132 lines
		
	
	
		
			9.5 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			132 lines
		
	
	
		
			9.5 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| Compile insert HTTP_Framework_Setup_Equates
 | |
| /***********************************************************************************************************************
 | |
| 
 | |
|     This program is proprietary and is not to be used by or disclosed to others, nor is it to be copied without written
 | |
|     permission from SRP Computer Solutions, Inc.
 | |
| 
 | |
|     Name        :   HTTP_Framework_Setup_Equates
 | |
| 
 | |
|     Description :   
 | |
| 
 | |
|     Notes       :   The SRP HTTP Framework stores configuration settings in the SYSENV\SRP_HTTP_FRAMEWORK_SETUP[*AppID]
 | |
|                     record. These equates define the meaning of each value and can be used in routines that read/write
 | |
|                     data to this configuration record.
 | |
| 
 | |
|     History     :   (Date, Initials, Notes)
 | |
|         11/07/16    dmb     Original programmer.
 | |
|         01/01/17    dmb     [SRPFW-116] Added HTTP_FRAMEWORK_SETUP_FLUSH_CACHE$.
 | |
|         02/03/17    dmb     [SRPFW-132] Added HTTP_FRAMEWORK_SETUP_NON_AUTHENTICATED_URLS$.
 | |
|         02/27/17    dmb     [SRPFW-125] Added HTTP_FRAMEWORK_SETUP_ABORTED_SERVICE$.
 | |
|         03/04/17    dmb     [SRPFW-154] Added HTTP_FRAMEWORK_SETUP_ENABLE_LOGGING$.
 | |
|         03/07/17    dmb     [SRPFW-155] Added HTTP_FRAMEWORK_SETUP_DEBUGGER_SETTING$ and
 | |
|                             HTTP_FRAMEWORK_SETUP_DEBUGGER_INTERCEPT$.
 | |
|         07/07/17    dmb     [SRPFW-154] Added HTTP_FRAMEWORK_SETUP_LOG_ERRORS_ONLY$.
 | |
|         10/22/18    dmb     [SRPFW-253] Added HTTP_FRAMEWORK_SETUP_WHITELISTED_IPS$.
 | |
|         11/01/18    dmb     [SRPFW-255] Added HTTP_FRAMEWORK_SETUP_ENABLE_HTTP_BASIC_AUTHENTICATION$.
 | |
|         11/01/18    dmb     [SRPFW-255] Added HTTP_FRAMEWORK_SETUP_NEW_PASSWORD_TIME_TO_LIVE$.
 | |
|         11/01/18    dmb     [SRPFW-255] Added HTTP_FRAMEWORK_SETUP_OLD_PASSWORD_TIME_TO_LIVE$.
 | |
|         11/01/18    dmb     [SRPFW-256] Added HTTP_FRAMEWORK_SETUP_INVALID_PASSWORD_LIMIT$.
 | |
|         11/01/18    dmb     [SRPFW-256] Added HTTP_FRAMEWORK_SETUP_CONTAINMENT_ACTION$.
 | |
|         11/05/18    dmb     [SRPFW-257] Added ResourcesKeyID$ equate.
 | |
|         11/18/18    dmb     [SRPFW-257] Added HTTP_FRAMEWORK_SETUP_API_CALL_PROCEDURE$.
 | |
|         11/18/18    dmb     [SRPFW-257] Added Equ APISignatureKeyID$.
 | |
|         11/18/18    dmb     [SRPFW-257] Added Equ APICommentBlockKeyID$.
 | |
|         11/18/18    dmb     [SRPFW-257] Added Equ APIBodyBlockKeyID$.
 | |
|         09/23/19    dmb     [SRPFW-278] Added Equ ArchiveScriptKeyID$.
 | |
|         06/15/20    dmb     [SRPFW-313] Added HTTP_FRAMEWORK_SETUP_NON_AUTHENTICATED_PATHS$ as a synonym for
 | |
|                             HTTP_FRAMEWORK_SETUP_NON_AUTHENTICATED_URLS$ (which is being deprecated).
 | |
|         06/15/20    dmb     [SRPFW-313] Added HTTP_FRAMEWORK_SETUP_NON_AUTHENTICATED_QUERY_PARAMS$.
 | |
|         06/30/20    dmb     [SRPFW-313] Added HTTP_FRAMEWORK_SETUP_BANNED_IPS$.
