edgemicro authorization validation via queryparam

anarjinary
Participant II

We are trying to validate authorization via a query string OR the header for edgemicro.

I have changed the OoB oauth plugin as below:

if ((apiKey = reqUrl.query['cid']) || (apiKey = req.headers[apiKeyHeaderName])) {
 exchangeApiKeyForToken(req, res, next, config, logger, stats, middleware, apiKey);

By changing like above, i could get success for 1 API tried till now but majority shows 403 Forbidden.

Could anyone please help me understand on what could cause this.

current nodejs version is v7.6.0

current edgemicro version is 2.3.5

Thanks.

0 1 127
1 REPLY 1

Former Community Member
Not applicable

I do not recommend changing the OOTB plugin with custom logic. If you are writing custom logic, create a fork/new plugin.

A second simpler method is to write a custom plugin (and add it before the OAuth plugin) that looks for a query param, removes it and adds it to the header. The OAuth plugin will anyway look for it in the header.