Microgateway OAuth & Apikey plugin Query
Hi guys, I have few queries on OAuth & Apikey in MG,
1. After passing the OAuth Header in cURL I am getting 403 Forbidden
curl -i -H "Authorization: Bearer JWT" http://localhost:8000/hello/echo
HTTP/1.1 403 Forbidden
content-type: application/json
Date: Thu, 15 Jun 2017 06:44:15 GMT
Connection: keep-alive
Content-Length: 25
{"error":"access_denied"}
2. I re-generated the access_token(JWT),
curl -i -H "Authorization: Bearer newJWT" http://localhost:8000/hello/echo
HTTP/1.1 401 Unauthorized
content-type: application/json
Date: Thu, 15 Jun 2017 07:51:54 GMT
Connection: keep-alive
Content-Length: 25
{"error":"invalid_token"}
2. In the doc for implementing OAuth & Api we are adding same oauth plugin is to the plugins:sequence element. So by doing this when I call,
curl -i http://localhost:8000/hello/echo -H 'x-api-key: apikey12345'
HTTP/1.1 401 Unauthorized
content-type: application/json
Date: Thu, 15 Jun 2017 07:38:21 GMT
Connection: keep-alive
Content-Length: 84
{"error":"invalid_token"}
I am using the correct consumer key from App and have also added MG auth & hello proxies to a product. Am I missing something?
Without the oauth sequence I get 200OK and spike arrest plugin sequence works normally.
Primary use cases of MG .. .. Continue processing messages if internet connection is temporarily lost.
Can someone explain about this?
Best Answer
Item #1: The very likely cause for this failure is an incorrectly created API Product. A microgateway API Product must have:
- edgemicro_* proxy
- edgemicro-auth proxy
- If you are adding resource paths, then be sure to include /** (for sub resources) and / (to access the base path itself).
Item #2: The invalid_token message appears when the JWT token is badly formatted.
Item #3: In this case, it appears the API Key was invalid.
Microgateway is designed to continue processing API traffic even if it looses connection to Apigee Edge (hosted on cloud or on prem).