 | |
|         06/30/20    dmb     [SRPFW-313] Added HTTP_FRAMEWORK_SETUP_WHITELISTED_IPS_TYPE$
 | |
| 
 | |
| ***********************************************************************************************************************/
 | |
| 
 | |
| Equ EVENT_CONTINUE$         to 1
 | |
| Equ EVENT_STOP$             to 0
 | |
| Equ ApplicationPath$        to Drive()
 | |
| 
 | |
| Equ SetupTable$             to 'SYSENV'
 | |
| Equ SetupRowKeyID$          to 'SRP_HTTP_FRAMEWORK_SETUP'
 | |
| Equ ResourcesKeyID$         to 'SRP_HTTP_FRAMEWORK_RESOURCES'
 | |
| Equ APISignatureKeyID$      to 'SRP_HTTP_FRAMEWORK_TEMPLATE_API_SIGNATURE'
 | |
| Equ APICommentBlockKeyID$   to 'SRP_HTTP_FRAMEWORK_TEMPLATE_API_COMMENT_BLOCK'
 | |
| Equ APIBodyBlockKeyID$      to 'SRP_HTTP_FRAMEWORK_TEMPLATE_API_BODY'
 | |
| Equ ArchiveScriptKeyID$     to 'SRP_HTTP_FRAMEWORK_HTTP_LOGS_ARCHIVE_SCRIPT'
 | |
| 
 | |
| // Identifies the primary URL of the website, e.g., www.mywebsite.com.
 | |
| Equ HTTP_FRAMEWORK_SETUP_HOME_URL$                         to 1
 | |
| // Identifies the path that is appended to the Home URL wherein the entry point of the API begins, e.g., /api
 | |
| //
 | |
| // The HTTP_Service_Setup uses the above information to create proper RESTful responses wherein paths to other
 | |
| // web service APIs need to be included within the response. Thus, in the above examples, the two are joined
 | |
| // when creating fully resolved API URLs, e.g., www.mywebsite.com/api/<service>
 | |
| Equ HTTP_FRAMEWORK_SETUP_API_URL$                          to 2
 | |
| // Used in HTTP_MCP to identify the local OS path where request and response content can be saved for off-line
 | |
| // analysis. If the path does not exist, then no attempt to store this information will be made.
 | |
| Equ HTTP_FRAMEWORK_SETUP_CAPTURE_PATH$                     to 3
 | |
| // Boolean setting that determines if authentication is enabled. Used by HTTP_Authentication_Services.
 | |
| // Note: Only an explicit value of 0 (False) will disable authentication. Any other value, including an empty
 | |
| // value, will enable authentication.
 | |
| Equ HTTP_FRAMEWORK_SETUP_ENABLE_AUTHENTICATION$            to 4
 | |
| // Used with HTTP authentication to associate resource links to the same protective space.
 | |
| Equ HTTP_FRAMEWORK_SETUP_REALM_VALUE$                      to 5
 | |
| // Name of the entry point web service. This is used by HTTP_MCP to call the first web service. This should not
 | |
| // include the standard HTTP prefix or SERVICES suffix. The default value is entry_point.
 | |
| Equ HTTP_FRAMEWORK_SETUP_ENTRY_POINT_SERVICE$              to 6
 | |
| // Boolean setting that determines if code should be flushed when the web service is finished. This allows changes
 | |
| // in web service procedures to always be available without having to restart the OEngineServer.
 | |
| Equ HTTP_FRAMEWORK_SETUP_FLUSH_CACHE$                      to 7
 | |
| // @VM list of Paths that should not be authenticated. This includes Paths that support OAuth redirects since these
 | |
| // requests will unlikely be authenticated (although they should be secret and secure with the OAuth authenticating
 | |
| // server).
 | |
| Equ HTTP_FRAMEWORK_SETUP_NON_AUTHENTICATED_URLS$           to 8
 | |
| Equ HTTP_FRAMEWORK_SETUP_NON_AUTHENTICATED_PATHS$          to 8
 | |
| // Service handler for HTTP Requests that get aborted either due to Runtime Errors or Status Errors. If the Debugger
 | |
| // Intercept has been enabled, this handler will only receive Status Error aborts.
 | |
| Equ HTTP_FRAMEWORK_SETUP_ABORTED_SERVICE$                  to 9
 | |
| // Boolean setting that determines if logging is enabled. This is used by the CreateLogFile service.
