/
Adding an Application Registration Workflow
com.atlassian.confluence.content.render.xhtml.migration.exceptions.UnknownMacroMigrationException: The macro 'next_previous_links' is unknown.

Adding an Application Registration Workflow

Dec 12, 2017

This section explains how to attach a custom workflow to the application registration operation in the API Manager. First, see Workflow Extensions for information on different types of workflow executors.

Introduction to the application registration workflow

Application creation and registration are different workflows. After an application is created, you can subscribe to available APIs, but you get the consumer key/secret and access tokens only after registering the application. There are two types of registrations that can be done to an application: production and sandbox. You change the default application registration workflow in situations such as the following:

  1. To issue only sandbox keys when creating production keys is deferred until testing is complete.

  2. To restrict untrusted applications from creating production keys. You allow only the creation of sandbox keys.

  3. To make API subscribers go through an approval process before creating any type of access token.

Before you begin, if you have changed the API Manager's default user and role, make sure you do the following changes:

  • Change the credentials of the workflow configurations in the registry resource _system/governance/apimgt/applicationdata/workflow-extensions.xml.

  • Point the database that has the API Manager user permissions to BPS.

  • Share any LDAPs, if exist.

  • Unzip the  <API-M>/business-processes/application-registration/HumanTask/ApplicationRegistrationTask-1.0.0.zip  file, update the role as follows in the  ApplicationRegsitrationTask.ht  file, and ZIP the  ApplicationRegistrationTask-1.0.0 folder.

    Format

    <htd:argument name="role"> [new-role-name] </htd:argument>

  • Change the allowedRoles parameter in the <APIM_HOME>/repository/deployment/server/jaggeryapps/admin-dashboard/site/conf/site.json file.

Configuring the Business Process Server

  1. Download WSO2 Business Process Server.

  2. Set an offset of 2 to the default BPS port in <BPS_HOME>/repository/conf/carbon.xml file. This prevents port conflicts that occur when you start more than one WSO2 product on the same server. Also see Changing the Default Ports with Offset.

    <Offset>2</Offset>

  3. Open the <BPS_HOME>/repository/conf/humantask.xml file and <BPS_HOME>/repository/conf/b4p-coordination-config.xml file and set the TaskCoordinationEnabled property to true.

    <TaskCoordinationEnabled>true</TaskCoordinationEnabled>

  4. Copy the following from <APIM_HOME>/business-processes/epr to <BPS_HOME>/repository/conf/epr folder. If the <BPS_HOME>/repository/conf/epr folder isn't there, please create it.

    • RegistrationService.epr

    • RegistrationCallbackService.epr

  5. Start the BPS server and log in to its management console (https://<Server Host>:9443+<port offset>/carbon).  

  6. Select Add under the Processes menu and upload the <APIM_HOME>/business-processes/application-registration/BPEL/ApplicationRegistrationWorkflowProcess_1.0.0.zip file to BPS. This is the business process archive file.

  7. Select Add under the Human Tasks menu and upload the <APIM_HOME>/business-processes/application-registration/HumanTaskBPEL/ApplicationRegistrationTask-1.0.0.zip file to BPS. This is the human task archived file.

  Configuring the API Manager

Open the <APIM_HOME>/repository/deployment/server/jaggeryapps/admin-dashboard/site/conf/site.json file and configure "workFlowServerURL" under "workflows" to point to the BPS server (e.g. "workFlowServerURL": "https://localhost:9445/services/")

Engaging the WS Workflow Executor in the API Manager

First, enable the application registration workflow.

  1.   Log in to the APIM management console (https://<Server Host>:9443/carbon) and select Browse under Resources.

  2. Go to the /_system/governance/apimgt/applicationdata/workflow-extensions.xml resource, disable the Simple Workflow Executor and enable WS Workflow Executor:

    <WorkFlowExtensions> ... <ProductionApplicationRegistration executor="org.wso2.carbon.apimgt.impl.workflow.ApplicationRegistrationWSWorkflowExecutor"> <Property name="serviceEndpoint">http://localhost:9765/services/ApplicationRegistrationWorkFlowProcess/</Property> <Property name="username">admin</Property> <Property name="password">admin</Property> <Property name="callbackURL">https://localhost:8248/services/WorkflowCallbackService</Property> </ProductionApplicationRegistration> ...   <SandboxApplicationRegistration executor="org.wso2.carbon.apimgt.impl.workflow.ApplicationRegistrationWSWorkflowExecutor"> <Property name="serviceEndpoint">http://localhost:9765/services/ApplicationRegistrationWorkFlowProcess/</Property> <Property name="username">admin</Property> <Property name="password">admin</Property> <Property name="callbackURL">https://localhost:8248/services/WorkflowCallbackService</Property> </SandboxApplicationRegistration> ... </WorkFlowExtensions>

  3. Go to the API Store Web interface, open My Subscriptions page, select an application and click the Generate button associated with the production key.
    It invokes the ApplicationRegistrationWorkFlowProcess.bpel that is bundled with the ApplicationRegistrationWorkflowProcess_1.0.0.zip file and creates a HumanTask instance that holds the execution of the BPEL process until some action is performed on it.   

  4. Note a message that appears saying that the request is successfully submitted if the BPEL was invoked correctly. For example,

  5. Log in to the Admin Dashboard Web application (https://<Server Host>:9443/admin-dashboard) and list all the tasks for application registrations. Click Start to start the Human Task and then change its state. Once you approve the task, it resumes the BPEL process and completes the registration.

  6. Go back to the My Subscriptions page on the API Store and view your application.

    It shows the application access token, consumer key and consumer secret. For example,

After the registration request is approved, keys are generated by invoking the APIKeyMgtSubscriber service hosted in Key Manger nodes. Even when the request is approved, key generation can fail if this service becomes unavailable. To address such failures, you can configure to trigger key generation at a time Key Manager nodes become available again. Given below is the message used to invoke the BPEL process:

<applicationregistrationworkflowprocessrequest xmlns:wor="http://workflow.application.apimgt.carbon.wso2.org" xmlns="http://workflow.application.apimgt.carbon.wso2.org"> <applicationname>NewApp5</applicationname> <applicationtier>Unlimited</applicationtier> <applicationcallbackurl></applicationcallbackurl> <applicationdescription></applicationdescription> <tenantdomain>carbon.super</tenantdomain> <username>admin</username> <workflowexternalref>4a20749b-a10d-4fa5-819b-4fae5f57ffaf</workflowexternalref> <callbackurl>https://localhost:8243/services/WorkflowCallbackService</callbackurl> <keytype>PRODUCTION</keytype> </applicationregistrationworkflowprocessrequest>
com.atlassian.confluence.content.render.xhtml.migration.exceptions.UnknownMacroMigrationException: The macro 'next_previous_links2' is unknown.