I created an endpoint in apigee edge, /oauth/revoke, that exposes [access/refresh] token revocation functionality.
My issue is that I need to be able to allow the client to dynamically set the cascade value for the revocation. My attempt at having the cascade reference a flow variable seems to have failed. Is it possible for the cascade param to reference a flow variable? Here is my policy code:
<OAuthV2 name="revoke-token"> <DisplayName>revoke-token</DisplayName> <FaultRules/> <Properties/> <Attributes/> <ExternalAuthorization>false</ExternalAuthorization> <Operation>InvalidateToken</Operation> <SupportedGrantTypes/> <GenerateResponse enabled="true"/> <Tokens> <Token type="accesstoken" cascade="{flow.variable}">request.formparam.token</Token> </Tokens> </OAuthV2>
You'll notice in the <Token> element, there is the cascade attribute, which I am attempting to set equal to a flow variable, such that the request can dynamically set the cascade value. So far as I can tell, this is not working. Any help or insight would be very much appreciated!
Chris
Solved! Go to Solution.
I don think, you could pass a reference to the cascade attribute,
One way that comes to mind immediately is,
Create 2 Invalidate policies - one with cascade=true and one with cascade=false, and conditionally execute these policies based on the client request,
por ejemplo,
<Step> <Condition>request.queryparam.cascade = "true"</Condition> <Name>InvalidateTokenWithCascade</Name> </Step> <Step> <Condition>request.queryparam.cascade is null or request.queryparam.cascade = "false"</Condition> <Name>InvalidateTokenWithoutCascade</Name> </Step>
Please refer to Condition reference for more info on how to use conditions
http://apigee.com/docs/api-services/reference/conditions-reference
I don think, you could pass a reference to the cascade attribute,
One way that comes to mind immediately is,
Create 2 Invalidate policies - one with cascade=true and one with cascade=false, and conditionally execute these policies based on the client request,
por ejemplo,
<Step> <Condition>request.queryparam.cascade = "true"</Condition> <Name>InvalidateTokenWithCascade</Name> </Step> <Step> <Condition>request.queryparam.cascade is null or request.queryparam.cascade = "false"</Condition> <Name>InvalidateTokenWithoutCascade</Name> </Step>
Please refer to Condition reference for more info on how to use conditions
http://apigee.com/docs/api-services/reference/conditions-reference
Mukundha,
That's a great idea. I will implement this. Thanks for the help!
Chris
User | Count |
---|---|
7 | |
2 | |
2 | |
1 | |
1 |