Copyright (C) 2018-2023 The Open Library Foundation
This software is distributed under the terms of the Apache License, Version 2.0. See the file "LICENSE" for more information.
The purpose of this edge API is to bridge the gap between 3rd party purchasing systems/vendors and FOLIO. More specifically, the initial implementation was built with EBSCO's GOBI (Global Online Bibliographic Interface) service in mind.
See edge-common for a description of the security model.
Institutional users should be granted the following permissions in order to use this edge API:
gobi.all
See edge-common for a description of how configuration works.
Api configuration can be specified by api_config system property as URL or path.
By default /resources/api_configuration.json will be used.
Api Configuration format:
| Property | Example | Description |
|---|---|---|
| type | GOBI | Type of the system |
| pathPattern | /orders/validate | URL Path for mapping |
| method | POST | HTTP method for mapping |
| proxyMehtod | POST | HTTP method for proxy |
| proxyPath | /gobi/validate | Path for proxy |
Example of api mapping content:
{
"routing": [
{
"type": "GOBI",
"method": "POST",
"pathPattern": "/orders/validate",
"proxyPath": "/gobi/validate"
},
{
"type": "GOBI",
"method": "GET",
"pathPattern": "/orders/validate",
"proxyMethod": "POST",
"proxyPath": "/gobi/validate"
}
]
}Configuration information is specified in two forms:
- System Properties - General configuration
- Properties File - Configuration specific to the desired secure store
| Property | Default | Description |
|---|---|---|
port |
8081 |
Server port to listen on |
okapi_url |
required | Where to find Okapi (URL) |
secure_store |
Ephemeral |
Type of secure store to use. Valid: Ephemeral, AwsSsm, Vault |
secure_store_props |
NA |
Path to a properties file specifying secure store configuration |
token_cache_ttl_ms |
3600000 |
How long to cache JWTs, in milliseconds (ms) |
null_token_cache_ttl_ms |
30000 |
How long to cache login failure (null JWTs), in milliseconds (ms) |
token_cache_capacity |
100 |
Max token cache size |
log_level |
INFO |
Log4j Log Level |
request_timeout_ms |
30000 |
Request Timeout |
api_key_sources |
PARAM,HEADER,PATH |
Defines the sources (order of precendence) of the API key. |
To configure Transport Layer Security (TLS) for the HTTP server in an edge module, the following configuration parameters should be used. Parameters marked as Required are required only in case when TLS for the server should be enabled.
| Property | Default | Description |
|---|---|---|
SPRING_SSL_BUNDLE_JKS_WEBSERVER_KEYSTORE_TYPE |
NA |
(Required). Set the type of the keystore. Common types include JKS, PKCS12, and BCFKS |
SPRING_SSL_BUNDLE_JKS_WEBSERVER_KEYSTORE_LOCATION |
NA |
(Required). Set the location of the keystore file in the local file system |
SPRING_SSL_BUNDLE_JKS_WEBSERVER_KEYSTORE_PASSWORD |
NA |
(Required). Set the password for the keystore |
SPRING_SSL_BUNDLE_JKS_WEBSERVER_KEY_ALIAS |
NA |
Set the alias of the key within the keystore. |
SPRING_SSL_BUNDLE_JKS_WEBSERVER_KEY_PASSWORD |
NA |
Optional param that points to a password of KEY_ALIAS if it protected |
To configure Transport Layer Security (TLS) for Web clients in the edge module, you can use the following configuration parameters.
Truststore parameters for configuring Web clients are optional even when FOLIO_CLIENT_TLS_ENABLED = true.
If truststore parameters need to be populated, FOLIO_CLIENT_TLS_TRUSTSTORETYPE, FOLIO_CLIENT_TLS_TRUSTSTOREPATH and FOLIO_CLIENT_TLS_TRUSTSTOREPASSWORD are required.
| Property | Default | Description |
|---|---|---|
FOLIO_CLIENT_TLS_ENABLED |
false |
Set whether SSL/TLS is enabled for Vertx Http Server |
FOLIO_CLIENT_TLS_TRUSTSTORETYPE |
NA |
Set the type of the keystore. Common types include JKS, PKCS12, and BCFKS |
FOLIO_CLIENT_TLS_TRUSTSTOREPATH |
NA |
Set the location of the keystore file in the local file system |
FOLIO_CLIENT_TLS_TRUSTSTOREPASSWORD |
NA |
Set the password for the keystore |
There will be a single instance of okapi client per OkapiClientFactory and per tenant, which means that this client should never be closed or else there will be runtime errors. To enforce this behaviour, method close() has been removed from OkapiClient class.
Priority of return types if the client accepts more than one type:
- application/json
- application/xml
- text/plain default : application/xml
Examples:
| Accept Header | Error Format |
|---|---|
| application/json | application/json |
| application/xml | application/xml |
| text/plain | text/plain |
| / | application/xml |
| text/plain,application/json | application/json |
| application/json,application/xml | application/json |
| application/xml,application/json | application/json |
| text/plain,application/xml | application/xml |
| other | application/xml |
See project EDGORDERS at the FOLIO issue tracker.
Other modules are described, with further FOLIO Developer documentation at dev.folio.org