0

I have found the https://docs.marklogic.com/xdmp:http-post function.

I would like to use the token authentication method to send out a JSON document from MarkLogic to a middle tier node.js application. We use token authentication.

What http-options should I use to make this work?

Example:

(: Use xdmp:quote to encode the XML as a string
   because the <data> options element is a string :)
let $payload := xdmp:quote('
{"alert": {
                "id": "123abc",
                "type": "sensorAlert",
                "timestamp": "2015-08-12 T 13:48:45 CET",
                "actions": ["go get them!"],
                "status": "active"
            }
}'
)
return
xdmp:http-post("http://cluey-app-ml1:9070/alert",
     <options xmlns="xdmp:http">
       <authentication method="basic">
         <username>myname</username>
         <password>mypassword</password>
       </authentication>
       <data>{$payload}</data>
       <headers>
         <content-type>application/json</content-type>
       </headers>
     </options>)

Ofcourse posting this as-is gives me a 401 unauthorized response:

<response xmlns="xdmp:http">
<code>401</code>
<message>Unauthorized</message>
<headers>
<x-powered-by>Express</x-powered-by>
<access-control-allow-origin>*</access-control-allow-origin>
<content-type>text/html; charset=utf-8</content-type>
<content-length>26</content-length>
<etag>W/"1a-14Zh6wfLQpiHPatjrIEVAQ"</etag>
<set-cookie>connect.sid=s%3AT_lwAwvX9-1rJ7It7x42w126532HtIA2.nr5Zt2dONb6Q0uD7LpryZrpEsOUvXL8ZHUiTr8hOsfg; Path=/; HttpOnly</set-cookie>
<date>Tue, 08 Sep 2015 13:50:27 GMT</date>
<connection>keep-alive</connection>
</headers>
</response>
Text document 
Could not broadcast alert.
Hugo Koopmans
  • 1,349
  • 1
  • 15
  • 27
  • I don't know how to use token auth that way, but have you considered using the [MarkLogic Node Client API](https://github.com/marklogic/node-client-api) and pulling the information instead of pushing it? – Dave Cassel Sep 08 '15 at 17:40
  • Hi Dave yes we considered that but timing is crucial in this app seconds matter so an alert needs to be pushed as soon as it is recieved by the database – Hugo Koopmans Sep 08 '15 at 18:18

1 Answers1

0

Although not a 'feature' that I know of, there is likely nothing stopping you form doing request "A" to get your token, storing it in ML and then using it for subsequent requests by setting the appropriate header information required by your token system (such as Authentication:Bearerxxxxx as an example)

Tokens are sent back as header information. You can see the options for how to set header information on this page: https://docs.marklogic.com/xdmp:http-get

Edited below to reflect comment:

<headers>
  <access-token>eyJ0eXAiO...RDHaNEjftfja-MofLqlv6fUKmN7k...</access-token>
  <content-type‌​>application/json</content-type>
</headers>
David Ennis -CleverLlamas.com
  • 7,560
  • 12
  • 20
  • Hi David, that is exact my question, what do I put in the options to be able to send a POST equivalent to a curl header like -H 'Content-Typeaccess-token:eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6ImRhdmlkIn0.TpHWyRZasjmI3VGRDHaNEjftfja-MofLqlv6fUKmN7k' – Hugo Koopmans Sep 08 '15 at 18:17
  • You can add as many header entries as you like eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6I‌​mRhdmlkIn0.TpHWyRZasjmI3VGRDHaNEjftfja-MofLqlv6fUKmN7kapplication/json – David Ennis -CleverLlamas.com Sep 08 '15 at 22:22