open-insight/FRAMEWORKS/STPROCINS/HTTP_FRAMEWORK_SETUP_EQUATES.txt

Compile insert HTTP_Framework_Setup_Equates
/***********************************************************************************************************************

    This program is proprietary and is not to be used by or disclosed to others, nor is it to be copied without written
    permission from SRP Computer Solutions, Inc.

    Name        :   HTTP_Framework_Setup_Equates

    Description :   

    Notes       :   The SRP HTTP Framework stores configuration settings in the SYSENV\SRP_HTTP_FRAMEWORK_SETUP[*AppID]
                    record. These equates define the meaning of each value and can be used in routines that read/write
                    data to this configuration record.

    History     :   (Date, Initials, Notes)
        11/07/16    dmb     Original programmer.
        01/01/17    dmb     [SRPFW-116] Added HTTP_FRAMEWORK_SETUP_FLUSH_CACHE$.
        02/03/17    dmb     [SRPFW-132] Added HTTP_FRAMEWORK_SETUP_NON_AUTHENTICATED_URLS$.
        02/27/17    dmb     [SRPFW-125] Added HTTP_FRAMEWORK_SETUP_ABORTED_SERVICE$.
        03/04/17    dmb     [SRPFW-154] Added HTTP_FRAMEWORK_SETUP_ENABLE_LOGGING$.
        03/07/17    dmb     [SRPFW-155] Added HTTP_FRAMEWORK_SETUP_DEBUGGER_SETTING$ and
                            HTTP_FRAMEWORK_SETUP_DEBUGGER_INTERCEPT$.
        07/07/17    dmb     [SRPFW-154] Added HTTP_FRAMEWORK_SETUP_LOG_ERRORS_ONLY$.
        10/22/18    dmb     [SRPFW-253] Added HTTP_FRAMEWORK_SETUP_WHITELISTED_IPS$.
        11/01/18    dmb     [SRPFW-255] Added HTTP_FRAMEWORK_SETUP_ENABLE_HTTP_BASIC_AUTHENTICATION$.
        11/01/18    dmb     [SRPFW-255] Added HTTP_FRAMEWORK_SETUP_NEW_PASSWORD_TIME_TO_LIVE$.
        11/01/18    dmb     [SRPFW-255] Added HTTP_FRAMEWORK_SETUP_OLD_PASSWORD_TIME_TO_LIVE$.
        11/01/18    dmb     [SRPFW-256] Added HTTP_FRAMEWORK_SETUP_INVALID_PASSWORD_LIMIT$.
        11/01/18    dmb     [SRPFW-256] Added HTTP_FRAMEWORK_SETUP_CONTAINMENT_ACTION$.
        11/05/18    dmb     [SRPFW-257] Added ResourcesKeyID$ equate.
        11/18/18    dmb     [SRPFW-257] Added HTTP_FRAMEWORK_SETUP_API_CALL_PROCEDURE$.
        11/18/18    dmb     [SRPFW-257] Added Equ APISignatureKeyID$.
        11/18/18    dmb     [SRPFW-257] Added Equ APICommentBlockKeyID$.
        11/18/18    dmb     [SRPFW-257] Added Equ APIBodyBlockKeyID$.
        09/23/19    dmb     [SRPFW-278] Added Equ ArchiveScriptKeyID$.
        06/15/20    dmb     [SRPFW-313] Added HTTP_FRAMEWORK_SETUP_NON_AUTHENTICATED_PATHS$ as a synonym for
                            HTTP_FRAMEWORK_SETUP_NON_AUTHENTICATED_URLS$ (which is being deprecated).
        06/15/20    dmb     [SRPFW-313] Added HTTP_FRAMEWORK_SETUP_NON_AUTHENTICATED_QUERY_PARAMS$.
        06/30/20    dmb     [SRPFW-313] Added HTTP_FRAMEWORK_SETUP_BANNED_IPS$.
        06/30/20    dmb     [SRPFW-313] Added HTTP_FRAMEWORK_SETUP_WHITELISTED_IPS_TYPE$

***********************************************************************************************************************/

Equ EVENT_CONTINUE$         to 1
Equ EVENT_STOP$             to 0
Equ ApplicationPath$        to Drive()

Equ SetupTable$             to 'SYSENV'
Equ SetupRowKeyID$          to 'SRP_HTTP_FRAMEWORK_SETUP'
Equ ResourcesKeyID$         to 'SRP_HTTP_FRAMEWORK_RESOURCES'
Equ APISignatureKeyID$      to 'SRP_HTTP_FRAMEWORK_TEMPLATE_API_SIGNATURE'
Equ APICommentBlockKeyID$   to 'SRP_HTTP_FRAMEWORK_TEMPLATE_API_COMMENT_BLOCK'
Equ APIBodyBlockKeyID$      to 'SRP_HTTP_FRAMEWORK_TEMPLATE_API_BODY'
Equ ArchiveScriptKeyID$     to 'SRP_HTTP_FRAMEWORK_HTTP_LOGS_ARCHIVE_SCRIPT'

