or "Bonus Breakage"

In our last lesson, we added a relationship between 2 persistent classes. We are clearly going to need to start creating REST Services to expose CRUD operations for each of these classes, but before we do that, we should really finish defining our linkages. We added code to our Widget toJSON to spool off related Accessory data, so we should really do the reciprocal and allow Accessories to return all Widgets that are compatible.

3 2
1 1,073

I have Mac OSX and Docker Desktop 2.2 (Engine 19.03).

I have a REST service running on my localhost (Mac) and I was trying to consume it from IRIS running in a Docker container.

If you try something like that don't use localhost as HTTP Server setting (using a Business Operation for example).

You have to use host.docker.internal.

3 2
0 225

By default InterSystems IRIS expose your endpoints using http, but can be necessary run https from your dev env and/or get public internet access to your app. You can buy or get a certificate and config a gateway, spending many hours or use a great public service called ngrok. Follow the steps:

1 - Run your app, I will use FHIR template as sample, see:

1.1 download the app: git clone https://github.com/intersystems-community/iris-fhir-template.git

5 2
4 326


We are in the age of the multiplatform economy and APIs are the "glue" in this digital scenario. Since they are so important, they are seen by developers as a service or product to be consumed. Therefore, usage experience is a crucial factor for its success.

5 2
3 611
· Apr 17, 2017 4m read
Debugging Web

In this article I'll cover testing and debugging Caché web applications (mainly REST) with external tools. Second part covers Caché tools.

You wrote server-side code and want to test it from a client or already have a web application and it doesn't work. Here comes debugging. In this article I'll go from the easiest to use tools (browser) to the most comprehensive (packet analyzer), but first let's talk a little about most common errors and how they can be resolved.

15 2
4 2,872

This quick guide shows how to serve HTTPS requests with InterSystems API Management. Advantage here is that you have your certs on one separated server and you don't need to configure each backend web-server separately.

Here's how:

1. Buy the domain name.

2. Adjust DNS records from your domain to the IAM IP address.

3. Generate HTTPS certificate and private key. I use Let's Encrypt - it's free.

4. Start IAM if you didn't already.

5. Send this request to IAM:

2 2
1 440
· Feb 7 9m read
OpenAPI Suite - Part 2

Hi Community,

In the first part, we describe all packages, used libraries and REST services.

Now, I would like to add some details about converter and validator services.

By default, OpenAPI-Suite sends an HTTP request to converter.swagger.io if the specification version is less than 3.0 and another HTTP request to validator.swagger.io to simplify the structure of the specification document.

Although the usage of online utilities is convenient, in some cases it could be better to have our own instance of the converter and validator. For example, if OpenAPI-Suite is provided on a server in an organisation for ObjectScript developers, it may be preferable to avoid requests to external services (privacy, avoid request rate limits).

Just run:

docker run -d -p 8085:8080 --name swagger-converter swaggerapi/swagger-converter:latest
docker run -d -p 8086:8080 --name swagger-validator-v2 swaggerapi/swagger-validator-v2:latest

4 2
1 231

Asymmetric cryptography is a cryptographic system that uses pairs of keys: public keys which may be disseminated widely, and private keys which are known only to the owner. The generation of such keys depends on cryptographic algorithms based on mathematical problems to produce one-way functions. Effective security only requires keeping the private key private; the public key can be openly distributed without compromising security.

In such a system, any person can encrypt a message using the receiver's public key, but that encrypted message can only be decrypted with the receiver's private key.

Robust authentication is also possible. A sender can combine a message with a private key to create a short digital signature on the message. Anyone with the sender's corresponding public key can combine the same message and the supposed digital signature associated with it to verify whether the signature was valid, i.e. made by the owner of the corresponding private key. (C) Wikipedia.

0 2
0 492
· Oct 7, 2016 4m read
Forwarding Requests in a REST Service

One useful feature of our REST framework is the ability for a dispatch class to identify request prefixes and forward them to another dispatch class. This approach of modularizing your URL map will improve code readability, enable you to easily maintain separate versions of an interface, and provide a means to protect API calls that only certain users will be allowed to access.

7 1
0 3,394


Nowadays, there is a lot of applications that are using Open Authorization framework (OAuth) to access resources from all kinds of services in a secure, reliable and efficient manner. InterSystems IRIS is already compatible with OAuth 2.0 framework, in fact, there is a great article in the community regarding OAuth 2.0 and InterSystems IRIS in the following link here.

5 1
0 1,080
· Oct 5, 2020 2m read
File Passthrough Feeder

IRIS Interoperability Productions formerly known as Ensemble are fun to work with. Yes, I really think my work is fun. I have seen File Passthrough Services and File Passthrough Operations come in handy. At one point we placed test messages in files, then we utilized a File Passthrough Service with Inbound File Adapter to send the contents of the file as a Stream to a File Passthrough Operation with Outbound TCP Adapter.

