This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

API Proxy using "Pass-Through SOAP" not able to attach to "Publish -> Developer Apps"

Posted on 11-16-2018 08:51 AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi community,

Well know that if you choose "Pass-Through SOAP" security has just "Pass through (none)" enabled. But you can add OAuth v2.0 after finishing wizard configuration, so I did it. Having OAut like this:

<OAuthV2async="false"continueOnError="false"enabled="true"name="verify-oauth-v2-access-token"><DisplayName>Verify OAuth v2.0 Access Token</DisplayName><Operation>VerifyAccessToken</Operation></OAuthV2>

Then I created a developer, now tried to register my previous app, but not able to find it.

Thing is that we want to still use SOAP call (no issues using the APIGee one), but using a security layer, so we have just to options, OAuth or API Key, in botch cases you need to create a developer and then add or register an app. It is not working, any clue.

Thanks for your time.

0 6 900
Topic Labels
0 Likes
6 REPLIES 6

Posted on --/--/---- --:-- AM
sidd-harth
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi @Miguel Alcantara , I think you should be adding the Soap proxy to an API Product. This API Product can be added to your Developer App.

We cannot add Procies to Developer Apps.

0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to sidd-harth
Reply posted on --/--/---- --:-- AM

Hi Siddharth, I guess I didn't explain well myself. This is the thing: I did create a Proxy SOAP service (pass-through), when you choose this option security options are disabled by default, but I need to add security layer, so I added a OAuth after finishing the wizard creation proxy in order to follow this example:

https://docs.apigee.com/api-platform/tutorials/secure-calls-your-api-through-oauth-20-client-credent...

It didnt work for section:

Register an app

Because my proxy is not being listed in Product list.

We need to add a security layer to our SOAP services, my question is if that is possible following the example pasted above, obviously considering we have a SOAP services and not REST API. If you think so, please share some link or so in order to accomplish our task.

BTW, if not feasible to add security layer to a proxy SOAP pass.through, is there any document which explains the reason?, I'd be great to know why.

Thanks for your time and effort.

0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to sidd-harth
Reply posted on --/--/---- --:-- AM

BTW, reading this link

https://docs.apigee.com/api-platform/develop/exposing-soap-service-api-proxy#creatingapassthroughpro...

It says literally:

9. Click through the rest of the wizard to add security, select virtual hosts, and deployment environment.

Which is not activated, neither in our organization or my personal free trial in apigee.com

Thanks.

0 Likes

Posted on --/--/---- --:-- AM
bhatikuldeep
Silver 2
Silver 2
Reply posted on --/--/---- --:-- AM

Hi @Miguel Alcantara,

I just checked and followed the steps you mentioned, for it works as it should be;

Steps that I followed;

1. create a SOAP service - using create proxy wizard;

2. entered sample WSDL (via URL) - https://svn.apache.org/repos/asf/airavata/sandbox/xbaya-web/test/Calculator.wsdl (it is just an example, I did not find a better one, but does not matter, as we want to enforce the oath at later stage)

3. Proxy type - Pass-Through SOAP

4. Authorization - Pass through (none)

5. Build and deploy;

6. if you have not changed the base path; your proxy shall return the XML using this URL - GET {your proxy end point}/calculator;

7. Assuming we want to protect it; you can add one policy to your proxy reflow - may be the first one; which is OAuth 2.0 VerifyAccessToken as follows;

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OAuthV2 async="false" continueOnError="false" enabled="true" name="OAuth-v20-1">
    <DisplayName>OAuth v2.0-1</DisplayName>
    <Properties/>
    <Attributes/>
    <ExternalAuthorization>false</ExternalAuthorization>
    <Operation>VerifyAccessToken</Operation>
    <SupportedGrantTypes/>
    <GenerateResponse enabled="true"/>
    <Tokens/>
</OAuthV2>

8. Once you have this in place, and retry accessing your api; GET {your proxy end point}/calculator, should give your below error; 

{
    "fault": {
        "faultstring": "Invalid access token",
        "detail": {
            "errorcode": "oauth.v2.InvalidAccessToken"
        }
    }
}

9. that's pretty much all of it! I am sure, you already know who to get a request a token and pass it to get access to this API.

Good luck, I hope this helps, if not let me know.

0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to bhatikuldeep
Reply posted on --/--/---- --:-- AM

Hi @Kuldeep Bhati , thanks for your response. I did follow the steps you mention above and all fine 'till step 8; for step 9, I'm the same person who will provide the token. I did follow this tutorial:

https://docs.apigee.com/api-platform/tutorials/secure-calls-your-api-through-oauth-20-client-credent...

Which is not working on step Register an app, because when I tried to +Developer App, my SOAP proxy is not being listened

7720-registerapp.png

Thanks for your support.

0 Likes

Posted on --/--/---- --:-- AM
bhatikuldeep
Silver 2
Silver 2
Reply posted on --/--/---- --:-- AM

Hi @Miguel Alcantara,

Sorry my bad, typo! On step 9, I meant "how" not "who", never mind.

To answer you shortly to your question, your SOAP proxy won't be listed under your developer app; in fact it is added under an API product.

So, In practise the api proxy is associated/or part of the API Product and it is not added to your developer apps;

10. So you should first try creating an API Product, add your soap api proxy there; you can refer this page the steps - https://docs.apigee.com/api-platform/publish/create-api-products.html

11. Once you have API Product, then create an developer and when you create app, select api product created on step 10, that's how you give access to your API to this developer app.

12. I assume you have a default OAuth proxy deployed to your org and environment, if not you can use the attached zip (oauth-v1-rev7-2018-11-20.zip) to create a new proxy using create proxy wizard as a bundled zip.

13. Assuming your have deployed the proxy me toned on step 12, and once this oauth proxy is deployed, you can request the token by passing the developer app (created on step 11), key and secret with grant type client_credentials, as follows; 

example;

curl -X POST \
  https://{your proxy end point}/v1/oauth/token \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'grant_type=client_credentials&client_id=pZzMdU2GhZEUcKc8wvpiOwJGrVNesFUJ&client_secret=gVKNNsUCHXBTlOwa'

sample call;

curl -X POST \
  https://xyz-test.apigee.net/v1/oauth/token \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -H 'Postman-Token: 482ab82d-7c7d-45f3-9fe1-06879c35053a' \
  -H 'cache-control: no-cache' \
  -d 'grant_type=client_credentials&client_id=pAWMdU2GhZEUcKc8wvpiOwJGrVNesFUJ&client_secret=gVKNNsUCYHBTlOwa'

The response of the above call should return below JSON;

{
    "access_token": "fCOWahH1gGDLD1LQYQquNQVCiIve",
    "token_type": "BearerToken",
    "expires_in": "3599"
}
<br>

Note, I have customised the response, you can check the api proxy you just previously uploaded if necessary and also can read more about it here, but use that for later.

14. Use the above token as Bearer token to make a successful call to your SOAP Proxy, with below curl command; replace the proxy endpoint and token accordingly, below is just an sample;

curl -X GET \
  http://xyz-test.apigee.net/v1/calculator \
  -H 'Authorization: Bearer fCOWxsH1gGDLD1LQYQquNQVCiIve'
<br>

15. That's it.

I hope this helps, success.

oauth-v1-rev7-2018-11-20.zip
0 Likes