This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Service Callout using LocalTargetConnection not setting proxy.pathsuffix variable

Posted on 02-14-2017 06:37 AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi All,

I am trying to call endpoint of another proxy using service call out. When I make direct call it works fine but when I make same call using service call out it's doesn't match with flow because proxy.pathsuffix is null hence it's not executing any policies in flow.

Following is section of service callout

<LocalTargetConnection>
 <APIProxy>proxyname</APIProxy>
 <ProxyEndpoint>default</ProxyEndpoint>
 <Path>/tokeninfo</Path> 
</LocalTargetConnection>

When I trace my proxy I can see proxy.pathsuffix as null hence call is failing.

Any idea why it's not setting context variables as it should not matter where from call is getting initiated?

Thanks

Harmeet

Solved Solved
1 8 2,613
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
nehemiahtull
New Member
Reply posted on --/--/---- --:-- AM

Hi @harmeet.sra,

Thank you for posting, I ran into a similar problem when I tried to setup a service callout for a JWKS.

So I followed @Mike Dunker's advice to set the Request -> Set -> Path.

<ServiceCallout name="Get-JWKS" ...>
  <DisplayName>Get JWKS</DisplayName>
    <Properties/>
    <Request>
      <Set>
        <Verb>GET</Verb>
        <Path>/oauth2/v3/certs</Path>
      </Set>
    </Request>
    <Response>jwks.Response</Response>
    <LocalTargetConnection>
      <APIProxy>Identity_v1</APIProxy>
      <ProxyEndpoint>default</ProxyEndpoint>
    </LocalTargetConnection>
</ServiceCallout>

A quick trace on the local target api proxy shows the proxy path suffix is not set correctly.

proxy.basepath /identity/v1
proxy.client.ip 127.0.0.1
proxy.name default
proxy.pathsuffix
proxy.url http://localhost:8443/oauth2/v3/certs

We also see that the proxy url is incorrect. This lead me to reinterpret @Mike Dunker suggestion as <Path>/base path/path suffix</Path>

<ServiceCallout name="Get-JWKS" ...>
  <DisplayName>Get JWKS</DisplayName>
  <Properties/>
  <Request>
    <Set>
      <Verb>GET</Verb>
      <Path>/indentity/v1/oauth2/v3/certs</Path>
    </Set>
  </Request>
  <Response>ftr.jwksResponse</Response>
  <LocalTargetConnection>
    <APIProxy>Identity_v1</APIProxy>
    <ProxyEndpoint>default</ProxyEndpoint>
  </LocalTargetConnection>
</ServiceCallout>
proxy.basepath /identity/v1
proxy.client.ip 127.0.0.1
proxy.name default
proxy.pathsuffix /oauth2/v3/certs
proxy.url https://localhost:8443/identity/v1/oauth2/v3/certs

Low and behold, the proxy url and proxy path suffix are now populated correctly.

Many thanks @harmeet.sra and @Mike Dunker for blazing the trail and sharing your pain I wouldn't have been able to figure this out with out you.

I hope this helps future proxy chainers!

View solution in original post

Jump to Solution
8 REPLIES 8

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

Yes, for a ServiceCallout using a LocalTargetConnection, the proxy.pathsuffix turns out to be just a /. Try doing the ServiceCallout with just the APIProxy and ProxyEndpoint without the Path. I have it working with this configuration.

Jump to Solution

Posted on --/--/---- --:-- AM
Not applicable
In response to
Reply posted on --/--/---- --:-- AM

Hi Sathish,

Thanks for your reply. I am bit confused, if I use only APIProxy and ProxyEndpoint then how it's going to identify which flow I need to use if proxy has more than one flow? can you please provide me a sample if possible ?

Thanks

Harmeet

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to
Reply posted on --/--/---- --:-- AM

Hi Sathish,

Just tested using proxy endpoint only and it doesn't work. I may be missing something.

Thanks

Harmeet

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
willwitman
Staff
In response to
Reply posted on --/--/---- --:-- AM

Hi -- According to the docs, you can use use either the <APIProxy> and <ProxyEndpoint> elements, or the <Path>element. Maybe using the first configuration without the path would help, as Sathish suggested.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to
Reply posted on --/--/---- --:-- AM

hi @wwitman


I tried without path it didn't work. with only path I am not sure how it's going to call a proxy based on path only unless path can be specified including base url.


Thanks

Harmeet

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
mdunker
Staff
In response to
Reply posted on --/--/---- --:-- AM

The LocalTargetConnection Path is really the base path -- you can set the rest of the path using

<Request>
	<Set>
		<Path>/path/suffix</Path>
	</Set>
</Request>
Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
nehemiahtull
New Member
Reply posted on --/--/---- --:-- AM

Hi @harmeet.sra,

Thank you for posting, I ran into a similar problem when I tried to setup a service callout for a JWKS.

So I followed @Mike Dunker's advice to set the Request -> Set -> Path.

<ServiceCallout name="Get-JWKS" ...>
  <DisplayName>Get JWKS</DisplayName>
    <Properties/>
    <Request>
      <Set>
        <Verb>GET</Verb>
        <Path>/oauth2/v3/certs</Path>
      </Set>
    </Request>
    <Response>jwks.Response</Response>
    <LocalTargetConnection>
      <APIProxy>Identity_v1</APIProxy>
      <ProxyEndpoint>default</ProxyEndpoint>
    </LocalTargetConnection>
</ServiceCallout>

A quick trace on the local target api proxy shows the proxy path suffix is not set correctly.

proxy.basepath /identity/v1
proxy.client.ip 127.0.0.1
proxy.name default
proxy.pathsuffix
proxy.url http://localhost:8443/oauth2/v3/certs

We also see that the proxy url is incorrect. This lead me to reinterpret @Mike Dunker suggestion as <Path>/base path/path suffix</Path>

<ServiceCallout name="Get-JWKS" ...>
  <DisplayName>Get JWKS</DisplayName>
  <Properties/>
  <Request>
    <Set>
      <Verb>GET</Verb>
      <Path>/indentity/v1/oauth2/v3/certs</Path>
    </Set>
  </Request>
  <Response>ftr.jwksResponse</Response>
  <LocalTargetConnection>
    <APIProxy>Identity_v1</APIProxy>
    <ProxyEndpoint>default</ProxyEndpoint>
  </LocalTargetConnection>
</ServiceCallout>
proxy.basepath /identity/v1
proxy.client.ip 127.0.0.1
proxy.name default
proxy.pathsuffix /oauth2/v3/certs
proxy.url https://localhost:8443/identity/v1/oauth2/v3/certs

Low and behold, the proxy url and proxy path suffix are now populated correctly.

Many thanks @harmeet.sra and @Mike Dunker for blazing the trail and sharing your pain I wouldn't have been able to figure this out with out you.

I hope this helps future proxy chainers!

Jump to Solution

Posted on --/--/---- --:-- AM
vprasad697
New Member
In response to nehemiahtull
Reply posted on --/--/---- --:-- AM

Is it possible to make service-callout to local target connection using javascript policy ?

Jump to Solution
0 Likes