using it. and I believe InvokeHTTP processor covers almost all needs.
However.. going to call test rest service: /post at https://httpbin.org
the flow: GenerateFlowFile (generates body) -> EcecuteGroovyScript (call service)
The body generated by GenerateFlowFile : {"id":123, "txt":"aaabbbccc"}
In ExecuteGroovyScript 1.5.0 declare the CTL.ssl1 property and link it to StandardSSLContextService
and now the script:
@Grab(group='acme.groovy', module='acmehttp', version='20180301', transitive=false)
import groovyx.acme.net.AcmeHTTP
import org.apache.nifi.ssl.SSLContextService.ClientAuth
def ff=session.get()
if(!ff)return
def http
ff.write{ffIn, ffOut->
http = AcmeHTTP.post(
url: "https://httpbin.org/post", //base url
query: [aaa:"hello", bbb:"world!"], //query parameters
// send flowfile content (stream) as a body
body: ffIn,
headers:[
//assign content-type from flowfile `mime.type` attribute
"content-type":ff.'mime.type'
],
// you can declare `CTX.ssl1`, `CTX,.ssl2`,... processor properties and map them to SSLContextService
// then depending on some condition create different SSLContext
// in this case let's take `CTL.ssl1` service to create context
ssl: CTL["ssl"+1].createSSLContext(ClientAuth.WANT),
// the next commented line creates trust all ssl context:
//ssl: AcmeHTTP.getNaiveSSLContext(),
// the receiver that transfers url response stream to flowfile stream
receiver:{respStream, httpCtx-> ffOut << respStream }
)
}
//set response hesders as flow file attributes with 'http.header.' prefix
http.response.headers.each{ k,v-> ff['http.header.'+k]=v }
//status code and message
ff.'http.status.code' = http.response.code
ff.'http.status.message' = http.response.message
if( http.response.code < 400){
//transfer to success if response was ok
REL_SUCCESS << ff
}else{
//transfer to failure when response code is 400+
REL_FAILURE << ff
}
这篇关于以编程方式提供 NiFi InvokeHTTP 不同的证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
