Preparing The Mock Server
As mentioned earlier, you can set up your validation server in any technology as long as you keep the
response JSON format the same. You can use the provided code as a starting point for your own auth server as a
The steps below explain the various components of the Node.js mock server and how to set it up to work with the
This Node.js service simulates the business application server's API. It has some exposed endpoints to validate and invalidate the username and password supplied. The mock service does not do any actual validation on the inputs that it receives, just that it is receiving something. This means, for example, that username/passwords validity are not checked.
Copy and unzip the zipped file
nodejs-mock-service.zip onto the server where you want to run the mock service. You will need to install Node.js on the server:
sudo apt-get install nodejs-legacy
In the nodejs-mock-service directory, edit the
index.js file. In the top rows of the file, locate the comment
BEGINNING OF CONFIGURATION. After that, there will be two variables which need to be updated with your custom values:
host: The host where the Node.js service is deployed. Replace "localhost" with the private IP address of the Node.js server.
port: The port that you opened for the service. Default example:
3000(make sure this port is opened on your inbound firewall rules).
There is also an optional value,
optionalURLResource, which can be used to pass in a URL to a connecting client.
Start the server with the command:
If you open in a browser
http://<host>:<port> you will get a few forms to test the API. The server's console will output the values received. The browser will show you the responses from the node server.
The console will show you three possible outputs:
- Validate credentials: called by the webapp to verify the username/password supplied by a publisher or subscriber
validate credentials called type: publisher username: testuser password: testpass streamID: stream1
- Invalidate credentials: called by the webapp after a publisher stops publishing. It will invalidate the credentials that the publisher used to publish.
invalidate credentials called username: testuser streamID: stream1