Uploading and downloading resources in Cordova with MFP

0
votes

We have a Cordova APP that calls an API with custom security.

Now, we're migrating to IBM MFP 8.0

I've followed the steps provided in https://mobilefirstplatform.ibmcloud.com/tutorials/en/foundation/8.0/authentication-and-security/protecting-external-resources/ to protect an external resource and https://mobilefirstplatform.ibmcloud.com/tutorials/en/foundation/8.0/application-development/resource-request/javascript/ to call via Cordova.

The app uses the plugin cordova-plugin-file-transfer for 2 things:

  • Download an image from a protected REST endpoint to the filesystem and use it in HTML (for example, the user profile photo)
  • Upload an image to a protected REST endpoint (for example, upload the user profile photo from the gallery)

It worked because the plugin can send custom Headers.

How can i achieve the same functionality with a MFP protected endpoint?

Update:

The Rest API that was working, now it's been protected as an external resource by MFP using a confidential client.

The API uses a Spring Multipart for upload and produces byte[] PNG for download:

@RequestMapping(value = PROFILE_UPDATE_USER_PROFILE_PHOTO, 
        method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE) 
@Override 
public ResponseEntity<DataOutput<APIError[], ProfilePhotoOutput>> updateUserProfilePhoto( 
                MultipartFile file) { 

        return profileController.updateUserProfilePhoto(file); 
}         

@RequestMapping(value = PROFILE_GET_USER_PROFILE_PHOTO, 
        method = RequestMethod.GET, produces = {MediaType.IMAGE_GIF_VALUE, MediaType.IMAGE_JPEG_VALUE, MediaType.IMAGE_PNG_VALUE}) 
@ResponseBody 
@Override 
public ResponseEntity<byte[]> getUserProfilePhoto() { 
        return profileController.getUserProfilePhoto(); 
}
1
cordovaibm-mobilefirst

1 Answers

0
votes

I would recommend for this case to expose your access to the Binary content(eg: the photo) via a JavaAdapter that would give you more freedom on the types of payload you can submit and return from the MFP server.

One way would be to handle the picture as a Base64 and send it inside a JSON. The same process can be used to read photos. 

@PUT
@Path("/addPhoto")
@Produces("application/json")
@Consumes({MediaType.APPLICATION_JSON, MediaType.APPLICATION_FORM_URLENCODED})
public String receivePhoto(@FormParam(value="photoId") String photoId, @FormParam(value="data") String photoData){
//Process your photo, convert from base64 to the format of choice. 
}

The key point here is to work with the annotations @Produces and @Consumes to explore the best way to handle your binary data. If it is in more compact format(like png/jpeg raw) or as Base64 that could be used inside of a JSON response.

https://mobilefirstplatform.ibmcloud.com/tutorials/en/foundation/8.0/adapters/java-adapters/java-http-adapter/

Depending on how much of your load is based on binary format, it would worth to check if the use of "confidential clients" or "protecting external resources" wouldn't be more appropriated to your use case. Than instead of creating an adapter in MFP, you can use MobileFirst to help on the security setup, but the 3rd party layer handles binary data manipulation.

confidential clients: https://mobilefirstplatform.ibmcloud.com/tutorials/en/foundation/8.0/authentication-and-security/confidential-clients/

protecting-external-resources: https://mobilefirstplatform.ibmcloud.com/tutorials/en/foundation/8.0/authentication-and-security/protecting-external-resources/

In short possible alternatives:

  • Use of binaries encoded as Base64
  • Explore JavaAdapters to handle custom payloads
  • 3rd party protected access by exploring "confidential clients" or "protecting external resources" alternatives.

Hope this information helps,