This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Set Oauth V2 Info Policy: How to set attribute value at runtime

Posted on 10-24-2016 03:30 PM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi,

I am using Set Oauth V2 Policy in Pre Flow to set attribute in my Access Token, so that I can use that information while calling my API.

My APIs expect info like user id and role id as header parameters, so I want them to be stored in Access Token Profile as attributes when the user first time call the API using access token.

My problem is that I am not able to set the attribute value using Set Oauth V2 Info policy, this is how my Set Oauth V2 Info Policy looks:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <SetOAuthV2Info async="false" continueOnError="false" enabled="true" name="Set-OAuth-v20-Info-1"> <DisplayName>Set OAuth v2.0 Info-1</DisplayName> <AccessToken ref="access_token"/> <Attributes> <Attribute name="X-UserId" ref="request.headerparam.value"/> </Attributes> </SetOAuthV2Info>

And below is how I am calling my API using cURL:

curl http://{org-name}-test.apigee.net/v1/getcontentbyid/abcdef1234 -H "Authorization: Bearer {access_token}" -H "X-UserId: troy"

Above call gives me a successful response but it does not store the value for my attribute:

oauthv2accesstoken.Set-OAuth-v20-Info-1.X-UserId: {empty}

I need this value to be stored in my Access Toke profile, so that user do not have to pass this info every time he calls the API.

My oauth policy is below:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <OAuthV2 name="GenerateAccessTokenClient"> <!-- This policy generates an OAuth 2.0 access token using the client_credentials grant type --> <Operation>GenerateAccessToken</Operation> <!-- This is in millseconds, so expire in an hour --> <ExpiresIn>3600000</ExpiresIn> <SupportedGrantTypes> <!-- This part is very important: most real OAuth 2.0 apps will want to use other grant types. In this case it is important to NOT include the "client_credentials" type because it allows a client to get access to a token with no user authentication --> <GrantType>client_credentials</GrantType> </SupportedGrantTypes> <GrantType>request.queryparam.grant_type</GrantType> <GenerateResponse/> <Attributes> <Attribute name="X-RoleId" ref="request.header.roleId" display="true">developer</Attribute> <Attribute name="X-UserId" ref="request.headerparam.value" display="true"></Attribute> </Attributes> </OAuthV2>

Please suggest.

Thanks,

Kumud

Solved Solved
0 3 601
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
aswinsegu
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi @Kumud Gautam,

As i noticed in the SetOAuthTokenInfo policy code, the syntax is correct except for ref in Attribute element to access header is not correct

<Attributes>
	<Attribute name="X-UserId" ref="request.headerparam.value"/>
</Attributes>

Try using request.header.{header_name} instead of request.headerparam.value

<Attributes>
	<Attribute name="X-UserId" ref="request.header.{header_name}"/>
</Attributes>

View solution in original post

Jump to Solution
3 REPLIES 3

Posted on --/--/---- --:-- AM
aswinsegu
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi @Kumud Gautam,

As i noticed in the SetOAuthTokenInfo policy code, the syntax is correct except for ref in Attribute element to access header is not correct

<Attributes>
	<Attribute name="X-UserId" ref="request.headerparam.value"/>
</Attributes>

Try using request.header.{header_name} instead of request.headerparam.value

<Attributes>
	<Attribute name="X-UserId" ref="request.header.{header_name}"/>
</Attributes>
Jump to Solution

Posted on --/--/---- --:-- AM
Not applicable
In response to aswinsegu
Reply posted on --/--/---- --:-- AM

Hi @Aswin Segu

Thank you for your quick response, your answer helped. I am now able to set the value for header using Set Oauth V2 Info Policy.

curl http://{org-name}-test.apigee.net/v1/getcontentbyid/contentId -H "Authorization: Bearer {access_token}" -H "X-UserId: troy"

oauthv2accesstoken.Set-OAuth-v20-Info-1.X-UserId: troy

request.header.X-UserId: troy

accesstoken.X-UserId: troy

Now I am calling another API(Within same API Product) using same access token which has the variable set: accesstoken.X-UserId: troy

In this API, I have used Get Oauth V2 Info Policy to get the access token profile variables:

Below is the sample:

<GetOAuthV2Info async="false" continueOnError="false" enabled="true" name="Get-OAuth-v20-Info-1"> <DisplayName>Get OAuth v2.0 Info-1</DisplayName> <AccessToken ref="access_token"/> </GetOAuthV2Info>

When I call it:

curl http://{org-name}-test.apigee.net/v1/getcontentbyid/contentId -H "Authorization: Bearer {access_token}"

The response i see:

{"timestamp":1477424244999,"status":400,"error":"Bad Request","exception":"org.springframework.web.bind.ServletRequestBindingException","message":"Missing request header 'X-UserId' for method parameter of type String","path":"/api/v1/contents/contentId"}

Also in the Trace, for Get Oauth V2 Info Policy below variable is missing:

accesstoken.X-UserId: troy

Whereas in the same flow for policy: Verify Oauth V2.0 Access Token i can see the variable set:

accesstoken.X-UserId: troy

So from above I have two questions:

Ques 1) Why is my Get Oauth V2 Info Policy not retrieving variable:

accesstoken.X-UserId: troy

Quest 2) Though I am setting my variable as header parameter in access token profile using Set Oauth V2 Info policy, when calling API using Get Oauth V2 info policy i get error saying missing request header. How else should i store and pass the header parameter through policy so that user do not have to enter it each time.

Thanks,

Kumud

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
aswinsegu
Bronze 1
Bronze 1
In response to
Reply posted on --/--/---- --:-- AM

Please refer how to access variables in GetOAuth2Info Policy from apigee docs

Jump to Solution
0 Likes