How to resolve the issues when passing filter parameter in Java application when performing JavaScript Embedding?

In Java when implementing server-side row-level filtering using the embed_datasource_filter query parameter for embedded dashboards, it’s common to encounter issues with illegal URI characters(without encoding). If you encode these values you may face an “Embed code validation failed” issue. This article explains the reason for the issue and how to resolve this kind of issue.

Reason for issue:

1. For security purposes Bold BI JavaScript embedding uses the SignatureURL which is an encrypted key generated using the HMACSHA256 algorithm which uses embedQueryString and EmbedSecretKey. This SignatureUrl is appended with the API request while contacting the Bold BI. Unlike other platforms, Java by default encodes the values before sending the API request, so Java once again encodes this value before sending the API request to the Bold BI server.
2. In Bold BI while retrieving the API request parameter, leading to an issue Embed code validation failed due to Java encoding. If you intend to suppress the Java encoding you may face illegal URI characters in API request.

For example, special characters are passed in the URL inorder to pass the filter parameter through embed_datasource_filter, without encoding them. For instance, the filter value in the URL part might look like this:

&embed_datasource_filter=[{&¶meter1=value1&¶meter2=value2}]

You may face error similar to illegal URI characters [{}] .

Solution:

1. To resolve this issue, it’s recommended to encode the filter value using URLEncoder, which will encode the special characters like [{}]. However, appending this encoded value directly to embedQuery can lead to an Embed code validation failed error. This is because the encoded value will be encoded again by the GetSignatureUrl method.

To avoid this, frame the URL by passing a non-encoded filter value in embedQuery to the GetSignatureUrl method and use URLEncoded in the filter value in the URL part.

Here is a code snippet that demonstrates how to fix this issue:

@PostMapping("authorizationServer")
public String authorizationServer(@RequestBody EmbedClass embedQueryString) throws Exception {
    try {
        String filter = "[{&&Country_perCapita=Denmark}]";
        String encodedFilter = URLEncoder.encode(filter, "UTF-8");
        String embedQuery = embedQueryString.getEmbedQuerString();
        embedQuery += "&embed_user_email=" + embedProperties.getUserEmail();
        String encodedEmbedQuery = embedQuery + "&embed_datasource_filter=" + encodedFilter;
        String embedDetailsUrl = "/embed/authorize?" + encodedEmbedQuery + "&embed_signature=" + GetSignatureUrl(embedQuery + "&embed_datasource_filter=" + filter);
        RestTemplate restTemplate = new RestTemplate();
        DefaultUriBuilderFactory defaultUriBuilderFactory = new DefaultUriBuilderFactory();
        defaultUriBuilderFactory.setEncodingMode(DefaultUriBuilderFactory.EncodingMode.NONE);
        restTemplate.setUriTemplateHandler(defaultUriBuilderFactory);
        String baseAddressString = embedQueryString.getDashboardServerApiUrl();
        String result = restTemplate.getForObject(baseAddressString + embedDetailsUrl, String.class);       
        return result;
    } catch (IllegalArgumentException e) {
        e.printStackTrace(); // Log the exception for debugging
        return "An error occurred: " + e.getMessage();
    } catch (Exception e) {
        e.printStackTrace(); // Log the exception for debugging
        return "An unexpected error occurred: " + e.getMessage();
    }
}

References

• JavaScript Embedding
• Spring boot Sample
• Java servlet Sample