spring-webflow

Access multiple request params in flow


I have an action state in a Spring Web Flow that take in parameters from a submitted form:

<action-state id="newToken">
    <set name="requestScope.timestamp" value="requestParameters.timestamp" type="java.lang.String"/>
    <set name="requestScope.origin" value="requestParameters.origin" type="java.lang.String"/>
    <set name="requestScope.tokenHmacToValidate" value="requestParameters.tokenHmacToValidate" type="java.lang.String"/>
    <transition to="validateToken"/>
</action-state>

However, only the first requestParameters value gets set (i.e. if timestamp is first, then only it gets set. If origin is first, then only it gets set). When I access the second and third values, they have a value of null instead of the value that is passed into it. Here is an example of form data that is passed on form submission:

_eventId=tokenValidationEvent
origin=https%3A%2F%2Flocalhost%3A8443
timestamp=20200218171041
tokenHmacToValidate=**REDACTED**

All the information is getting passed when the form is submitted, but only the first <set> tag is actually setting data. Am I receiveing the request wrong? Is there something I need to register somewhere that I'm not doing


Solution

  • This is the way <action-state> works. Only the first expression is evaluated.

    If you want all three to be evaluated, you could use <on-entry> to evaluate the other 2:

        <action-state id="newToken">
            <on-entry>
                <set name="requestScope.timestamp" value="requestParameters.timestamp" type="java.lang.String"/>
                <set name="requestScope.origin" value="requestParameters.origin" type="java.lang.String"/>
            </on-entry>
            <set name="requestScope.tokenHmacToValidate" value="requestParameters.tokenHmacToValidate" type="java.lang.String"/>
            <transition to="validateToken"/>
        </action-state>
    

    From https://docs.spring.io/spring-webflow/docs/current/reference/html/actions.html#action-state

    After the execution of each action, the action-state checks the result to see if matches a declared transition to another state. That means if more than one action is configured they are executed in an ordered chain until one returns a result event that matches a state transition out of the action-state while the rest are ignored. This is a form of the Chain of Responsibility (CoR) pattern.

    The result of an action's execution is typically the criteria for a transition out of this state. Additional information in the current RequestContext may also be tested as part of custom transitional criteria allowing for sophisticated transition expressions that reason on contextual state.

    Note also that an action-state just like any other state can have one more on-entry actions that are executed as a list from start to end.