This is an extension to Part 3 in the IPASBR series, see also:

  • Integration Patterns with Azure Service Bus Relay, Part 1: Exposing the on-premise service
  • Integration Patterns with Azure Service Bus Relay, Part 2: Anonymous full-trust .NET consumer
  • Integration Patterns with Azure Service Bus Relay, Part 3: Anonymous partial-trust consumer

In Part 3 I said “there isn’t actually a .NET requirement here”, and this post just follows up on that statement. In Part 3 we had an ASP.NET MVC Website making a REST call to an Azure Service Bus service; to show that the REST stuff is really interoperable, in this version we use Node.js to make the secure service call.

The code is on GitHub here: IPASBR Part 3.5. The sample code is simpler than Part 3 – rather than code up a UI in Node.js, the sample just relays the REST service call out to Azure.

The steps are the same as Part 3:

  1. REST call to ACS with the service identity credentials, which returns an SWT;
  2. REST call to Azure Service Bus Relay, presenting the SWT;
  3. request gets relayed to the on-premise service.

In Node.js the authentication step looks like this:

    var options = { 
        host: acs.namespace() + '-sb.accesscontrol.windows.net', 
        path: '/WRAPv0.9/', 
        method: 'POST' 
    }; 

    var values = { 
        wrap_name: acs.issuerName(), 
        wrap_password: acs.issuerSecret(), 
        wrap_scope: 'http://' + acs.namespace() + '.servicebus.windows.net/' 
    }; 

    var req = https.request(options, function (res) { 
        console.log("statusCode: ", res.statusCode); 
        console.log("headers: ", res.headers); 
        res.on('data', function (d) { 
            var token = qs.parse(d.toString('utf8')); 
            callback(token.wrap_access_token); 
        }); 
    }); 
    req.write(qs.stringify(values)); 
    req.end();

Once we have the token, we can wrap it up into an Authorization header and pass it to the Service Bus call:

    token = 'WRAP access_token=\"' + swt + '\"';
    //...
                var reqHeaders = {
                    Authorization: token
                };

                var options = {
                    host: acs.namespace() + '.servicebus.windows.net',
                    path: '/rest/reverse?string=' + requestUrl.query.string,
                    headers: reqHeaders
                };

                var req = https.request(options, function (res) {
                    console.log("statusCode: ", res.statusCode);
                    console.log("headers: ", res.headers);
                    response.writeHead(res.statusCode, res.headers);
                    res.on('data', function (d) {
                        var reversed = d.toString('utf8')
                        console.log('svc returned: ' + d.toString('utf8'));
                        response.end(reversed);
                    });
                });
                req.end();

Running the sample

Usual routine to add your own Azure details into Solution Items\AzureConnectionDetails.xml and “Run Custom Tool” on the .tt files.

Build and you should be able to navigate to the on-premise service at http://localhost/Sixeyed.Ipasbr.Services/FormatService.svc/rest/reverse?string=abc123 and get a string response, going to the service direct.

Install Node.js (v0.8.14 at time of writing), run FormatServiceRelay.cmd, navigate to http://localhost:8013/reverse?string=abc123, and you should get exactly the same response but through Node.js, via Azure Service Bus Relay to your on-premise service. The console logs the WRAP token returned from ACS and the response from Azure Service Bus Relay which it forwards: