There are various ways in which we can validate Inbound Request (both payload body and headers). Ideally if we are creating API’s in mule, we can do lot of boiler plate validation code in RAML File itself (will talk more about RAML and its modularization in another post).
At times we cannot rely on RAML for doing validation, as RAML’s validation will kick in only when API Kit Router is encountered, at times we might have to do our validation before that, or say we do not have the luxury of RAML for some legacy code or an immediate defect raised where we cannot change the architecture of the existing project, or we need to validate few things in the middle of the flows. There could be lot of scenarios.
Lets say we are validation Inbound Request using Mule Validation Component.
Example, its a Post Request with JSON Body and say JWT Token as Authorization Header.
We need to validate
- If JSON Body is not empty
- If all the attribute is present within the JSON Body, and if any required attribute is missing we should send meaningful message back UI.
- If Required Header Parameter (Authorization) in our case is present and if not send meaningful message back to UI.
For Validating Header, we can use Validation:all component, and provide multiple checks like
- Header should be present (null check)
- Since this is JWT Token, we can write regex to validate if we are having 3 parts in the incoming Request token.
<validation:all config-ref=“Validation_Configuration” doc:name=“Validate Header”>
<validation:validations>
<validation:is-not-empty message=“Authorization Header Cannot be Empty” value=“#[message.inboundProperties.’Authorization’]”/>
<validation:matches-regex message=“Authorization Header is having Incorrect Value” value=“#[message.inboundProperties.’Authorization’]” regex=“[a-zA-Z0-9\-_]+?\.[a-zA-Z0-9\-_]+?\.([a-zA-Z0-9\-_]+)?”/>
</validation:validations>
</validation:all>
To Validate individual key in the JSON Object, we just have to make sure that the incoming request is in the required MIME Type and use another validation:all component like
<validation:all config-ref=“Validation_Configuration” doc:name=“Validate Request Body Parameters”>
<validation:validations >
<validation:is-not-empty value=“#[json:key1]” message=“key1 Parameter is missing”/>
<validation:is-not-empty value=“#[json:key2]” message=“key2 params is missing”/>
</validation:validations>
</validation:all>
This is all good, little tricky part would be when we need to validate an empty payload body, as the payload would be {NullPayload} and we should be able to evaluate this using expression with the code #[payload == null] or #[payload==empty], but when we try to put a validation component of validation:is-not-empty or validation:is-not-null things will behave little differently and we have to make sure that we are actually not doing comparison or trying to evaluate {NullPayload} but instead we should evaluate nullness and then set an empty payload like “{}” and do the validation against it.
Else we might be able to handle few scenarios, but we can get java Exception which is not handled by code and some Runtime Exception would be thrown on UI.
Here is the trick to handle {NullPayload} and get all the validation right with controlled messages in all the scenarios. Below expression converts the string “{}” into an object with the help of dw() expression.
<expression-component doc:name=“Convert Payload”><![CDATA[#[payload != null ? payload : dw(‘{}‘)]]]></expression-component>
And then use validation component like
<validation:is-not-null config-ref=“Validation_Configuration” message=“Request is missing Payload Body” value=“#[payload]” doc:name=“Validation”/>
Obviously first checking the null payload scenario and handling it will make more sense.
Complete code will look something like
<flow name=“validate-input-payloadFlow”>
<validation:all config-ref=“Validation_Configuration” doc:name=“Validate Header”>
<validation:validations>
<validation:is-not-empty message=“Authorization Header Cannot be Empty” value=“#[message.inboundProperties.’Authorization’]”/>
<validation:matches-regex message=“Authorization Header is having Incorrect Value” value=“#[message.inboundProperties.’Authorization’]” regex=“[a-zA-Z0-9\-_]+?\.[a-zA-Z0-9\-_]+?\.([a-zA-Z0-9\-_]+)?”/>
</validation:validations>
</validation:all>
<expression-component doc:name=“Convert Payload”><![CDATA[#[payload != null ? payload : dw(‘{}‘)]]]></expression-component>
<validation:is-not-null config-ref=“Validation_Configuration” message=“Request is missing Payload Body” value=“#[payload]” doc:name=“Validation”/>
<validation:all config-ref=“Validation_Configuration” doc:name=“Validate Request Body Parameters”>
<validation:validations >
<validation:is-not-empty value=“#[json:initTime]” message=“initTime Parameter is missing”/>
<validation:is-not-empty value=“#[json:fileName]” message=“fileName Parameter is missing”/>
<validation:is-not-empty value=“#[json:data]” message=“Data params is missing”/>
</validation:validations>
</validation:all>
</flow>
Valid Input Payload Example :
{
“key1” : “value1”,
“key2” : “value2”
}
Playing with the above input payload you can understand the behaviour.
Learner's View 