Forum Discussion

ashinde's avatar
ashinde
Guide
5 years ago

Unable to invoke a custom endpoint from another custom endpoint

Hi Everyone,

Since Khoros migrated to AWS from their private data center, I started seeing an issue with one of our existing functionality. We are actually invoking a custom end point from another custom endpoint using http.client.request

After migration, this started giving us "401 Authorization Required" HTML response.

Below is the call which is having the issue:

<#assign pointValueResp= http.client.request(lithium_endpoint_url + "/get_message_point_value?postId=${parentPostId}").get()/>

where lithium_endpoint_url is communitystage url (https://communitystage.help.ea.com/ea/plugins/custom/electronicarts/ea), get_message_point_value is a custom endpoint and parentPostId is a parameter.

As a workaround, I am able to fix this issue on stage by adding a Authorization header to this call as below:

<#assign pointValueResp= http.client.request(lithium_endpoint_url + "/get_message_point_value?postId=${parentPostId}").header("Authorization","Basic " + lithium_auth_token).get()/>

How can this be fixed with whitelisting instead of adding a header?

 

Thanks and Regards,

Sunil Methra 

  • KrisS's avatar
    KrisS
    5 years ago

    This should be fixed. An IP in our white list was not a valid IP format and it caused problems with basic auth.

  • AdamN's avatar
    AdamN
    Khoros Oracle
    5 years ago

    ashinde I'm glad Kris was able to help sort out the IP whitelisting issue. I'm curious though... Are you calling the endpoint from the same Community? If so, you might want to look at refactoring to avoid the http.client call since it will be slower.

    If you have endpoint A that calls endpoint B, you should be able to do the same Freemarker logic from endpoint B directly in endpoint A. The easiest way to to do this would be to make your endpoint B logic either a Freemarker macro or endpoint.

    You could then call that function/macro in endpoint A, which should be more performant than calling endpoint B via http.client. You could still retain endpoint B and leverage the same function/macro if you needed to use endpoint B for some other external purpose.

    I hope this helps!

    • ashinde's avatar
      ashinde
      Guide
      5 years ago

      AdamN Thanks for your feedback. Yes you are correct. We are calling the endpoint from the same community.

      As suggested, we will look into having an endpoint/macro instead of making a http.client call.

  • KrisS's avatar
    KrisS
    Khoros Alumni (Retired)
    5 years ago

    This should be fixed. An IP in our white list was not a valid IP format and it caused problems with basic auth.