4 1
0 289

In this 3-part series of articles, is shown how you can use IAM to simply add security, according to OAuth 2.0 standards, to a previously unauthenticated service deployed in IRIS.

In the first part, was provided some OAuth 2.0 background together with some IRIS and IAM initial definitions and configurations in order to facilitate the understanding of the whole process of securing your services.

5 1
0 799

As many of you, our partners, are more widely using modern UI frameworks to create client front-end, you may have encountered a question, "So how do I secure my data when I just finished developing all new fancy browser based client experience?"

The answer is easy. Use a standard, proven OAuth2 and OpenID!

"OK, but how can I do it? I have never done it before."

No problem, just have a look here, if your client is Angular (not AngularJS) based, there is a demo project available for you to review and get inspired!

6 1
0 1,151

This series of articles aims to address the following topics:

  • Creation of a web application based on REST pages;
  • Overview of some tools for tracing (debugging) HTTP requests;
  • Switching from hyperevents to... hyperevents;
  • Integration with jQuery File Upload;
  • Conversion of JSON from the {id:1,parentId:1} format to the {id:1,children:[{}]} format for tree visualization;
  • Integration with jQuery EasyUI (using datagrid and tree as examples);
  • Other topics.

5 1
1 882

In this article I'll describe how to set up web services and/or REST services using EWD 3.

Since EWD 3 is designed to be modular, you can construct the environment that exactly meets your needs, but for much of the time you'll probably find that the pre-built EWD 3 ewd-xpress super-module does most of what you need because it hooks together all the core EWD 3 and other building-blocks you'll need:

4 1
1 1,256

Object Synchronization is a feature that has been around for a while, since Caché days, but I wanted to explore a bit more how it works. I've always thought that database automatic synchronization is complex by nature but, for some particular scenarios shouldn't be so hard. So I considered a very simple use case (OK, perhaps the typical one, I'm not discovering anything... but if it's common and it works, it's good wink ).

6 1
2 425
· Apr 24, 2020 2m read
REST for Tasks on my Status Report

I enjoy the challenge of being in a contest. Currently I participate in InterSystems IRIS with REST API Programming Contest. My idea for this contest was to create an app to help me keep track of tasks for my Status Reports. I started with the template provided by Evgeny Shvarov. I created a persistent class for Tasks and a REST Dispatch class. I defined my URL map and I even figured out how to test my REST app using Postman.

2 1
0 187

This earlier article already announced the new iKnow REST APIs that are included in the 2017.1 release, but since then we've added extensive documentation for those APIs through the OpenAPI Specification (aka Swagger), which you'll find in the current 2017.1 release candidate. Without wanting to repeat much detail on how the APIs are organised, this article will show you how you can consult that elaborate documentation easily with Swagger-UI, an open source utility that reads OpenAPI specs and uses it to generate a very helpful GUI on top of your API.

6 1
0 804
· Sep 2, 2016 2m read
Advanced URL mapping for REST

By now it's a commonplace how to implement a basic REST API in Caché and there is good documentation about it here: REST in Caché

A question that comes up from time to time is:

How can I make a parameter in my REST url optional?

Simply put, is it possible to create a URL map in Caché that maps a URL like this:

12 1
0 2,353

Making a Chart using Intersystems IRIS + Python

How to use the IRIS Native API in Python to access globals and plot some charts.

Why Python?

With a large adoption and use in the world, Python have a great community and a lot of accelerators | libraries to deploy any kind of application.
If you are curious (https://www.python.org/about/apps/)

4 1
0 365

or "So you just got yelled at by your boss, for sending him an unformatted Hello World webpage"

Our previous lesson ended with us serving a Message value obtained from a Caché REST service to the client, using Angular as a runtime. While there is a lot of moving parts involved in this process, the page is not especially exciting at the moment. Before we can start adding new features, we should take a step back and review our tools.

11 1
1 2,340
· May 22, 2017 1m read
WebSockets v REST?

Most frameworks support either REST or WebSockets, and don't make it easy to switch between the two, and/or support both styles of application at the same time. WebSockets offer many advantages over REST, eg:

- most benchmarks show WebSocket messaging to be significantly faster than over HTTP

1 1
0 420

Applications that work with bill payments and receipts, as well as the delivery and inventory of items, generally require the use of barcodes or QR Codes. The latter is used in even broader scenarios since the QR Code can store more information than a simple bar code. Thus, it is important to have the ability to generate barcodes and QR Codes or read the data stored in them from an image or a PDF. This article will show you how to do this using Python and some of its free libraries.

2 1
2 305

Quite a few enhancements have appeared over recent months in QEWD for easing and simplifying the creation of REST-based services. It's now even more slick and powerful, allowing you to very quickly create very high-performance, highly-scalable REST (and Web) services that make use of Cache.

I've therefore updated the training presentation deck (Part 31 on developing REST Services with QEWD). It describes all the new features with worked examples. See:

2 1
0 485