Solved: Re: Handling TooBigBody in proxy

seancochrane · 10-12-2021 07:44 AM

I need to respond with a 302 Found delegation pattern response when a system tries to access certain endpoints. This is to give callers a new resource URL when uploading large documents and JWT token for the resource (because Apigee is not meant for +20Mb messages).

When the body is less than 20Mb the normal flow conditions works fine using :-

(request.verb="POST") and ((proxy.pathsuffix EqualsCaseInsensitive "/api/v1/Document")

However, i cannot get anything to trigger - not even a fault rule when the request is over 20Mb - I always get :-

{

"fault": {

"faultstring": "Body buffer overflow",

"detail": {

"errorcode": "protocol.http.TooBigBody"

}

I have tried Fault Rules etc... How can I interogate the verb and path immediately and reroute the request before the entire message triggers the buffer overflow? Or if this is simply not possible handle the TooBigBody fault and send a custom response (the 302 and JWT)

dchiesa1

I believe it's not possible because Apigee rejects the message before it ever reaches your API Proxy.

Best is to insure that your client apps don't send larger than 20mb, and if they do... they need to handle the ToobigBody error and use a different endpoint. This may be something best solved with an improved "protocol". That is to say, you define for your clients how they should interact with the APIs to upload large data streams. And never accept the post directly. Clients that do that will always get an error.

> This is to give callers a new resource URL when uploading large documents and JWT token for the resource

I like this pattern. Maybe you can just employ it always? Rather than allowing clients to POST the actual stream to upload, tell the clients to POST for a /location or something like that. Eg,

(proxy.pathsuffix EqualsCaseInsensitive "/api/v1/DocumentLocation")

The client is asking for the location, not sending the data. Then your API responds with a JWT and an actual location, and the client posts to THAT.

Would that work?

View solution in original post

dchiesa1

I believe it's not possible because Apigee rejects the message before it ever reaches your API Proxy.

Best is to insure that your client apps don't send larger than 20mb, and if they do... they need to handle the ToobigBody error and use a different endpoint. This may be something best solved with an improved "protocol". That is to say, you define for your clients how they should interact with the APIs to upload large data streams. And never accept the post directly. Clients that do that will always get an error.

> This is to give callers a new resource URL when uploading large documents and JWT token for the resource

I like this pattern. Maybe you can just employ it always? Rather than allowing clients to POST the actual stream to upload, tell the clients to POST for a /location or something like that. Eg,

(proxy.pathsuffix EqualsCaseInsensitive "/api/v1/DocumentLocation")

The client is asking for the location, not sending the data. Then your API responds with a JWT and an actual location, and the client posts to THAT.

Would that work?

seancochrane

Thanks for confirming what I was beginning to suspect. I think I will be telling integrating apps to send the request (with no body) to the endpoint to get the token and redirect URL when they are using the /documents endpoint. The reason we want them to do this is that strategic architecture in our firm dictates we should centralise all API calls through the api gateway. The intial call will allow us to register that document call - even if the app is delegated to the actual system backend.

dchiesa1

YES. That makes sense to me.