Tom Philippi · Nov 28, 2017

How to best share External Login Tokens accross Business Processes

When executing a business process I'd like to share the Login Token from an external system retrieved via one of my business operations across multiple process instances. This means I need to persist the token somewhere. What would be the best approach/pattern to implement this?

The primary idea I had was to store the token and a timestamp in a persistable object and then write a single method in the Business Operation that retrieves the token. The method returns either the token from the persistable object, or if the timestamp is older than say one hour, it calls the external system to get a new token and returns that (and of course updates the persistable object).

Alternative ideas are:

- Model the Business process such that it first tries to make a call to the external system and if it fails then the token may be expired, then make a call to get a new token, and then retry the first call. This sounds a bit cumbersome to me though, especially Ensemble is processing multiple messages per minute.

- Model a separate business process that just retrieves a new token every hour and store this in a persistable object. The primary business process then always retrieves from this persistable object and never initiates a call to retrieve a token from the external system itself. Also I don't need to persist a timestamp then.

- Would it be a good idea to use the credentials object instead of a custom persistable object? Of course than I cannot implement any solution that uses a timestamp.

1 0 1 199
Log in or sign up to continue

I usually use this proxy operation that keeps track of token:

Class Production.AuthOperation Extends Ens.BusinessOperation

Parameter ADAPTER = "EnsLib.HTTP.OutboundAdapter";

Property Adapter As EnsLib.HTTP.OutboundAdapter;

/// Token
Property Key As %String;

/// Number of seconds, that the key is valid
Property KeyValid As %Integer [ InitialExpression = 7200 ];

/// Time, till which the key is valid
Property ValidUntil As %TimeStamp;

Parameter INVOCATION = "Queue";

Parameter SETTINGS = "KeyValid:Basic";

/// Get token
Method OnMessage(request As Ens.Request, Output response As Ens.StringResponse) As %Status
    #dim sc As %Statis = $$$OK
    set now = $horolog
    if $System.SQL.DATEDIFF("second", now, ..ValidUntil)<=0 {
        // Get new key valid period
        set validUntil = $System.SQL.DATEADD("second", ..KeyValid, now)
        // Get key from auth server by sending user/pass
        set input = { "user": (..Adapter.%CredentialsObj.Username), "password": (..Adapter.%CredentialsObj.Password)}
        set sc = ..Adapter.Post(.httpResponse,,input)
        quit:$$$ISERR(sc) sc
        // Parse key from response
        set ..Key = {}.%FromJSON(httpResponse.Data).key
        set ..ValidUntil = validUntil
    set response = ##class(Ens.StringResponse).%New(..Key)
    quit sc