Parameter Transformation is an option for the advanced processing of inputs from a request. It allows to
have different names for parameters submitted and parameters declared in endpoints.xml
produce parameter values different from submitted values
validate input data and create custom error messages, implementing custom validation rules
process XML body as input (content type "application/xml")
To use parameter-transformation add a tag <parameter-transformation> to the endpoint-definition in the endpoint-folder. The xslt (mandatory) is from the directory "parameter-transformation-xslt" under application. You may use subdirectories to organize XSLT in this directory.
Optionally zero or many data sources may be added. Syntax for adding data sources is the same as for Data Source Transformation.
In the absence of "parameter transformation" the default behaviour for processing data inputs is:
Data can be sent as GET or POST parameters only. It is not possible to supply request type "application/xml" as an input.
The name of the parameter sent must be existing as a parameter-name in endpoints.xml.
Sending parameters not existing in endpoints.xml will cause an error.
For every parameter existing in endpoints.xml a value must be submitted, unless a default-value exists. Otherwise this will cause an error.
The value of each parameter equals the value of the respective parameter submitted.
If the request is a GET/POST with parameters then all parameters are taken and <parameter name="x" value="y"/> elements are created - no matter if declared in <endpoints.xml> or not. If the request is a POST with an XML body then the XML is taken as is.
Any optionally specified data sources are executed. Any GET and POST parameters may be accessed with the ${x} syntax (see the data source descriptions for where parameters may be used). Any parameter which is referenced but not supplied with the request is left empty (an error is not produced) as the point of the parameter transformation is to determine errors. An error being produced by a missing parameter would then not allow the parameter transformation to produce a custom <error> output.
Input from [1] and [2] are placed into an XML called "parameter-transformation-input.xml". See Parameter Transformation Input for details.
The XSLT (from directory parameter-transformation-xslt under application) is applied on "parameter-transformation-input.xml". The generated output is called "parameter-transformation-output.xml". The generated output requires a specific schema. See Parameter Transformation Output for details.
If the result of the transformation includes <error>Param 'x' must be an integer</error>, this error message is returned to the user, and no further processing is performed. The absence of an error tag is considered a success (i.e. there is no “success” tag or similar).
Parameter values are extracted from the result of the transformation.
Normal parameter processing steps are taken (default values are applied, an error if values are missing, etc.).
The parameter-transformation-xslt will use parameter-transformation-input.xml as an input and will generate parameter-transformation-output.xml.
The required output scheme is:
Each parameter existing in endpoints.xml must be present in the output, except if the parameter has a default-value (which will be applied if the parameter were missing in the output).
Output of a parameter not existing in endpoints.xml will raise an error.
If the same parameter appears multiple times, then later values override earlier values.
Optionally an <error> tag can be added. If existing, an error will be raised. The custom error message is taken from this tag. Note that an empty error tag <error/> will also raise an error, but with an empty error message.
Inputs from request and data from optionally added data sources are automatically placed into a temporary XML called <parameter-transformation-input>.
The custom XSLT ("parameter-transformation-xslt") will be applied to this XML.
OpenEndpoints will automatically insert additional useful tags:
all parameters submitted in the originating request, having <parameter name="xxx" value="xxx"/>. This explicitly includes the system parameters hash and environment (if not omitted; otherwise the parameter is not existing).
endpoint: name of the endpoint that has been called.
debug-requested: if existing the request had a parameter "debug=true". Otherwise this tag will be omitted.
<http-header name-lowercase="user-agent">Foo</http-header> This may be present multiple times, or not at all. HTTP Headers are case insensitive so e.g. “User-Agent” and “user-AGENT” are the same header. Therefore these are normalized to all lowercase.
<cookie name="Session">12345</cookie> This may be present multiple times, or not at all. Cookies on the other hand are case sensitive, so it’s possible to have “Session” and “SESSION” as two different cookies with different values, so these aren’t normalized to lowercase.
ip-address
application: the name of the application
application-display-name: the display-name of the application, if available from the database.
git-revision: if the application was published from Git via the Service Portal then this contains the Git hash for the revision. (If the application is deployed in "single application mode" then this tag is omitted.)
debug-allowed: if existing debugging is set to "allowed" in the database. Otherwise this tag will be omitted.
secret-key: one separate tag for each secret-key
random-id-per-endpoint: the database request-log adds a random id per request per application
base-url: The base-url of the application is taken from an environment variable.
The json paylod is converted to xml.
Create the parameter-transformation-tag
Allow debugging and send a request with debug=true. For details see Debug Mode
The generated parameter-transformation-input.xml is available in the request-log.