// Identifies the primary URL of the website, e.g., www.mywebsite.com.
Equ HTTP_FRAMEWORK_SETUP_HOME_URL$                         to 1
// Identifies the path that is appended to the Home URL wherein the entry point of the API begins, e.g., /api
//
// The HTTP_Service_Setup uses the above information to create proper RESTful responses wherein paths to other
// web service APIs need to be included within the response. Thus, in the above examples, the two are joined
// when creating fully resolved API URLs, e.g., www.mywebsite.com/api/<service>
Equ HTTP_FRAMEWORK_SETUP_API_URL$                          to 2
// Used in HTTP_MCP to identify the local OS path where request and response content can be saved for off-line
// analysis. If the path does not exist, then no attempt to store this information will be made.
Equ HTTP_FRAMEWORK_SETUP_CAPTURE_PATH$                     to 3
// Boolean setting that determines if authentication is enabled. Used by HTTP_Authentication_Services.
// Note: Only an explicit value of 0 (False) will disable authentication. Any other value, including an empty
// value, will enable authentication.
Equ HTTP_FRAMEWORK_SETUP_ENABLE_AUTHENTICATION$            to 4
// Used with HTTP authentication to associate resource links to the same protective space.
Equ HTTP_FRAMEWORK_SETUP_REALM_VALUE$                      to 5
// Name of the entry point web service. This is used by HTTP_MCP to call the first web service. This should not
// include the standard HTTP prefix or SERVICES suffix. The default value is entry_point.
Equ HTTP_FRAMEWORK_SETUP_ENTRY_POINT_SERVICE$              to 6
// Boolean setting that determines if code should be flushed when the web service is finished. This allows changes
// in web service procedures to always be available without having to restart the OEngineServer.
Equ HTTP_FRAMEWORK_SETUP_FLUSH_CACHE$                      to 7
// @VM list of Paths that should not be authenticated. This includes Paths that support OAuth redirects since these
// requests will unlikely be authenticated (although they should be secret and secure with the OAuth authenticating
// server).
Equ HTTP_FRAMEWORK_SETUP_NON_AUTHENTICATED_URLS$           to 8
Equ HTTP_FRAMEWORK_SETUP_NON_AUTHENTICATED_PATHS$          to 8
// Service handler for HTTP Requests that get aborted either due to Runtime Errors or Status Errors. If the Debugger
// Intercept has been enabled, this handler will only receive Status Error aborts.
Equ HTTP_FRAMEWORK_SETUP_ABORTED_SERVICE$                  to 9
// Boolean setting that determines if logging is enabled. This is used by the CreateLogFile service.
// Note: Only an explicit value of 0 (False) will disable logging. Any other value, including an empty
// value, will enable logging.
Equ HTTP_FRAMEWORK_SETUP_ENABLE_LOGGING$                   to 10
// Debugger Setting value that will be passed into the RTI_Debugger_Setting subroutine. 0=Disabled, 1=Enabled, and
// 2=Intercept. If value is 2, the value of HTTP_FRAMEWORK_SETUP_DEBUGGER_INTERCEPT$ will be used to determine the
// name of the intercept stored procedure.
Equ HTTP_FRAMEWORK_SETUP_DEBUGGER_SETTING$                 to 11
// Service handler for HTTP Requests that abort due to a Runtime Error and the Debugger Intercept has been enabled.
// See HTTP_FRAMEWORK_SETUP_DEBUGGER_SETTING$.
Equ HTTP_FRAMEWORK_SETUP_DEBUGGER_INTERCEPT$               to 12
// Boolean setting that determines if only error responses (i.e., status codes of 4xx or 5xx) should be logged. This is
// used by the CreateLogFile service. Note: Only an explicit value of 0 (False) will disable logging. Any other value,
// including an empty value, will enable logging.
Equ HTTP_FRAMEWORK_SETUP_LOG_ERRORS_ONLY$                  to 13
// @VM list of IPs that should be permitted. If this list is empty, then all IPs are permitted. Note, a valid IP does
// not automatically mean the request is authenticated. That is a separate check.
Equ HTTP_FRAMEWORK_SETUP_WHITELISTED_IPS$                  to 14
// Boolean setting that determines if HTTP Basic Authentication is enabled. Used by HTTP_Authentication_Services. This
// is ignored if the Enable Authentication flag is set to False.
Equ HTTP_FRAMEWORK_SETUP_ENABLE_HTTP_BASIC_AUTHENTICATION$ to 15
// If HTTP Basic Authentication is enabled, this is how long (in hours) new passwords that are created can be valid
// before needing to be reset. If left empty, passwords do not expire.
Equ HTTP_FRAMEWORK_SETUP_NEW_PASSWORD_TIME_TO_LIVE$        to 16
// If HTTP Basic Authentication is enabled, this is how long (in hours) old passwords can remain valid. This should be a
// short period of time allowing for the new password to propogate. If left empty, old passwords will only be valid for
// 1 hour.
Equ HTTP_FRAMEWORK_SETUP_OLD_PASSWORD_TIME_TO_LIVE$        to 17
// If HTTP Basic Authentication is enabled, this is how many attempts to access the system with an invalid password will
// be allowed before containment action is taken.
Equ HTTP_FRAMEWORK_SETUP_INVALID_PASSWORD_LIMIT$           to 18
// If HTTP Basic Authentication is enabled, this determines the containment action to take when the number of invalid
// password attempts has been exceeded.
Equ HTTP_FRAMEWORK_SETUP_CONTAINMENT_ACTION$               to 19
// The type of method used to call the API.
Equ HTTP_FRAMEWORK_SETUP_API_CALL_PROCEDURE$               to 20
// @VM/@TM delimited list of query params that should be used to further define which URL paths should be
// non-authenticated.
Equ HTTP_FRAMEWORK_SETUP_NON_AUTHENTICATED_QUERY_PARAMS$   to 21
// @VM list of IPs that should be banned.
Equ HTTP_FRAMEWORK_SETUP_BANNED_IPS$                       to 22
// Flag to determine if Whitelisted IPs should represent only those IPs that will be permitted (default) or if
// Whitelisted IPs should always be permitted (i.e., do not require other forms of authentication). Empty value or 1
// means restriced IP access, 2 means IPs are always permitted.
Equ HTTP_FRAMEWORK_SETUP_WHITELISTED_IPS_TYPE$             to 23