I had received an odd requirement.
Current Proxy returns:
{ "refresh_token_expires_in": "7775999", "refresh_token_status": "approved", "api_product_list": "[nextGen-Oauth]", "app_enduser": "FF703B7C-004A-49A4-808E-C2698BF8C61C:62889a5a-8a41-4e47-815f-8c4cb56a166d", "api_product_list_json": [ "nextGen-Oauth" ], "organization_name": "l;assesen-trial", "developer.email": "klassess@starbucks.com", "token_type": "BearerToken", "issued_at": "1525556675486", "client_id": "3r6bjRdkqnwG8v9Kb0KSOCjWS2ARnpnj", "access_token": "bAhzGSvXbXvV7CjVyJZtFtppMCWs", "refresh_token": "wGuAAhEjVHL3c17knLRsVOjSbGgplS2b", "application_name": "62889a5a-8a41-4e47-815f-8c4cb56a166d", "grant_type": "urn:ietf:params:oauth:grant-type:jwt-bearer", "scope": "", "refresh_token_issued_at": "1525556675486", "expires_in": "3599", "refresh_count": "0", "status": "approved" }
They want it to be reduced to a refresh token only, stripped of other information. I see two ways:
I do not like the second -- slower response, more load. BUT
Personally, I prefer not to do either -- but the request is from higher up the pecking order.
Simple extract variable (JSONPath) and assign using set should help respond only refresh token.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ExtractVariables async="false" continueOnError="false" enabled="true" name="extract-token-response">
<DisplayName>Extract-TokenResponse</DisplayName>
<JSONPayload>
<Variable name="refreshToken">
<JSONPath>$.refresh_token</JSONPath>
</Variable>
</JSONPayload>
</ExtractVariables>
It does not make sense to return only a refresh token. The refresh token is only useful for getting an access token. If you don't send back at least the access token, then the client app will not be able to invoke any APIs. I may be misunderstanding your plan... "send the refresh token back immediately - THEN return the subsequent response only." I don't understand exactly how that would work. The API Proxy can send back just one response to the request-for-token.
When I want to groom the token response, I use JavaScript. This code ought to be pretty clear.
// groomTokenResponse.js // ------------------------------------------------------------------ // // Tweaks the generated OAuth token response. var b1 = JSON.parse(response.content), propertiesToRemove = ['status', 'refresh_token_status', "refresh_token_expires_in", "client_id", 'token_type', 'organization_name', 'scope', 'application_name', 'api_product_list_json', 'api_product_list', 'refresh_count', 'developer.email']; if (b1.access_token) { propertiesToRemove.forEach(function(item){ delete b1[item]; }); // pretty-print the resulting JSON context.setVariable('response.content', JSON.stringify(b1, null, 2)); }
This is all just in-memory manipulation, so it will be fast. The result might be:
{ "access_token" : "hsdisufhkjsdhdskj", "refresh_token" : "ajqq3673yehjhekhs" }
Obviously if you are sending only 2 properties back it might be simpler to just do this:
var b1 = JSON.parse(response.content), newResponse; if (b1.access_token) { newResponse = { access_token: b1.access_token, refresh_token : b1.refresh_token } ; // pretty-print the resulting JSON context.setVariable('response.content', JSON.stringify(newResponse, null, 2)); }
User | Count |
---|---|
7 | |
2 | |
2 | |
1 | |
1 |