How to restrict target calls based on header?

archanachowdary · 07-12-2018 04:31 AM

So ,I have used JS policy to extract a header from the target endpoint. So after doing splitting and replacing i finally got lets say {header limit= 5} now what should happen is

1.This limit header should be extracted every time from the api response and stored.

2.I should check this valve and should be able stop calling my target url after my Limit header reaches to a particular number say 90.One more thing i should make this check before i call my target url.

Important thing is i cannot directly extract the header as it has multiple values and is in JSON .Tried many things finally got what i needed.

So my question is how to i achieve this .Can i use KVM ?but the header value is dynamic ?

sidd-harth

Hi @archana, can you please re-phrase your question.

Do you want to restrict proxy calls or target call?

archanachowdary

Target calls.

dchiesa1

After the JS callout executes and extracts the limit number (passed by the client, I suppose), then you can set a context variable containing that value. Let's call it "provided_limit". Now every subsequent step and condition can access that variable.

OK, now a question:

Do you want to limit based ONLY on the value of the header. Not based on any context or other state? (In other words the client tracks the state and increments the limit value with each call).

Or do you want to limit based on the number of calls received over a particular time?

For the latter, there is the builtin quota policy. It tracks the state - the number of calls received over a unit of time. You don't need to mess with caching or KVM. You can reference the provided_limit variable on the Quota policy for the Count.

<Quota name="Q-1" type='flexi'>
    <Interval>1</Interval>
    <TimeUnit>minute</TimeUnit>
    <Allow countRef='provided_limit'/>
</Quota>

And you'd need to insert that Quota policy in the flow after the JS step.

For the former, then I guess the actual limit is a fixed value, and you'd just use a condition and a RaiseFault.

<Step>
  <Condition>provided_limit > 90</Condition>
  <Name>RaiseFault-Disallowed</Name>
</Step>

archanachowdary

@Dino-at-Google

Hi

Yes i would like to limit the calls based on header value which should be updated after every call.

So the process

1. Get the header value from JS

2.Check if is equal to 90(constant number) (limit header < allowed limit) where allowed limit is constant and limit header varies with call.

if it greater than allowed limit then stop the calls to target and resume calls after one hour.

The limit header is dynamic .

I dont want the quota policy to increment it on it owns. I can see from your answer that i can use raise fault policy but how to resume calls after one hour .

anilsr

@archana

What is the purpose of doing same ? Are you trying to implement dynamic quota based on response header ? Why do you say, I don't want the quota policy ? Actually, What you are trying to do is Quota Policy ? You can let quota policy take the response header as reference to enforce quota.

Am i missing something here ? Give me a detailed example, I still believe quota policy solves your problem.

archanachowdary

Facebook sends JSON formatted string X-app-usage header .It looks like something shown below .x represents the percentage of calls .I should make sure to stop calls once the x reaches 98 percentage,before it reaches 100 or cross 100 % to avoid rate limit. I dont have a definite number to use and this x is not a number to increment as we do in quota .I dont want a counter Facebook does that for me i want is check and restrict and resume calls after hour.So is it clear @Anil Sagar @ Google

{"call_count": x,"total_time": y,"total_cputime": z
}