Teaching How to simplify building NodeJS APIs with Loopback Framework

In this blog, I am going to show you how to get started with the Loopback framework to easily auto-build REST APIs in NodeJS and persistence layer in a variety of options, including relational and non-relational databases e.g. In-memory DB, MongoDB, MySQL, Cassandra, Oracle, etc.

In terms of API design and development, Loopback allows you to work “top-down” or “bottom-up”. I am going to cover both approaches in this blog.

First, we are going to create an API model definition in place, as we are building the REST APIs, this exercise will give us a Swagger-based API definition. Alternatively, we are going to start from an existing Swagger definition and use it to implement NodeJS REST APIs pointing to a persistence layer of choice (in-memory DB, MongoDB, MySQL, DB2, Oracle, etc.). I personally prefer the “API First/Top Down” approach, as it gives me the option to properly design and test my APIs first and then, simply move to implementation phase, but this ultimately depends on situations, preferences and requirements.

Continue reading “Teaching How to simplify building NodeJS APIs with Loopback Framework”

Teaching How to use Nginx to frontend your backend services with Trusted CA certificates on HTTPS

Now days with the adoption of Serverless architectures, microservices are becoming a great way to breakdown problem into smaller pieces. One situation that is common to find, is multiple backend services running on technologies like NodeJS, Python, Go, etc. that need to be accessible via HTTPS. It is possible to enable these internal microservices directly with SSL over HTTPS, but a cleaner approach is to use a reverse proxy that front ends these microservices and provides a single HTTPS access channel, allowing a simple internal routing.

In this blog, I am showing how simple it is to create this front end with Nginx and leveraging “Let’s encrypt” to generate trusted certificates attached to it, with strong security policies, so that our website can score an A+ on cryptographic SSL tests conducted by third party organizations.

Continue reading “Teaching How to use Nginx to frontend your backend services with Trusted CA certificates on HTTPS”

Teaching How to Use Alexa to Take Off your Drone using NodeJS

Recently I was in Auckland, New Zealand running an Integration in Action workshop and I used Alexa to trigger some of my APIs, including some NodeJS APIs that I built to take off a drone. Some people found this interesting and asked me to write this blog to explain in detail how it works… So, here it is, I hope you find it useful.

There are multiple ways in which you can make Alexa to call your own APIs. Perhaps the most versatile way is by adding a new skill (see: blog 1, 2). However I found an even easier way to do so, and in order to achieve the MVP approach I have been attempting to practice in my day-to-day life, I took this simpler option, which is simulating a Phillips Hue HA bridge. By doing  so, Alexa detects a new Home Automation (HA) device in “her” network range and accepts voice commands to easily “turn it on” or “turn it off” which you can then leverage to call your own APIs.

Continue reading “Teaching How to Use Alexa to Take Off your Drone using NodeJS”

Teaching how to integrate Salesforce and Sales Cloud with Oracle Integration Cloud Service

In this blog, I am going to show you how to integrate Salesforce and Sales Cloud with Oracle Integration Cloud Service (ICS). I am going to cover in detail how to configure ICS to subscribe for events to Salesforce and synchronise both SaaS applications without having to poll any of the endpoints. Salesforce is going to notify ICS when a specific event occurs, such as when Contacts who belong to a specific Account are added or edited.

This blog is a sequel of a previous blog, where I explain how to integrate Sales Cloud using ICS. If you haven’t reviewed it yet, I invite you to do so. Here is the link

Since this guide extends the Sales Cloud integration blog, I assume that you have created a simple CRUD set of REST APIs that interact with Sales Cloud Contacts. We will simply reuse these REST APIs to integrate into Sales Cloud. However, instead of the REST enabled API to CRUD Contacts into Sales Cloud, we could have decided to use an ICS “Invoke-based” Sales Cloud connector and achieve the same.

Continue reading “Teaching how to integrate Salesforce and Sales Cloud with Oracle Integration Cloud Service”

Teaching how to DevOps automate the provisioning of external APIs using Oracle API Platform and Developer Cloud Service

Modern Integrations require touching lots of different APIs coming from multiple “systems”. These “systems” can be big enterprise backend applications, such as: E-Business Suite, SAP, JDE, Siebel, etc. As well as modern SaaS Applications, such as: Service Cloud, ERP Cloud, Salesforce, Netsuite, Workday, etc. These “systems” can also be other smaller or custom applications running either on premise or in the cloud exposing either SOAP or REST services.

Rarely any of these “systems” can provide solid abilities to remotely expose APIs in a way that are tailored for a specific business case. Commonly, to achieve this, we need a separate integration layer that orchestrates APIs from multiple “systems” and easily obtain the desired business outcome, in a way that they are also reusable APIs to be utilise in other business scenarios. Furthermore, in order to properly apply security measures and effectively protect these APIs and safely expose them to external consumers (potentially in the public Internet), normally we need to use an API Gateway (see this blog to learn how).

Also, in previous blogs, John Graves showed us how to automate the creation and deployment of existing “internal Integration APIs” and expose them as secured external APIs using Oracle API Platform. (See ICS to API Platform and Oracle Service Bus to API Platform).

If we take the same automation concept, we can then apply it in a DevOps scenario, where we want to achieve the following:

Continue reading “Teaching how to DevOps automate the provisioning of external APIs using Oracle API Platform and Developer Cloud Service”

First Experience Provisioning SOACS – Integration Analytics

Oracle introduced the Real Time Integration Business Insight product as part of its Integration offering in 2016. For a 2 minute overview check out Insight Overview Video .

The good news is that this capability is now available in the Oracle Public Cloud as part of the SOA Cloud Service and can be provisioned using the Integration Analytics Cluster service type.

In this blog I plan to do the following;

  • Briefly introduce Integration Analytics and Real Time Integration Business Insight (Insight)
  • Walk through the Provisioning Steps
  • Walk through the Post Provisioning Steps

In a related blog post I will cover how to interact with the Integration Analytics capability via REST.

Continue reading “First Experience Provisioning SOACS – Integration Analytics”

Teaching how to secure access to on-premise Applications with Oracle API Platform

In this blog, I am going to show you how to use the API gateway from the Oracle API Platform, to secure the access to backend Applications. These internal applications might already be exposing REST APIs, but given these are internal APIs, being exposed by backend applications themselves, we simply don’t want to directly expose them into the public Internet.

There are many reasons for this, for example, the backend application might not have the right ability to fully secure its APIs for external use, nor to have the right ability to control access authorisation, throttle requests, apply different policies, validate custom headers, apply API-KEYs, run analytics, etc. Normally only an API Gateway can do all these different things.

I can think of the 3 most common ways to securely get access to backend applications behind a corporate firewall.

  1. Using secured APIs exposed externally
  2. Connecting through a secured VPN tunnel
  3. Using a messaging pattern, like with the Oracle Integration Cloud Service Agents deployed locally and then gathering access externally via Integration Cloud Service console or APIs

In this blog, we are going to explore option number 1.

Continue reading “Teaching how to secure access to on-premise Applications with Oracle API Platform”