Incoming request processing
Incoming requests are made to the default method of the channel (i.e. Script).
Incoming requests are validated against the Partner key. The "iss" claim on the JWT must match the Partner identifier and the "aud" claim must match the Channel identifier. If the request is not valid, an error is returned.
Assuming the request is valid, the "process_identifier" and "role" claims are used to look up a suitable worker. If the claim is not valid or worker not found, an error is returned.
Assuming the worker is found, "data" claim is read from the JWT and an "action" property read from this. These are then used to execute the worker. The worker is passed the data parameter, the action parameter extracted from the data, a channel parameter, the processIdentifier, the role and the processIdentifierSender (role and processIdentifierSender may be omitted if they were not passed).
The response from the execute of the worker are converted to JSON using the rules defined in Using JSON in web service calls. This also provides rules for converting error conditions.
A response JWT is encoded, setting the "process_identifier" claim, "role", "iss", "aud" and "data", swapping around "iss" and "aud", and using the return data for the "data" claim. The returned role is the role to which the request was made, not the role that made the request (which is not known).
The request and response are logged, and the response sent back to the caller.
Outgoing request processing
Outgoing request are made to the Send method of the channel. This may have the following parameters.
|worker||Worker from which request is being sent. The request will be sent to the remote worker with the same process identifier as the worker.|
|processIdentifier||As an alternative to passing the worker itself, the process identifier of the worker from which the request is being sent and to which the request will be sent. If this option is used, the sending worker must not have a role. This is generally only used for calling well-known process identifiers such as "control".|
|role||The role of the remote worker to which the request is being sent. Default is to have no role.|
|data||The payload of the call, in JSON.|
At least one of worker and process identifier must be passed. If worker is passed, the user's authority to administerr the worker will be checked and the request will have the additional claim process_identifier_sender. This can be used by the recipient to ensure that the caller has authority on the sending worker.
Outgoing requests are encoded in the same way as responses to incoming requests, and sent to the other partner. Responses are decoded in the same way as incoming requests, the request and response logged, and the data portion sent back to the caller.
Registration requests are made to the Register method of the channel.
Registration requests are passed a "processIdentifier" parameter and a "worker" parameter, the latter containing the node version reference of the worker. If the processIdentifier is not passed, it will be read from the worker. For consistency, the response and any errors are returned using the JSON conventions (i.e. JSON in the <return> element).