This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

AssignMessage policy for basic authentication

Posted on 02-14-2017 04:04 AM
sjm2000
Silver 1
Silver 1
Reply posted on --/--/---- --:-- AM

Dear Team,

I use "AssignMessage" policy to pass "Authorization basic: header to backend .

However, i am unable to dynamically convert to base64 format .

Is there any out-of-the-box way to convert to base64 format in apigee?


Or else which is the best javascript approach to convert to base64 format (please keep in mind this policy will be used heavily - 1 to 3 hits per 10 second )

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AssignMessage async="false" continueOnError="false" enabled="true" name="Assign-Message-1">
    <DisplayName>SET AssignMessage</DisplayName>
    <Set>
        <Headers>
            <Header name="Authorization">Basic: xxxxxbase64formatxxxxxx </Header>
            <Header name="Content-Type">application/x-www-form-urlencoded</Header>
        </Headers>
        <QueryParams>
            <QueryParam name="grant_type">password</QueryParam>
        </QueryParams>
        <FormParams>
            <FormParam name="username" ref="request.queryparam.username"/>
            <FormParam name="password" ref="request.queryparam.password"/>
            <FormParam name="scope">openid</FormParam>
        </FormParams>
        <Verb>POST</Verb>
        <Path/>
    </Set>
    <AssignVariable>
        <Name>name</Name>
        <Value/>
        <Ref/>
    </AssignVariable>
    <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
    <AssignTo createNew="false" transport="http" type="request"/>
</AssignMessage>

Thanks & Best Regards

Sujith Mathew

1 5 1,395
Topic Labels
5 REPLIES 5

Posted on --/--/---- --:-- AM
omidt
Staff
Reply posted on --/--/---- --:-- AM

Hi @Sujith Mathew

Yes, there is an out-of-the-box way to convert to base64 format in Edge.

It is possible to Base64 encode/decode values using JavaScript, however, I suggest you instead look into using the Basic Authentication policy. It will encode the value and attach it as an Authorization header to your request by simply requiring the username and password to be provided.

By the way, as per standard/specification RFC 7617, the example value in your example AssignMessage policy is invalid - Basic value, without the :

Posted on --/--/---- --:-- AM
sjm2000
Silver 1
Silver 1
In response to omidt
Reply posted on --/--/---- --:-- AM

@Omid Tahouri

I cannot add basic authentication policy as you can see in my code above, i am using openid which requires to pass form parameters also.

Do you still think i can use basic authentication policy?

0 Likes

Posted on --/--/---- --:-- AM
omidt
Staff
In response to sjm2000
Reply posted on --/--/---- --:-- AM

@Sujith Mathew - You do not need to modify your request in one single policy. You should be using multiple policies to perform different tasks -- think of each policy as invoking a method/function.

I suggest removing the <Header name="Authorization"> line from this AssignMessage policy and attaching a BasicAuthentication policy to the request in the target endpoint.

0 Likes

Posted on --/--/---- --:-- AM
sjm2000
Silver 1
Silver 1
In response to omidt
Reply posted on --/--/---- --:-- AM

I will certainly try your suggestion and get back to you in max of 24 hours(my time zone is now end of day )

0 Likes

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

@Sujith Mathew

Just as Omid answered, you could keep using your current AssignMessage policy, but remove the Authorization header setup, and use Basic Authentication policy after that to setup the Basic Authorization header in your request.

0 Likes