 | |
| // Note: Only an explicit value of 0 (False) will disable logging. Any other value, including an empty
 | |
| // value, will enable logging.
 | |
| Equ HTTP_FRAMEWORK_SETUP_ENABLE_LOGGING$                   to 10
 | |
| // Debugger Setting value that will be passed into the RTI_Debugger_Setting subroutine. 0=Disabled, 1=Enabled, and
 | |
| // 2=Intercept. If value is 2, the value of HTTP_FRAMEWORK_SETUP_DEBUGGER_INTERCEPT$ will be used to determine the
 | |
| // name of the intercept stored procedure.
 | |
| Equ HTTP_FRAMEWORK_SETUP_DEBUGGER_SETTING$                 to 11
 | |
| // Service handler for HTTP Requests that abort due to a Runtime Error and the Debugger Intercept has been enabled.
 | |
| // See HTTP_FRAMEWORK_SETUP_DEBUGGER_SETTING$.
 | |
| Equ HTTP_FRAMEWORK_SETUP_DEBUGGER_INTERCEPT$               to 12
 | |
| // Boolean setting that determines if only error responses (i.e., status codes of 4xx or 5xx) should be logged. This is
 | |
| // used by the CreateLogFile service. Note: Only an explicit value of 0 (False) will disable logging. Any other value,
 | |
| // including an empty value, will enable logging.
 | |
| Equ HTTP_FRAMEWORK_SETUP_LOG_ERRORS_ONLY$                  to 13
 | |
| // @VM list of IPs that should be permitted. If this list is empty, then all IPs are permitted. Note, a valid IP does
 | |
| // not automatically mean the request is authenticated. That is a separate check.
 | |
| Equ HTTP_FRAMEWORK_SETUP_WHITELISTED_IPS$                  to 14
 | |
| // Boolean setting that determines if HTTP Basic Authentication is enabled. Used by HTTP_Authentication_Services. This
 | |
| // is ignored if the Enable Authentication flag is set to False.
 | |
| Equ HTTP_FRAMEWORK_SETUP_ENABLE_HTTP_BASIC_AUTHENTICATION$ to 15
 | |
| // If HTTP Basic Authentication is enabled, this is how long (in hours) new passwords that are created can be valid
 | |
| // before needing to be reset. If left empty, passwords do not expire.
 | |
| Equ HTTP_FRAMEWORK_SETUP_NEW_PASSWORD_TIME_TO_LIVE$        to 16
 | |
| // If HTTP Basic Authentication is enabled, this is how long (in hours) old passwords can remain valid. This should be a
 | |
| // short period of time allowing for the new password to propogate. If left empty, old passwords will only be valid for
 | |
| // 1 hour.
 | |
| Equ HTTP_FRAMEWORK_SETUP_OLD_PASSWORD_TIME_TO_LIVE$        to 17
 | |
| // If HTTP Basic Authentication is enabled, this is how many attempts to access the system with an invalid password will
 | |
| // be allowed before containment action is taken.
 | |
| Equ HTTP_FRAMEWORK_SETUP_INVALID_PASSWORD_LIMIT$           to 18
 | |
| // If HTTP Basic Authentication is enabled, this determines the containment action to take when the number of invalid
 | |
| // password attempts has been exceeded.
 | |
| Equ HTTP_FRAMEWORK_SETUP_CONTAINMENT_ACTION$               to 19
 | |
| // The type of method used to call the API.
 | |
| Equ HTTP_FRAMEWORK_SETUP_API_CALL_PROCEDURE$               to 20
 | |
| // @VM/@TM delimited list of query params that should be used to further define which URL paths should be
 | |
| // non-authenticated.
 | |
| Equ HTTP_FRAMEWORK_SETUP_NON_AUTHENTICATED_QUERY_PARAMS$   to 21
 | |
| // @VM list of IPs that should be banned.
 | |
| Equ HTTP_FRAMEWORK_SETUP_BANNED_IPS$                       to 22
 | |
| // Flag to determine if Whitelisted IPs should represent only those IPs that will be permitted (default) or if
 | |
| // Whitelisted IPs should always be permitted (i.e., do not require other forms of authentication). Empty value or 1
 | |
| // means restriced IP access, 2 means IPs are always permitted.
 | |
| Equ HTTP_FRAMEWORK_SETUP_WHITELISTED_IPS_TYPE$             to 23
 |