This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Extract cookie header using dynamic name

Posted on 05-05-2022 08:03 AM
Giupo
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

Hello,

if we have a dynamic name for a cookie, how can we extract it?

I've the cookie header name scoped to environment, for example in production is "SMSESSION", in system is "SWSESSION".

I want to do something like this, but it can't resolve variable:

<Pattern ignoreCase="false">{null1}{MYVAR-COOKIE-NAME}={session_cookie}</Pattern>

Is there any solutions with the ExtractVariables native policy? @dchiesa1 

Thanks in advance

Solved Solved
0 6 276
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to Giupo
Reply posted on --/--/---- --:-- AM

Is it possible that the product does not natively allow you to extract a cookie by specifying an input variable? ☹️

Correct.

One possible workaround is to do as Dane suggested, and use multiple Pattern elements and multiple variables. It looks like this;

 

<ExtractVariables continueOnError="false" enabled="true" name="Extract-cookie-1">
    <DisplayName>Extract cookie-1</DisplayName>
    <Properties/>
    <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
    <Source clearPayload="false">request</Source>
    <Header name="Cookie">
        <Pattern ignoreCase="false">SDSESSION={sdsession_cookie}</Pattern>
        <Pattern ignoreCase="false">SMSESSION={smsession_cookie}</Pattern>
        <Pattern ignoreCase="false">SWSESSION={swsession_cookie}</Pattern>
    </Header>
</ExtractVariables>

 

And then after that policy, if you like you can perform a consistency check, insuring that if SDSession is sent to the production environment, then the API Proxy will reject the call. You can do that by introducing a Condition with a compound boolean, wrapped around RaiseFault

 

  <Step>
    <Name>RF-Incorrect-Cookie</Name>
    <Condition>sdsession_cookie != null AND environment.name != "dev"</Condition>
  </Step>

 

And of course you would have to extend that Condition to handle the other cases as well.

View solution in original post

Jump to Solution
0 Likes
6 REPLIES 6

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

1. What do you mean "it can't resolve variable"? 

What specifically are you observing?  Is there a deployment time error? Is it that the policy validation is telling you that you cannot configure the policy that way? 

Or is there a runtime error?  

Or at runtime, no error, but the variable you expect to see populated is not being populated? 

Maybe clarify for us what you are seeing. 

 

2. Can you show the full policy configuration rather than simply the Pattern element? 

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Giupo
Bronze 5
Bronze 5
In response to dchiesa1
Reply posted on --/--/---- --:-- AM

Hi Dino,

if I sent a request like that:

curl -k https://apigee.mydomain.com/test -H "Cookie: SWSESSION=ASDASDASD;"

then this policy is able to populate the variable "swsession_cookie" with the value "ASDASDASD":

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ExtractVariables continueOnError="false" enabled="true" name="Extract-cookie-1">
    <DisplayName>Extract cookie-1</DisplayName>
    <Properties/>
    <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
    <Source clearPayload="false">request</Source>
    <Header name="Cookie">
        <Pattern ignoreCase="false">{null1}SWSESSION={swsession_cookie};{null2}</Pattern>
        <Pattern ignoreCase="false">{null1}SWSESSION={swsession_cookie}</Pattern>
    </Header>
</ExtractVariables>

 The problem is that between Test Environment and Production Environment the Cookie Name Header changes, so I want to specify dynamically the cookie name to extract, for example using a variable "myvar-cookie-name".

But if I specify in the pattern a variable, Apigee fails to interpret it as a variable, but extracts the value in that field.

For example, if I have set "myvar-cookie-name=SMSESSION", if I send "Cookie: Hello=XXX", this pattern will populate myvar-cookie-name with value "Hello".

<Pattern ignoreCase="false">{null1}{myvar-cookie-name}={swsession_cookie}</Pattern>

 

Jump to Solution

Posted on --/--/---- --:-- AM
dknezic
Staff
Reply posted on --/--/---- --:-- AM

Using javascript instead may be a more flexible approach

I'm slightly confused with your example "For example, if I have set "myvar-cookie-name=SMSESSION", if I send "Cookie: Hello=XXX", this pattern will populate myvar-cookie-name with value "Hello"."

I would have thought you're trying to extract the value XXX, into some new variable.. and you're "myvar-cookie-name" is a variable that will change depending on the environment that you're using to do the lookup eg in your example it's set to "Hello" ? 

Another option, could be to try with multiple different pattern clauses in Extract Variable policy that store to the same variable. Only issue with this I can think of is you would be back to hardcoding values in your proxy for the different combinations.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Giupo
Bronze 5
Bronze 5
In response to dknezic
Reply posted on --/--/---- --:-- AM

I want to avoid hardcoding values because we have many similar cases like that.

The client sends the idp login cookie, which cookie name is scoped to environment:

- Develop Env: "Cookie: SDSESSION=ZZZZ"
- System Env: "Cookie: SWSESSION=XXXX"
- Production Env: "Cookie: SMSESSION=YYYY"

Is it possible that the product does not natively allow you to extract a cookie by specifying an input variable? ☹️

Do you have production-ready javascript code available to extract a cookie?

Thanks in advance

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to Giupo
Reply posted on --/--/---- --:-- AM

Is it possible that the product does not natively allow you to extract a cookie by specifying an input variable? ☹️

Correct.

One possible workaround is to do as Dane suggested, and use multiple Pattern elements and multiple variables. It looks like this;

 

<ExtractVariables continueOnError="false" enabled="true" name="Extract-cookie-1">
    <DisplayName>Extract cookie-1</DisplayName>
    <Properties/>
    <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
    <Source clearPayload="false">request</Source>
    <Header name="Cookie">
        <Pattern ignoreCase="false">SDSESSION={sdsession_cookie}</Pattern>
        <Pattern ignoreCase="false">SMSESSION={smsession_cookie}</Pattern>
        <Pattern ignoreCase="false">SWSESSION={swsession_cookie}</Pattern>
    </Header>
</ExtractVariables>

 

And then after that policy, if you like you can perform a consistency check, insuring that if SDSession is sent to the production environment, then the API Proxy will reject the call. You can do that by introducing a Condition with a compound boolean, wrapped around RaiseFault

 

  <Step>
    <Name>RF-Incorrect-Cookie</Name>
    <Condition>sdsession_cookie != null AND environment.name != "dev"</Condition>
  </Step>

 

And of course you would have to extend that Condition to handle the other cases as well.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Giupo
Bronze 5
Bronze 5
In response to dchiesa1
Reply posted on --/--/---- --:-- AM

Thanks you very much!!

I think this is the best solution actually!  🙂

Jump to Solution
Top Solution Authors
View all