Pesquisar

Pergunta
· Jul. 16

Issue Injecting OAuth Secrets (client_id/client_secret) into IRIS Productions in Docker

#OAuth2 #REST API #Segurança #InterSystems IRIS for Health

Hello Community,

I’m working on an InterSystems IRIS production that needs to call an external API using OAuth client credentials (client_id and client_secret). For security reasons, I must pass these credentials via environment variables in my Docker container.

In the IRIS terminal, I can successfully retrieve these environment variables using $System.Util.GetEnviron("api-clientid") and $System.Util.GetEnviron("api-clientsecret"). However, inside my Business Operation class (OnMessage method), these environment variables return empty strings.

I verified that the variables are properly set in the Docker container environment, and the IRIS instance has access to them in the terminal session.

I suspect that the production or namespace context might not have access to the environment variables, or that the way IRIS runs productions might isolate the environment variables.

I have also read about potentially injecting variables into the namespace environment via system configurations, but I’m unsure how to do this effectively or if it will solve the problem.

Questions:

  • How can I reliably access environment variables from within an IRIS production running inside Docker or Kubernetes?
  • Is there a recommended best practice for injecting secrets such as client_id and client_secret into the IRIS environment used by productions?
  • Any examples or configurations that have worked for others to pass sensitive environment variables into Business Operations or Services?

Thanks in advance for your help!

Discussão (0)3
Entre ou crie uma conta para continuar
Pergunta
· Jul. 16

IRIS HTML 标签

#InterSystems IRIS

大家好,

从 Ensemble 2018 转换到 IRIS 2024 以后,为什么HTML标签无法识别?

在Ensemble 里没问题, 但是从Ensemble复制粘贴到IRIS 以后就出问题

谢谢

Discussão (0)1
Entre ou crie uma conta para continuar
Pergunta
· Jul. 16

HTML tag in IRIS

#InterSystems IRIS

Hi,

After converting from Ensemble 2018 to IRIS 2024 I noticed that HTML tag is not recognized? 

I just copied & pasted this same from Ensemble to IRIS and in Ensemble looks fine!?

Thanks

4 novos comentários
Discussão (6)4
Entre ou crie uma conta para continuar
Pergunta
· Jul. 16

Start Production with a SQL Trigger

#InterSystems IRIS for Health

So I would like to start a production with a service that has an SQL trigger for after and INSERT. Then I would like it to start a process. Could someone help me in the direction of a solution, please and thanks.

Discussão (0)1
Entre ou crie uma conta para continuar
Pergunta
· Jul. 16

Websocket client failing to return data

#InterSystems IRIS

Hi,

Using the below code to connect and get data from a server:

Class SX3.Production.HTTP.AdvCredenials Extends (%RegisteredObject, %Net.WebSocket.ICredentials)
{ Method GetUsername() As %String
{
quit ""
} /// Returns the password to use for authentication with the web socket
/// @API.Overrideable
Method GetPassword() As %String
{
quit ""
} Method GetSSLConfiguration() As %String
{
"RTLS"
}}

Class SX3.Production.HTTP.AdvListener Extends (%RegisteredObject, %Net.WebSocket.IEventListener)
{ Method OnOpen()
{
 ^badis("mess",3)=1
if $increment(%ct("O")) set io=$io use 0 write "OPEN",! break:$get(%b) use io
} /// Called when an error occurs in the web socket connection.<br />
/// @API.Overrideable
Method OnError(pError As %Exception.AbstractException)
{
^badis("mess",4)=1
if $increment(%ct("E")) set io=$io use 0 write !
do $system.OBJ.DisplayError()
if pError.Code=28000 kill ws   use io quit     ;connection lost
zwrite pError write ! break:$get(%b) use io
} /// Called when the web socket connection is closed by either the client (%OnClose) or the server (by sending a close frame).<br />
/// @API.Overrideable
Method OnClose()
{
 if $increment(%ct("C")) set io=$io use 0 write "CLOSE",! BREAK:$get(%b) use io
}

/// Called when the client receives a message from the server. <br />
/// <var>pContent</var> may be a binary or UTF8-decoded character stream. <br />
/// @API.Overrideable
Method OnMessage(pContent As %Stream.Object)
{
^badis("mess",5)=1
if $increment(%ct("M")) set io=$io use 0 write "MESSAGE:",pContent,!
if $isobject(pContent) write pContent.Read(),! ^badis("mess")=pContent 
if $get(%b) zwrite pContent BREAK  
use io
} }
 

 

ClassMethod GetAdvData() As %String
{

 Token=##class(SX3.Task.TemperatureCollection).GetAuth()
BleMac="DC:0D:30:9D:14:49",GatewayMac="CC:1B:E0:E2:42:80"  // this for testing
set cre=##class(SX3.Production.HTTP.AdvCredenials).%New()
set evl=##class(SX3.Production.HTTP.AdvListener).%New()
^track("onmess",1)=cre_"|"_evl
Set WebSocURL="https://ac1.mqtt.sx3ac.com/api/gap/nodes?filter_mac="_BleMac_"&filter_rssi=-75&mac="_GatewayMac_"&active=1&event=1&chip=1&access_token="_Token
^track("onmess",2)=WebSocURL
Set WebSoc=##class(%Net.WebSocket.Client).%New(WebSocURL,cre,evl)
Quit WebSoc_"|"_WebSocURL

}

WebSockets are enabled on ports 80 & 443, but the code fails at Set WebSoc=##class(%Net.WebSocket.Client).%New(WebSocURL,cre,evl) call, any help would be much appreciated, also how can I get the generated data ?

iris version: IRIS for UNIX (Ubuntu Server LTS for x86-64 Containers) 2024.3 (Build 217U) Thu Nov 14 2024 17:30:43 EST 

BTW the same url runs fine and returns data if I run it in a browser:

 

Thanks Guys

5 Comments
Discussão (5)3
Entre ou crie uma conta para continuar