Web Services changes
There are changes in support of web services in Genero 4.01.
Security Note: sameSite HTTP cookie attribute
When using HTTP cookies, make sure to check the sameSite
attribute usage.
For more details, see Changes to how GWS handles cookies and Single sign-on (OpenID Connect, SAML, and GIP) sameSite security.
fglrestful network options to support proxy and HTTP authentication
Starting with GWS 4.01.00, the fglrestful tool supports new network options. Log in and password options have been added for proxy and/or HTTP authentication when using the tool to request OpenAPI documentation on the network.
For more details, see fglrestful.
WSParam and WSQuery support complex types
The high-level REST API attributes WSParam
and WSQuery
can be
set on parameters defined as records or arrays. For example, in earlier versions you could only set
these attributes on primitive Genero BDL types, such as STRING
or
INTEGER
. From version 4.01.00, onwards the GWS supports serialization of records
and arrays based on the default OpenAPI specification for serialization. For more information and
examples using record and arrays as parameters, see WSParam and WSQuery.
Support for RFC 8693 in the Genero Identity Provider (GIP) creation of OAuth ID and access tokens with scopes
From FGLGWS 4.01.02 onwards, the GIP follows the standard RFC 8693 as the default method when creating OAuth ID and access tokens with the scope parameter.
Prior to 4.01.02, GIP created a JSON Web Token (JWT) with a "scopes" element defined as a JSON array for the list of scopes. Now, according to the RFC 8693 standard, the JWT has a "scope" element defined as a string with the scopes in a space-separated list.
No action needs to be taken on your part, but if you have previously used the GIP to authenticate users launching applications and you want to use the new scope member, ensure that the OpenIDConnectServiceProvider.xcf and the GeneroAccessService.xcf delivered in the Genero Web Services package under $FGLDIR/web_utilities/services use FGLGWS 4.01.02 or higher. The OpenIDConnectService and GeneroAccessService services have been enhanced to handle both the old and new methods for exchanging scopes.
For more information about GIP, see the Genero Application Server User Guide.
Changes in earlier versions
Make sure to check the upgrade notes of earlier versions, to not miss changes introduced in maintenance releases. For more details, see Web services changes in BDL 4.00.
- Support for validating filenamess in WSAttachments. The high-level REST
WSAttachment
attribute has an option to verify file names in received files using a regular expression pattern, also available in GWS 4.01.00. - Changes to default IP version used by a GWS client. The default IP version is now IPv4, also available in GWS 4.01.00.
- fglwsdl -xmlname option added to generate variables named with XMLName, also available in GWS 4.01.00.